Aggregator

Cofense has announced new advancements to its Phishing Defense Platform aimed at improving detection and response to AI-powered phishing attacks. The updates include AI-driven phishing detection, enhanced triage automation, and AI-assisted training campaign creation designed to strengthen protection across the phishing lifecycle. Phishing threats are no longer one-off emails. Attackers launch coordinated, polymorphic campaigns that deliberately vary content, senders, and delivery patterns to evade both traditional and AI-only detection approaches. The Cofense platform combines AI … More →

The post Cofense adds AI-powered campaign detection to stop phishing attacks appeared first on Help Net Security.

You must login to view this content

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. 

• CVE-2026-20182 Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability 

This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise.

Note: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlined in Emergency Directive 26-03: Mitigate Vulnerabilities in Cisco SD-WAN Systems and Supplemental Direction ED 26-03: Hunt and Hardening Guidance for Cisco SD-WAN Systems. Adhere to the applicable Binding Operational Directive (BOD) 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the KEV Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. 

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of KEV Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.  

Editor’s note: The analysis is authored by Moises Cerqueira, malware researcher & threat hunter. You can find Moises on LinkedIn and X. Credential theft malware rarely announces itself with ransomware-level noise. Instead, it operates like a silent siphon hidden inside everyday business workflows: invoices, payroll files, purchase orders, procurement requests. Agent Tesla campaigns are especially dangerous because they target the operational […]

The post LATAM Under Siege: Agent Tesla’s 18-Month Credential Theft Campaign Against Chilean Enterprises appeared first on ANY.RUN's Cybersecurity Blog.