Featured Story
Cisco Fixed Critical ISE Flaws Allowing Root-Level Remote Code Execution
Cisco has released patches for multiple critical vulnerabilities in its Identity Services Engine (ISE), with CVSS scores as high as 10.0. These flaws allow unauthenticated remote attackers to execute commands with root privileges. The vulnerabilities arise from improper input validation and insufficient authentication in the web-based management interface. Cisco urges immediate patching, as no workarounds exist.
Other Stories
Critical Privilege Escalation Flaw in Notepad++ Leads to Full System Takeover
Notepad++ is affected by CVE-2025-49144, a vulnerability allowing arbitrary code execution via malicious files. This puts systems at risk, especially given the software’s widespread use among developers and IT personnel.
ClickFix Attacks Surge 517% in 2025
ClickFix, a growing social engineering technique, tricks users into copying and executing malicious code themselves by mimicking error resolution workflows. ESET reports it accounted for 8% of all blocked attacks in H1 2025.
Largest Data Breach Ever: 16 Billion Login Credentials Exposed
Researchers have discovered a data leak comprising 16 billion login credentials, collected through multiple info-stealing malware strains and compiled from 30 large-scale breaches. Many credentials are reused, presenting ongoing risk.
Warning: Fake Messages About De Watergroep
Phishing campaigns are impersonating De Watergroep, attempting to steal user data through realistic-looking emails. These often claim issues with meter readings or urge users to “update customer details” via fake portals.
SOC Analysis: While attackers increasingly use AI to create realistic phishing messages, simple steps like checking the sender domain and avoiding unexpected links remain powerful defenses. Suspicious messages should be forwarded to:
- verdacht@safeonweb.be
- suspect@safeonweb.be
- suspicious@safeonweb.be
Our SOC is always available to assist with suspicious communication reviews.
