Human-in-the-loop security will define 2026: Predictions from Sophos experts

A recently patched security flaw in Microsoft Windows Server Update Services (WSUS) has been exploited by threat actors to distribute malware known as ShadowPad. “The attacker targeted Windows Servers with WSUS enabled, exploiting CVE-2025-59287 for initial access,” AhnLab Security Intelligence Center (ASEC) said in a report published last week. “They then used PowerCat, an open-source

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of vulnerabilities is as follows – CVE-2024-45195 (CVSS score: 7.5/9.8) – A forced browsing vulnerability in Apache OFBiz that allows a remote attacker to…

Mark Keierleber has an interesting and concerning update on the BoardDocs breach previously reported by DataBreaches on June 1: BoardDocs, a software tool used by thousands of school boards to track meeting minutes and store confidential information, has suffered a data breach affecting districts nationally, The 74 has learned. Records at the center of the…

Sophos X-Ops looks at the realism of this year’s MITRE ATT&CK Evaluations

Salesforce has warned of detected “unusual activity” related to Gainsight-published applications connected to the platform. “Our investigation indicates this activity may have enabled unauthorized access to certain customers’ Salesforce data through the app’s connection,” the company said in an advisory. The cloud services firm said it has taken the step of revoking all active access…

The following is a machine translation from a report in Ukrainian by the country’s national police cyber department: A 35-year-old man hacked more than 5,000 customer accounts of a world-famous hosting company to generate cryptocurrency on the organization’s servers. The defendant faces up to 15 years in prison. Police officers determined that a 35-year-old native…