Blog

F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info

US tech company F5 has suffered a breach, and the attackers made off with source code of and vulnerability information related to its BIG-IP family of networking and security products, the company confirmed today. BIG-IP vulnerabilities are often leveraged by attackers, and the fear is that the threat actor may use the stolen code to find more of them and use the knowledge to develop targeted exploits, the UK National Cyber Security Centre has noted. … More → The post F5 data breach: “Nation-state attackers” stole BIG-IP source code, vulnerability info appeared first on Help Net Security.
http://news.poseidon-us.com/TNhdxF

Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities

Multiple vulnerabilities in Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco Session Initiation Protocol (SIP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or conduct a cross-site scripting (XSS) attack against a user of the web UI. Note: To exploit these vulnerabilities, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-dos-FPyjLV7A Security Impact Rating: High CVE: CVE-2025-20350,CVE-2025-20351
http://news.poseidon-us.com/TNhcWN

Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities

Multiple Cisco products are affected by vulnerabilities in the HTTP Multipurpose Internet Mail Extensions (MIME) Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak possible sensitive information or to restart. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort3-mime-vulns-tTL8PgVH Security Impact Rating: Medium CVE: CVE-2025-20359,CVE-2025-20360
http://news.poseidon-us.com/TNhcW2

Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability

A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability exists because certain unencrypted credentials are stored when SIP media component logging is enabled. An attacker could exploit this vulnerability by accessing the audit logs on an affected system and obtaining credentials to which they may not normally have access. A successful exploit could allow the attacker to use those credentials to access confidential information, some of which may contain personally identifiable information (PII). Note: To access the logs that are stored in the Webex Cloud or stored on the device itself, an attacker must have valid administrative credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-roomos-inf-disc-qGgsbxAm Security Impact Rating: Medium CVE: CVE-2025-20329
http://news.poseidon-us.com/TNhcTq

Harmonic Security targets AI data risks with Model Context Protocol Gateway

Harmonic Security announced Model Context Protocol (MCP) Gateway, a developer-friendly, locally installed gateway that gives security teams complete visibility and control over their organization’s agentic AI ecosystem. The solution intercepts all MCP traffic enabling security teams to discover what clients and servers are in use, enforce granular policies to block risky actions, and apply Harmonic’s sensitive data models to prevent the exfiltration of critical intellectual property and other sensitive information. Without visibility or controls, sensitive … More → The post Harmonic Security targets AI data risks with Model Context Protocol Gateway appeared first on Help Net Security.
http://news.poseidon-us.com/TNhRPM

Blumira rolls out SOC Auto-Focus to streamline threat investigation

Blumira launched SOC Auto-Focus, an AI-powered security investigation tool, alongside enhancements to its Managed Service Provider (MSP) partner program. SOC Auto-Focus is designed to help IT teams and MSPs work smarter, reduce alert fatigue and accelerate incident response through contextual intelligence and expert guidance. SOC Auto-Focus is a fundamental shift for how under-resourced IT administrators and security teams approach threat investigation. Rather than replacing human decision-making, the solution enhances analyst capabilities by providing context, prioritization … More → The post Blumira rolls out SOC Auto-Focus to streamline threat investigation appeared first on Help Net Security.
http://news.poseidon-us.com/TNhRNF