Insights

June 12, 2025 - Palo Alto Networks has released seven new security advisories detailing critical and medium-severity vulnerabilities affecting several of its core products, including GlobalProtect, PAN-OS, Prisma Access, and Cortex XDR. High-Severity: GlobalProtect for macOS - CVE-2025-4232 The most severe of the disclosed vulnerabilities is an improper wildcard neutralization flaw in GlobalProtect for macOS. Tracked as CVE-2025-4232, this vulnerability affects the application's log collection feature and could allow an authenticated attacker to escalate privileges to root via code injection. Chrome Fixes and Prisma Access Exposure In conjunction with internal updates, Palo Alto also implemented 11 recent Chrome-related security fixes, including a patch for CVE-2025-4233 - a cache vulnerability affecting the Prisma Access Browser. Command Injection Vulnerabilities in PAN-OS Two additional command injection flaws were identified in PAN-OS: CVE-2025-4231: Exploitable through the management web interface by an authenticated administrator with network access, allowing command execution as root. CVE-2025-4230: Exploitable via…

Ivanti and Fortinet have released security updates to resolve over a dozen vulnerabilities across their platforms, including several rated high severity. Ivanti Vulnerabilities Ivanti published an update for Workspace Control (IWC) to address three high-severity vulnerabilities-CVE-2025-5353, CVE-2025-22463, and CVE-2025-22455. These flaws stem from hardcoded encryption keys present in IWC versions 10.19.0.0 and earlier, which could allow authenticated attackers to decrypt stored SQL credentials and environment passwords. Ivanti stated the issues were discovered through its responsible disclosure program and confirmed no active exploitation at the time of disclosure. Fortinet Vulnerabilities Fortinet released 14 security fixes this week, including one high-severity vulnerability and 13 rated medium severity. The critical issue, CVE-2025-31104, is an OS command injection flaw in FortiADC, allowing authenticated users to execute arbitrary code via specially crafted HTTP requests. Other affected products include: FortiOS FortiClientEMS / FortiClient for Windows FortiPAM FortiSRA FortiSASE FortiPortal FortiProxy FortiWeb The medium-severity vulnerabilities could lead…

A newly disclosed breach has shaken the cybersecurity landscape: hackers have leaked a massive dataset containing over 86 million AT&T customer records, including decrypted Social Security Numbers (SSNs). Originally posted on a Russian cybercrime forum in May 2025 and reuploaded in early June, the dataset has now spread widely across threat actor channels. What's in the Leak? The exposed records contain: Full names Dates of birth Phone numbers Email addresses Physical addresses Approximately 44 million decrypted Social Security Numbers The threat actor claims that both SSNs and dates of birth were encrypted in the original source but have now been fully decrypted-indicating either a failure in encryption management or additional compromise. Possible Connection to Previous AT&T Breaches While AT&T has previously suffered data breaches, including the 2024 Snowflake-related breach affecting 110 million users' call and text metadata, this incident appears different. That earlier breach reportedly did not include personally identifiable…

We're pleased to share that Patrick Kelley, CEO of Critical Path Security and Léargas Security, will be speaking at the 2025 GTBA Annual Meeting of the Membership, hosted by the Georgia Rural Telephone and Broadband Association. 📍 Location: Hammock Beach, Daytona Beach, FL 📅 Dates: June 15-19, 2025 🗣 Topic: Ransomware in Telecom and Broadband: Real-World Impact and Response Strategies Why This Talk Matters Rural telecommunications and broadband providers have become prime targets for ransomware groups seeking to exploit infrastructure gaps and critical service dependencies. As attackers refine their tactics-often hitting operations where recovery is slow and costly-preparedness is no longer optional. Patrick will dive into the latest ransomware attack trends, walk through recent case studies, and outline actionable steps for detection, response, and prevention tailored for rural ISPs and telcos. What Attendees Will Gain A clearer understanding of ransomware attack vectors in telecom infrastructure Guidance on securing legacy and…