2 Cyber security Vulnerabilities Affecting Hikvision & Rockwell Automation-CVSS 9.8 Flaws
CISA emphasized the urgency of addressing these vulnerabilities
Continue ReadingCyber threats
Cyber Security Trends 2026; Cloud Environments, Identity systems & Third-Party Tools Key Area’s of Threat
Cyber Security Trends 2026; Cloud Environments, Identity systems & Third-Party Tools Key Area’s of Threat
Continue Reading
Chrome Latest Update Fixes Multiple High-Severity Security Flaws
Summary : The recent Google Chrome update fixed several serious security issues that could let hackers take control of the browser or steal personal data. These vulnerabilities were mostly related to memory handling and scripting errors in important parts of Chrome like the JavaScript engine (V8) and browser interfaces.
| OEM | |
| Severity | High |
| CVSS Score | 8.8 |
| CVEs | CVE-2025-12725, CVE-2025-12726, CVE-2025-12727, CVE-2025-12728, CVE-2025-12729 |
| POC Available | No |
| Actively Exploited | No |
| Exploited in Wild | No |
| Advisory Version | 1.0 |
Overview
Problems like type confusion and memory misuse could allow attackers to run harmful code just by making users visit malicious websites. Some flaws also affected Chrome’s UI, media processing and extension systems exposing users to possible unauthorized access or data leaks.
| Vulnerability Name | CVE ID | Product Affected | Severity | Fixed Version |
| Out-of-Bounds Write in WebGPU | CVE-2025-12725 | Chrome | High | 142.0.7444.134/135 |
| Inappropriate Implementation in Views (UI Rendering) | CVE-2025-12726 | Chrome | High | 142.0.7444.134/135 |
| Inappropriate Memory Handling in V8 JavaScript Engine | CVE-2025-12727 | Chrome | High | 142.0.7444.134/135 |
| Inappropriate Implementation in Omnibox (Unified Search Bar) | CVE-2025-12728 | Chrome | Medium | 142.0.7444.134/135 |
| Inappropriate Implementation in Omnibox (Unified Search Bar) | CVE-2025-12729 | Chrome | Medium | 142.0.7444.134/135 |
Technical Summary
The bugs included memory corruption issues such as out-of-bound writings and use-after-free errors, which can lead to unpredictable behavior and remote code execution (RCE).
The JavaScript engine vulnerabilities involved mishandling data types or incorrect implementation, enabling attackers to break security boundaries.
Other issues involved UI security logic problems that could mislead users or weaken protections. Google patched all these weaknesses by tightening input validations, fixing memory lifecycle bugs, correcting UI behavior and strengthening internal security checks.
| CVE ID | Component Affected | Vulnerability Details | Impact |
| CVE-2025-12725 | Google Chrome (WebGPU) | Out-of-bounds write in WebGPU due to improper bounds checking, allowing attackers to overwrite memory beyond allocated limits. | Remote Code Execution / Browser Crash |
| CVE-2025-12726 | Google Chrome (Views UI) | Inappropriate implementation in the Views component causing memory corruption. | UI rendering |
| CVE-2025-12727 | Google Chrome (V8 Engine) | Improper handling in the V8 JavaScript engine enabling potential arbitrary code execution through crafted scripts. | Remote Code Execution |
| CVE-2025-12728 | Google Chrome (Omnibox) | Flaws in Omnibox’s implementation could allow UI spoofing or navigation bar manipulation. | UI Spoofing |
| CVE-2025-12729 | Google Chrome (Omnibox) | Similar flaws in Omnibox affecting input validation, leading to potential security bypasses or deceptive UI. | UI Spoofing / Security Bypass |
Recommendations
Update Chrome immediately to the following versions:
- For windows 142.0.7444.134/.135
- For MacOS 142.0.7444.135
- For Linux 142.0.7444.134
You can update by Open Chrome Settings → Help → About Google Chrome, then allow Chrome to check for and install updates immediately.
Along with update you can follow the recommendations below as well
- Enforce Chrome auto-updates across managed endpoints using enterprise policy controls.
- Actively monitor browser crash reports or any suspicious logs potentially linked to exploit attempts.
- Use vulnerability & patch management tools to ensure all endpoints are running the latest version of all applications.
Conclusion:
The Chrome security flaws can compromise devices just through browsing. Because millions use Chrome daily, these gaps were a high risk and google already patched those issues. Keeping any application to the latest version which is the best defense against cyber threats aiming at browsers.
References:
DoW Announced Implementation of CSRMC to Deliver Real Time Cyber Defense, Address Legacy Shortcomming’s
Managing cyber risk across the cyber security set up of an enterprise is harder than ever and keeping architectures and systems secure also compliant can be challenging and over whelming.
DoW (Deprtament of war) recently announced implementing of a groundbreaking Cybersecurity Risk Management Construct (CSRMC).
This is a transformative framework to deliver real-time cyber defense at operational speed and its five-phase construct that ensures a hardened, verifiable, continuously monitored and actively defended environment to ensure that U.S. warfighters maintain technological superiority against rapidly evolving cyber threats.
In comparison the previous Risk management framework dependent on static checklists and manual processes . The framework failed to account for operational needs and cyber survivability requirements.
How (CSRMC) is going to address legacy infrastructure shortcoming?
CSRMC addresses these gaps by shifting from “snapshot in time” assessments to dynamic, automated, and continuous risk management, enabling cyber defense at the speed of relevance required for modern warfare.
The construct is composed of a five-phase lifecycle and ten foundational tenets.
The Five-Phase Lifecycle
The new construct organizes cybersecurity into five phases aligned to system development and operations:
- Design Phase – Security is embedded at the outset, ensuring resilience is built into system architecture.
- Build Phase – Secure designs are implemented as systems achieve Initial Operating Capability (IOC).
- Test Phase – Comprehensive validation and stress testing are performed prior to Full Operating Capability (FOC).
- Onboard Phase – Automated continuous monitoring is activated at deployment to sustain system visibility.
- Operations Phase – Real-time dashboards and alerting mechanisms provide immediate threat detection and rapid response.
Ten Foundational Tenets
The CSRMC has 10 core principal
- Automation – driving efficiency and scale
- Critical Controls – identifying and tracking the controls that matter most to cybersecurity
- Continuous Monitoring and ATO – enabling real-time situational awareness to achieve constant ATO posture
- DevSecOps – supporting secure, agile development and deployment
- Cyber Survivability – enabling operations in contested environments
- Training – upskilling personnel to meet evolving challenges
- Enterprise Services & Inheritance – reducing duplication and compliance burdens
- Operationalization – ensuring stakeholders near real-time visibility of cybersecurity risk posture
- Reciprocity – reuse assessments across systems
- Cybersecurity Assessments – integrating threat-informed testing to validate security
“This construct represents a cultural fundamental shift in how the Department approaches cybersecurity,” said Kattie Arrington, performing the duties of the DoW CIO. “With automation, continuous monitoring, and resilience at its core, the CSRMC empowers the DoW to defend against today’s adversaries while preparing for tomorrow’s challenges.”
With the above tenants DoW is ensuring cyber survivability and mission assurance in every domain,air, land, sea, space, and cyberspace.
Addressing Cyber security risk management
Cybersecurity risk management isn’t simply the job of the security team; everyone in the organization has a role to play. Often siloed, employees and business unit leaders view risk management from their business function.
Intru360 gives security analysts and SOC managers a clear view across the organization, helping them fully understand the extent and context of an attack. It also simplifies workflows by automatically handling alerts, allowing for faster detection of both known and unknown threats.
Identify latest threats without having to purchase, implement, and oversee several solutions or find, hire, and manage a team security analyst. Unify latest threat intelligence and security technologies to prioritize the threats that pose the greatest risk to your company.
GaarudNode is an all-in-one solution designed to empower development teams with the tools they need to secure their applications throughout the development lifecycle. By combining the power of SAST, DAST, SCA, API security, and CSPM, GaarudNode provides a comprehensive security framework that ensures your applications are built, tested, and deployed with confidence.
Mirage Cloak offers various deception methods to detect and stop threats before they cause damage. These methods include adding decoys to the network, deploying breadcrumbs on current enterprise assets, using baits as tripwires on endpoints, and setting up lures with intentionally misconfigured or vulnerable services or applications. The flexible framework also lets customers add new deception methods as needed.
BISO Analytics stands out as the pioneering security analytics platform designed to assist enterprises in effectively handling their first-party, third-party, and emerging risks, all within a single platform. This comprehensive solution facilitates a quicker and safer progression for your business.
By adopting a groundbreaking approach, BISO Analytics integrates open, data-centric cyber risk management practices, offering organizations a consolidated view of their cyber risk landscape across the entire attack surface.
BISO Analytics empowers CXO, mid-management, and operational teams with real-time, reliable, and defensible data that not only complies with regulatory standards but also aligns with the expectations of the board regarding safeguarding shareholder value and fortifying the business.
Why it is important to implement cybersecurity risk management at organisational level
Having an effective cybersecurity risk management program can only be implemented in an organization through a structured process. This requires careful planning, resource allocation and commitment to improving security framework.
Registering documents that assess risk related activities include high asset inventories like all systems and data. When risk are registered it contain records of determined risk, data theft or results of assessment and planned treatments.
Organizations that possess all documentation involving controls and their implementation level. In this scenario organizations actually understands what exactly is risk assessment and identifying what can go wrong in an organization’s system either anything that is via threats, vulnerabilities and their possible impact.
As the saying goes we can’t protect what you don’t understand and one can’t manage what they don’t assess.
Visit our website for more informed details on our products.
(Source: www.miragenews.com/war-dept-unveils-new-cybersecurity-risk-1540279/)
Ways to combat Cyber Threats; Strengthen your SOC’s readiness involves 3 key strategies
Cyber threats are no longer limited to human attackers, with AI-driven “bad bot” attacks now accounting for 1/3 as per research. These attacks can be automated, allowing attackers to launch more extensive and efficient campaigns
Organizations are now exposed new risks, providing cybercriminals with more entry points and potential “surface areas” to exploit as they go digital and adopt to innovations and wider use of digital technologies.
Some of the types of bad bots are DDoS bots, which disrupt a website or online service by overwhelming it with traffic from multiple sources.
Cybercriminals are using Gen-AI tools to improve the efficiency and yield of their campaigns – with Check Point Research’s recent AI Security Report 2025 flagging the use of the technology for malicious activities like AI-enhanced impersonation and social engineering.
Account takeover bots, which use stolen credentials to access users’ online accounts; web content scraping bots, which copy and reuse website content without permission; and social media bots, which spread fake news and propaganda on social media platforms.
The purpose of Bad Bot is expose critical flaws and vulnerabilities within the security frameworks that IT leaders have established in their architectures and operations.
Unfortunately, traditional security operations centers (SOCs) are built to detect threats based on predefined rules and human-driven logic or characteristics.
AI-powered bots use automation and adaptive methods to execute more sophisticated and dynamic attacks that can bypass these existing defences.
Vulnerabilities are evolving so SOC team have more responsibilities then before as BOTs are AI powered.
Here we outlined three strategies to strengthen your SOC readiness
1.SOC team an essential or important component of business are in Fatigue Zone:
SOCs continuously monitor your organization’s network, systems, and applications to identify potential vulnerabilities and detect any signs of malicious activity.
SOC team quickly takes action to contain the threat and minimize damage, ultimately reducing the overall impact on your business.
Ponemon institute research say SOC teams are fatigued and one research pointed that 65% has fatigue and burn out issues.
That means Cyber security need to support the SOC teams and research found highlight that a lack of visibility and having to perform repetitive tasks are major contributors to analyst burnout.
Threat hunting teams have a difficult time identifying threats because they have too many IOCs to track, too much internal traffic to compare against IOCs.
Sometimes organizations have lack internal resources and expertise and too many false positives.
Bringing out SOC team from fatigue issue is as important as investing on training, upskilling on cyber skills and development to keep your team’s spirit high.
Establish Key Performance Indicators (KPIs) to measure the effectiveness of your SOC. Monitor these KPIs closely and use them to identify areas for improvement.
2. How do Organization harness Nex-gen technology to combat cyber Threats
Staying abreast of industry trends and best practices to ensure your SOC teams remains at the forefront of cyber security or ahead of the curve with Nex-gen technologies.
So that SOC teams can detect and respond to threats more quickly and efficiently, get holistic view of organizations security posture, AI and ML can augment the SOC team by automating routine task.
Many organizations are adopting hybrid cloud infrastructure and SaaS applications for productivity and cost efficiency reasons. But organizations face difficulty of managing and securing the data on those platforms, which is again leading to higher breach costs.
Darktrace report says 78% of the more than 1,500 security executives responding to a recent survey said that AI-powered threats are having a significant impact on their organizations – with many admitting they lack the knowledge, skills, and personnel to successfully defend against those threats.
Many organizations are already leveraging AI as a cyber-security tool.
Now more IT leaders say they are integrating AI into their cloud strategies for use in advanced security and threat detection.
Organizations can encounter several challenges when integrating AI into their cloud strategies.
Along with SOC team who seamlessly integrate across the organization, same is for AI. Seamless integrations of AI will make it easier for AI-assisted threat detection, notification, enrichment and remediation.
The purpose is AI should focus on tuning models that is organization specific environment. Once done AI will integrate threat intelligence and filtering will be done based on specific context. This will help reinforcing trust with customers and stakeholders.
3. Investing in Predictive Threat Modelling priority for Nex-gen SOC Teams
In this era where AI is being leveraged by organisation to derive accuracy, SOC teams who are evolving will prefer investing in intelligence predictive threat models that are proactive in nature to anticipate risks and refine their response strategies.
When organizations have a Threat Intelligence-Driven SOC it is easier to transform security operations from reactive to proactive defence. Most of the organization builds and operates its own SOC. That is done by employing a dedicated team of cyber security professionals who offers to take complete control over security operations but can be resource-intensive.
AI makes the process easier, as having AI-driven analytics will assist detect anomalous behaviours and zero-day threats.
Further with implementing predictive threat modelling to anticipate emerging attack patterns and leveraging the right frameworks, tools and best practices will help organizations build an intelligence-driven SOC. And with an intelligence-driven SOC team, anticipating any cyber threats can be dealt with efficiency.
IntruceptLabs now offers Mirage Cloak and to summarise Mirage Cloak offers various deception methods to detect and stop threats before they cause damage.
These methods include adding decoys to the network, deploying breadcrumbs on current enterprise assets, using baits as tripwires on endpoints.
This is executed by setting up lures with intentionally misconfigured or vulnerable services or applications.
The flexible framework also lets customers add new deception methods as needed.
Conclusion: Organizations can better protect their digital assets and ensure business continuity by understanding the key components and best practices for building a successful SOC.
At the end we must accept that to defend against any sort of AI attack, SOC teams must evolve with right collaborations and effective communication between partners seamlessly to evaluate information to stay ahead of attackers.
Complexities Compounding in Cyber Landscape; WEF Global Cybersecurity Outlook 2025 Analysis
WEF Global Cybersecurity Outlook 2025
Continue Reading
Cisco Meeting Management to Prone to Attack Vectors; Vulnerability CVE-2025-20156
Cisco has warned about a new privilege escalation vulnerability in its Meeting Management tool that could allow a remote attacker to gain administrator privileges on exposed instances.
The vulnerability, CVE-2025-20156 was disclosed by Cisco on January 22 and is awaiting further analysis by the US National Vulnerability Database (NVD)
| OEM | Cisco |
| Severity | Critical |
| CVSS | 9.9 |
| CVEs | CVE-2025-20156 |
| Exploited in Wild | No |
| Patch/Remediation Available | Yes |
| Advisory Version | 1.0 |
Overview
A critical vulnerability (CVE-2025-20156) in Cisco Meeting Management could allow attackers to gain unauthorized administrative access. This issue affects versions prior to 3.9.1 and has been classified as critical. Cisco strongly recommends updating to the latest fixed version to address this risk.
| Vulnerability Name | CVE ID | Product Affected | Severity |
| Privilege Escalation Vulnerability | CVE-2025-20156 | Cisco | Critical |
Technical Summary
A critical security vulnerability has been identified in Cisco Meeting Management. This flaw resides in the REST API and stems from improper enforcement of authorization protocols for REST API users. Remote, authenticated attackers with low-level privileges can exploit this issue by sending specially crafted API requests to specific endpoints. A successful exploit could allow attackers to escalate their privileges to administrator level and gain control over edge nodes managed by Cisco Meeting Management.
| CVE ID | System Affected | Vulnerability Details | Impact |
| CVE-2025-20156 | Cisco Meeting Management prior to version 3.9.1 | Insufficient authorization checks in the REST API allow attackers to send crafted API requests to escalate privileges. | Attackers can gain full administrative control and disrupt business operations. |
Remediation:
- Update to the Latest Version:
- Upgrade Cisco Meeting Management to version 3.9.1or later.
- Regular Security Practices:
- Monitor Cisco’s security advisories.
- Regularly update systems to address emerging threats.
Conclusion:
CVE-2025-20156 poses a critical risk to Cisco Meeting Management users. Exploiting this flaw could disrupt operations by granting attacker’s administrative control. Immediate updates are crucial to mitigate the risk and protect affected systems.
References:
- https://cybersecuritynews.com/cisco-meeting-management-vulnerability/
Recent Comments