Newly Discovered Vulnerabilities and Attacks:

  • Gladinet’s Triofox and CentreStack are under active exploitation due to a critical RCE vulnerability, impacting seven organizations.
  • ResolverRAT, a new remote access trojan, targets healthcare and pharmaceutical sectors through phishing and DLL side-loading attacks.
  • Cybersecurity researchers have identified a phishing campaign using real-time checks to validate victim emails before credential theft.

Data Breaches and Security Incidents:

  • Hertz Corporation confirms a data breach where customer information and driver’s licenses were stolen in Cleo zero-day data theft attacks.
  • Conduent, a govtech giant, discloses client data was stolen in a January 2025 cyberattack.

Regulatory and Policy Developments:

  • Meta resumes E.U. AI training using public user data after regulatory approval, aiming to train AI models with public data shared by adults in the European Union.
  • Microsoft issues Windows updates to fix Active Directory policy issues and advises users to ignore WinRE installation errors.
  • The CA/Browser Forum votes to reduce SSL/TLS certificate lifespans to 47 days by 2029 to enhance security.

Notable Threat Actors and Tools:

  • Fortinet zero-day bug may lead to arbitrary code execution, with a threat actor posting about the exploit after Fortinet warned of active vulnerabilities.
  • Chinese APTs exploit EDR “visibility gap” for cyber espionage, targeting network blind spots like firewalls, IoT devices, and the cloud.
  • Cybersecurity firm Prodaft buys hacker forum accounts to spy on cybercriminals and enhance threat intelligence capabilities.

Industry Impacts and Recommendations:

  • Cybersecurity in the AI era is evolving rapidly, with attackers leveraging AI for automation and sophisticated attacks, highlighting the need for defenders to evolve quickly.
  • Wazuh, an open-source XDR platform, enhances DevSecOps by providing real-time threat detection, compliance, and vulnerability scanning for stronger security strategies.