#CyberMonday 5 CVEs jumped 50%+ in exploitability in 7 days. Are you chasing the wrong threats?
Another week, another reminder that cybersecurity never sleeps. Here’s what caught my eye.
🔥 Top News:
1️⃣ Linux flaws in Ubuntu, RHEL, Fedora → password hash theft via core dumps. Not flashy, but deadly if missed.
2️⃣ U.S. DoJ took down 4 “crypting service” domains. Attackers keep innovating, law enforcement is catching up.
3️⃣ EDDIESTEALER malware broke Chrome’s latest encryption. Even browser security is a moving target.
4️⃣ China-linked APTs went after SQL Server, expanding attack vectors across Asia and Brazil.
5️⃣ Microsoft OneDrive File Picker bug → possible exposure of whole cloud storage, not just the file you pick.
ESSP score check: CVE-2024-9916 went from low risk to 80.49% exploitability — up 79.40 points. That’s a warning to look at.
More at cvedetails.com
Here’s what I’ve learned:
→ The “boring” stuff — core dump handlers, file pickers, config basics — gets ignored until attackers show us why it matters.
→ 80% of cloud breaches start with simple misconfigurations, not zero-days. Remember Capital One’s $1.8M lesson?
→ Attackers target what we trust most: “invisible” things that hold our systems together.
My take: Security leaders who audit the basics win the long game. Fancy tools matter, but discipline around the fundamentals saves millions.
Are you focusing on the right risks? Or is your team missing what’s hiding in plain sight?
Stay secure out there.😑
__
Enjoy this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn
#Cybersecurity #InfoSec #ThreatIntel
Another week, another reminder that cybersecurity never sleeps. Here’s what caught my eye.
1️⃣ Linux flaws in Ubuntu, RHEL, Fedora → password hash theft via core dumps. Not flashy, but deadly if missed.
2️⃣ U.S. DoJ took down 4 “crypting service” domains. Attackers keep innovating, law enforcement is catching up.
3️⃣ EDDIESTEALER malware broke Chrome’s latest encryption. Even browser security is a moving target.
4️⃣ China-linked APTs went after SQL Server, expanding attack vectors across Asia and Brazil.
5️⃣ Microsoft OneDrive File Picker bug → possible exposure of whole cloud storage, not just the file you pick.
ESSP score check: CVE-2024-9916 went from low risk to 80.49% exploitability — up 79.40 points. That’s a warning to look at.
More at cvedetails.com
Here’s what I’ve learned:
→ The “boring” stuff — core dump handlers, file pickers, config basics — gets ignored until attackers show us why it matters.
→ 80% of cloud breaches start with simple misconfigurations, not zero-days. Remember Capital One’s $1.8M lesson?
→ Attackers target what we trust most: “invisible” things that hold our systems together.
My take: Security leaders who audit the basics win the long game. Fancy tools matter, but discipline around the fundamentals saves millions.
Are you focusing on the right risks? Or is your team missing what’s hiding in plain sight?
Stay secure out there.
__
Enjoy this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn
#Cybersecurity #InfoSec #ThreatIntel
Please open Telegram to view this post
VIEW IN TELEGRAM
👍10
After 2 weeks of #CyberMonday threat intel and CVE updates, I want to hear from YOU.
Every Monday, I share the latest threats, key CVEs, and Cybersecurity news to help you stay ahead.
My goal? Make your week safer and save you hours of research. But I know every team has different needs.
Here’s what I want to know:
→ Are these weekly updates helping you spot risks faster?
→ Do you use them to brief your team, patch systems, or guide your strategy?
→ What would make these updates even more useful for you?
Your feedback shapes what I share next. I want #CyberMonday to be your go-to for:
1️⃣ Actionable Threat Intel
2️⃣ Fast CVE Highlights
3️⃣ Simple, clear takeaways you can use right away
Help me deliver the best #Cybersecurity content for YOU 🙂
Every Monday, I share the latest threats, key CVEs, and Cybersecurity news to help you stay ahead.
My goal? Make your week safer and save you hours of research. But I know every team has different needs.
Here’s what I want to know:
→ Are these weekly updates helping you spot risks faster?
→ Do you use them to brief your team, patch systems, or guide your strategy?
→ What would make these updates even more useful for you?
Your feedback shapes what I share next. I want #CyberMonday to be your go-to for:
1️⃣ Actionable Threat Intel
2️⃣ Fast CVE Highlights
3️⃣ Simple, clear takeaways you can use right away
Help me deliver the best #Cybersecurity content for YOU 🙂
👍9
How valuable my weekly #CyberMonday threat and CVE updates?
Anonymous Poll
40%
Essential – saves me hours
56%
Good threat intel
0%
Somewhat useful
4%
Could be better– tell me how👇
🧠 5 Blind Spots That Held Me Back as a Security Leader (Until My Mentor Called Me Out)
For years, I thought being a strong security leader meant fixing every problem. I jumped into tool implementation, led audits, and stayed deep in the technical weeds. I believed doing more was leading more.
Then, I asked for honest feedback from the manager I trust. What I heard was not easy, but it changed my path.
Here are the 5 blind spots that stalled my growth:
1️⃣ Overinvolvement in Execution
I thought being hands-on was the way to lead. But by taking every task myself, I blocked my team from growing. I learned: leadership means empowering others, not doing it all.
2️⃣ Under-communicating Wins & Lessons
I believed results would speak for themselves. They don’t. If you do not share your team’s impact and what you learn (even from mistakes), your work stays hidden. Now, I make it a habit to share short updates about impact, not just activity.
3️⃣ Perfect Messaging Over Timely Connection
I spent too long trying to say things perfectly. This made me miss moments to connect and build trust. Now, I focus on being real, not perfect. Authentic words build stronger teams.
4️⃣ Defaulting to Technical Depth
I thought technical skill was my main tool. But leadership is not about solving every ticket; it is about shaping team culture, budgets, and the big picture. I ask myself: am I leading with my expertise, or with my vision?
5️⃣ Waiting to Feel ‘Ready’ to Share
I waited too long to share my journey. I told myself, “I’ll post after something big.” But real growth happens in public, by sharing small wins, struggles, and lessons as they come.
Every leader has blind spots. These were mine. Facing them with real feedback helped me become not just a better engineer, but a better leader.
What is one leadership blind spot you have seen in yourself or others? How did you work through it?
Stay sharp, stay secure.
__
Enjoy this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn
#Leadership #InfoSec #GrowthMindset
For years, I thought being a strong security leader meant fixing every problem. I jumped into tool implementation, led audits, and stayed deep in the technical weeds. I believed doing more was leading more.
Then, I asked for honest feedback from the manager I trust. What I heard was not easy, but it changed my path.
Here are the 5 blind spots that stalled my growth:
1️⃣ Overinvolvement in Execution
I thought being hands-on was the way to lead. But by taking every task myself, I blocked my team from growing. I learned: leadership means empowering others, not doing it all.
2️⃣ Under-communicating Wins & Lessons
I believed results would speak for themselves. They don’t. If you do not share your team’s impact and what you learn (even from mistakes), your work stays hidden. Now, I make it a habit to share short updates about impact, not just activity.
3️⃣ Perfect Messaging Over Timely Connection
I spent too long trying to say things perfectly. This made me miss moments to connect and build trust. Now, I focus on being real, not perfect. Authentic words build stronger teams.
4️⃣ Defaulting to Technical Depth
I thought technical skill was my main tool. But leadership is not about solving every ticket; it is about shaping team culture, budgets, and the big picture. I ask myself: am I leading with my expertise, or with my vision?
5️⃣ Waiting to Feel ‘Ready’ to Share
I waited too long to share my journey. I told myself, “I’ll post after something big.” But real growth happens in public, by sharing small wins, struggles, and lessons as they come.
Every leader has blind spots. These were mine. Facing them with real feedback helped me become not just a better engineer, but a better leader.
What is one leadership blind spot you have seen in yourself or others? How did you work through it?
Stay sharp, stay secure.
__
Enjoy this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn
#Leadership #InfoSec #GrowthMindset
👍11🤯1
#CyberMonday PathWiper wiped Ukrainian infrastructure in 2025.
Cyber threats are not waiting for us to catch up. The PathWiper attack on Ukrainian critical infrastructure is a warning. Malware is now able to hit fast and giving defenders very little time to react.
🔥 Top News:
1️⃣ Misconfigured HMIs exposed US water systems — hundreds of control dashboards sat open on the internet, some with NO passwords.
2️⃣ Voice phishing attacks are now targeting cloud systems for data extortion.
3️⃣ A critical Cisco ISE flaw (CVSS 9.9) was patched, but proof-of-concept exploit code is already out there.
4️⃣ Chrome extensions leaked user data by sending info over HTTP and hard-coding secrets.
🫢 Recent Critical & High Severity CVEs
→ CVE-2021-32030/39780 (Asus Router #PotentialExpoit)
→ CVE-2024-56145 (Craft CMS #PublicExpoit)
→ CVE-2025-3935 (ScreenConnect #RemoteAccess)
→ CVE-2025-21479/21480 (Qualcome #MemoryLeak)
→ CVE-2025-5419 (Chrome #OutOfBounds)
See full CVE lists for the last 7 and 30 days if you want more detail — https://www.cvedetails.com/
Staying proactive is the only way forward.
My take: Security is not about fear, it is about staying ready. Simple checks can stop big leaks before they start.
Have you checked your extensions lately?😑
__
Enjoy this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #DataProtection #ThreatIntel
Cyber threats are not waiting for us to catch up. The PathWiper attack on Ukrainian critical infrastructure is a warning. Malware is now able to hit fast and giving defenders very little time to react.
1️⃣ Misconfigured HMIs exposed US water systems — hundreds of control dashboards sat open on the internet, some with NO passwords.
2️⃣ Voice phishing attacks are now targeting cloud systems for data extortion.
3️⃣ A critical Cisco ISE flaw (CVSS 9.9) was patched, but proof-of-concept exploit code is already out there.
4️⃣ Chrome extensions leaked user data by sending info over HTTP and hard-coding secrets.
🫢 Recent Critical & High Severity CVEs
→ CVE-2021-32030/39780 (Asus Router #PotentialExpoit)
→ CVE-2024-56145 (Craft CMS #PublicExpoit)
→ CVE-2025-3935 (ScreenConnect #RemoteAccess)
→ CVE-2025-21479/21480 (Qualcome #MemoryLeak)
→ CVE-2025-5419 (Chrome #OutOfBounds)
See full CVE lists for the last 7 and 30 days if you want more detail — https://www.cvedetails.com/
Staying proactive is the only way forward.
My take: Security is not about fear, it is about staying ready. Simple checks can stop big leaks before they start.
Have you checked your extensions lately?
__
Enjoy this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #DataProtection #ThreatIntel
Please open Telegram to view this post
VIEW IN TELEGRAM
👍4🤔1🤯1
I rarely ask for help, but today I must. 30,000 UAH could save real lives.
As a military and cybersecurity professional, my work is usually about building defense, in the cloud and on the ground. Today, I am reaching out for something even more personal.
The 3rd Assault Brigade (3 OShBr 🇺🇦) is in need of our help.
→ The goal is: 30,000 UAH.
→ The need is urgent: funds will support ‘Павук Допхіна’ ('Dolphin Spider'), a new multi-purpose platform built by the Brigade’s own engineers.
→ The impact is real: stronger tech means more lives protected and more missions completed.
Supporting these engineers is not just about equipment. It is about empowering the kind of innovation that keeps people safe and gives us a real edge.
Want to help?
1️⃣ Contribute here: https://send.monobank.ua/jar/A3Y5u1H5cL
2️⃣ If you can’t give, a simple repost can reach someone who can.
From my own experience at the front and in cyber defense, I know every bit counts. I believe in these people, and in our victory.
With faith in the #ZSU🫡
Glory to #Ukraine! 🇺🇦
#StandWithUkraine
As a military and cybersecurity professional, my work is usually about building defense, in the cloud and on the ground. Today, I am reaching out for something even more personal.
The 3rd Assault Brigade (3 OShBr 🇺🇦) is in need of our help.
→ The goal is: 30,000 UAH.
→ The need is urgent: funds will support ‘Павук Допхіна’ ('Dolphin Spider'), a new multi-purpose platform built by the Brigade’s own engineers.
→ The impact is real: stronger tech means more lives protected and more missions completed.
Supporting these engineers is not just about equipment. It is about empowering the kind of innovation that keeps people safe and gives us a real edge.
Want to help?
1️⃣ Contribute here: https://send.monobank.ua/jar/A3Y5u1H5cL
2️⃣ If you can’t give, a simple repost can reach someone who can.
From my own experience at the front and in cyber defense, I know every bit counts. I believe in these people, and in our victory.
With faith in the #ZSU🫡
Glory to #Ukraine! 🇺🇦
#StandWithUkraine
👍5
Want free mentorship? Bring 3 friends who love cybersecurity!
I know how hard it can feel to start in cybersecurity. When I began my journey, I had many questions and not enough answers. Today, I want to give back to the community that helped me learn and grow.
Here’s how it works:
1️⃣ Invite 3 friends who are interested in cybersecurity
2️⃣ Comment below their names
3️⃣ I’ll set up a free 1:1 session with you!💡
What will we talk about?
→ How to start a career in cybersecurity
→ Real-world threat trends and how to defend against them
→ Building a risk-resilient mindset
→ Deep dive into technical security (AWS, Azure, best practices)
Why bring friends?
Cybersecurity is not a solo sport. The more voices we have, the stronger our community becomes. Together, we can build a safer digital world.🌎
I’ve spent over 10 years leading security teams and building strong defenses, in the private sector and for the Armed Forces. I know that sharing knowledge moves us all forward.
If you want to learn, connect, and grow, this is your sign.🚀
Curious about what a session looks like? Ask me @stansecure
Stay secure.😑
__
Enjoying this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #Mentorship
I know how hard it can feel to start in cybersecurity. When I began my journey, I had many questions and not enough answers. Today, I want to give back to the community that helped me learn and grow.
Here’s how it works:
1️⃣ Invite 3 friends who are interested in cybersecurity
2️⃣ Comment below their names
3️⃣ I’ll set up a free 1:1 session with you!💡
What will we talk about?
→ How to start a career in cybersecurity
→ Real-world threat trends and how to defend against them
→ Building a risk-resilient mindset
→ Deep dive into technical security (AWS, Azure, best practices)
Why bring friends?
Cybersecurity is not a solo sport. The more voices we have, the stronger our community becomes. Together, we can build a safer digital world.
I’ve spent over 10 years leading security teams and building strong defenses, in the private sector and for the Armed Forces. I know that sharing knowledge moves us all forward.
If you want to learn, connect, and grow, this is your sign.
Curious about what a session looks like? Ask me @stansecure
Stay secure.
__
Enjoying this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #Mentorship
Please open Telegram to view this post
VIEW IN TELEGRAM
👍12🤯1
The biggest telecom hack in history didn’t start with malware.
It started with a person.
A compromised employee account.
On December 12, 2023, Kyivstar, Ukraine’s largest telecom, was taken down
24 million people lost mobile service.
No phone. No internet. No air raid alerts.
The attackers didn’t break in, they were already inside.
This wasn’t just a breach. It was cyberwar, and a blueprint for what’s coming.
Here are 3 lessons I believe every security leader must act on now:
1️⃣ The Myth of the Impenetrable Fortress is Dead
Attackers got in by targeting people, not tech.
They were inside for weeks before striking.
✔️ Your biggest risk is not your firewall - it’s your people.
✔️ Assume breach. Build from the inside out.
✔️ Security culture matters more than the latest tool.
2️⃣ Resilience > Prevention
When the core was destroyed, prevention didn’t matter.
Recovery did.
✔️ Do your backups survive when the backups are targeted?
✔️ Has your incident response actually been tested under fire?
✔️ Can your business keep running under attack?
3️⃣ Attacks Hit People, Not Just Servers
→ ATMs down.
→ Air Raid Alerts silenced.
→ Lives disrupted.
This wasn’t an IT problem.
It was a humanitarian one.
We defend networks, but what we’re really protecting are communities, economies, and national resilience.
The Kyivstar attack wasn’t just about code.
It was about culture, readiness, and people under pressure.
The real heroes? The engineers working through the night.
Their story matters just as much as the breach.
Stay secure.😑
__
Enjoying this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Resilience #Kyivstar
It started with a person.
A compromised employee account.
On December 12, 2023, Kyivstar, Ukraine’s largest telecom, was taken down
24 million people lost mobile service.
No phone. No internet. No air raid alerts.
The attackers didn’t break in, they were already inside.
This wasn’t just a breach. It was cyberwar, and a blueprint for what’s coming.
Here are 3 lessons I believe every security leader must act on now:
1️⃣ The Myth of the Impenetrable Fortress is Dead
Attackers got in by targeting people, not tech.
They were inside for weeks before striking.
✔️ Your biggest risk is not your firewall - it’s your people.
✔️ Assume breach. Build from the inside out.
✔️ Security culture matters more than the latest tool.
2️⃣ Resilience > Prevention
When the core was destroyed, prevention didn’t matter.
Recovery did.
✔️ Do your backups survive when the backups are targeted?
✔️ Has your incident response actually been tested under fire?
✔️ Can your business keep running under attack?
3️⃣ Attacks Hit People, Not Just Servers
→ ATMs down.
→ Air Raid Alerts silenced.
→ Lives disrupted.
This wasn’t an IT problem.
It was a humanitarian one.
We defend networks, but what we’re really protecting are communities, economies, and national resilience.
The Kyivstar attack wasn’t just about code.
It was about culture, readiness, and people under pressure.
The real heroes? The engineers working through the night.
Their story matters just as much as the breach.
Stay secure.
__
Enjoying this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Resilience #Kyivstar
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
👍17🤯2
#CyberMonday EchoLeak: Zero-click AI attacks now steal Microsoft 365 data with no user action needed.
A new threat called EchoLeak has appeared recently. Attackers can now pull sensitive data right out of Microsoft 365 Copilot - no clicks, no alerts, no warning. Zero-click means users do nothing, but data still leaves the building. 🫢
EchoLeak uses prompt injection to break through Copilot’s context and steal information. The bad actor does not need to trick you; AI becomes the way in.
This is part of a bigger trend:
More AI tools = more risk
🔥 Top News:
1️⃣ Salesforce, over 20 configuration weaknesses found exposing sensitive data.
2️⃣ Microsoft fixed 67 security flaws in Patch Tuesday (11 critical!).
3️⃣ Apple patched a zero-click bug in Messages used for spying.
4️⃣ Over 269,000 websites hit by JavaScript malware in one month.
🫢 Recent Critical & High Severity CVEs
→ CVE-2025-24016 (Wazuh #KnownExploited)
→ CVE-2025-32433 (Erlang #KnownExploited)
→ CVE-2024-42009 (Webmail #KnownExploited)
→ CVE-2025-33053 (WebDAV #PublicExploit)
See full CVE lists for the last 7 and 30 days if you want more detail — https://lnkd.in/dHN8u6nA
Stay alert, patch fast, and treat AI like every other critical system.😑
Which threat worries you most right now?
__
Enjoy this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #InfoSec #ThreatIntel
A new threat called EchoLeak has appeared recently. Attackers can now pull sensitive data right out of Microsoft 365 Copilot - no clicks, no alerts, no warning. Zero-click means users do nothing, but data still leaves the building. 🫢
EchoLeak uses prompt injection to break through Copilot’s context and steal information. The bad actor does not need to trick you; AI becomes the way in.
This is part of a bigger trend:
More AI tools = more risk
1️⃣ Salesforce, over 20 configuration weaknesses found exposing sensitive data.
2️⃣ Microsoft fixed 67 security flaws in Patch Tuesday (11 critical!).
3️⃣ Apple patched a zero-click bug in Messages used for spying.
4️⃣ Over 269,000 websites hit by JavaScript malware in one month.
🫢 Recent Critical & High Severity CVEs
→ CVE-2025-24016 (Wazuh #KnownExploited)
→ CVE-2025-32433 (Erlang #KnownExploited)
→ CVE-2024-42009 (Webmail #KnownExploited)
→ CVE-2025-33053 (WebDAV #PublicExploit)
See full CVE lists for the last 7 and 30 days if you want more detail — https://lnkd.in/dHN8u6nA
Stay alert, patch fast, and treat AI like every other critical system.
Which threat worries you most right now?
__
Enjoy this? 🔄 Repost it to your network and follow @securediary for more.
Join me on LinkedIn.
#Cybersecurity #InfoSec #ThreatIntel
Please open Telegram to view this post
VIEW IN TELEGRAM
👍3🤯2