Sign up to save your podcasts
Or
Share 🦔 Blumira Briefings Ep. 14: Cisco's Critical Vulnerabilities, Chrome Zero-Day, & CitrixBleed 2 Alert
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
🦔 Blumira Briefings Ep. 14: Cisco's Critical Vulnerabilities, Chrome Zero-Day, & CitrixBleed 2 Alert
🚨 Welcome to Blumira Briefings! This week, our security experts Jake, Mike, and Michael join Zoe to help break down critical vulnerabilities and trending threats you need to know about. 🚨
What We Cover This Week:
📱 Two critical Cisco vulnerabilities - hard-coded root credentials in Unified CM (CVSS 10.0) and RCE flaws in Identity Services Engine (CVSS 10.0)
🌐 Google's 4th Chrome zero-day of 2025 - type confusion in the V8 JavaScript engine
⚠️ CitrixBleed 2 exploits now in the wild - allowing attackers to steal session tokens with a CVSS 9.3 rating
⚫ Windows' Blue Screen of Death turning black - Microsoft's response to last year's CrowdStrike outage
🤖 AI models providing incorrect login URLs 34% of the time, creating new phishing opportunities 💼 Ingram Micro hit by suspected SafePay ransomware, highlighting supply chain risks
💡 Quick tip of the week: Remind your team that LLMs generate information rather than retrieve it - so it’s important to always verify URLs!
Expert Insights On:
* Building failover communication options in case primary systems are compromised
* How to better validate API security before implementation
* Why organizations should treat AI-generated information with skepticism
* Defensive domain registration strategies to counter AI misdirection
* Preparation steps to mitigate third-party security risks
SOURCES:
Cisco Root Credential Flaw: https://hackread.com/cisco-emergency-fix-critical-root-credential-flaw-unified-cm/
Cisco ISE Vulnerabilities: https://www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-rce-flaws-in-identity-services-engine/
Chrome Zero-Day: https://www.infosecurity-magazine.com/news/google-patch-chrome-zero-day/
Windows Blue Screen Changes: https://www.securityweek.com/windows-infamous-blue-screen-of-death-will-soon-turn-black/
CitrixBleed 2 Exploits: https://go.theregister.com/feed/www.theregister.com/2025/07/07/citrixbleed_2_exploits/
AI Models URL Issues: https://www.infosecurity-magazine.com/news/ai-models-mislead-users-login-urls/
Ingram Micro Ransomware: https://www.darkreading.com/cyberattacks-data-breaches/ransomware-attack-outage-ingram-micro
RESOURCES:
Burnout Assessment Test for Security Professionals: https://github.com/Patrick-Kelley/CBI-CS
Jake's video on double extension file attacks: https://youtu.be/qXGcNCSLDKw
View all episodes
By Blumira🚨 Welcome to Blumira Briefings! This week, our security experts Jake, Mike, and Michael join Zoe to help break down critical vulnerabilities and trending threats you need to know about. 🚨
What We Cover This Week:
📱 Two critical Cisco vulnerabilities - hard-coded root credentials in Unified CM (CVSS 10.0) and RCE flaws in Identity Services Engine (CVSS 10.0)
🌐 Google's 4th Chrome zero-day of 2025 - type confusion in the V8 JavaScript engine
⚠️ CitrixBleed 2 exploits now in the wild - allowing attackers to steal session tokens with a CVSS 9.3 rating
⚫ Windows' Blue Screen of Death turning black - Microsoft's response to last year's CrowdStrike outage
🤖 AI models providing incorrect login URLs 34% of the time, creating new phishing opportunities 💼 Ingram Micro hit by suspected SafePay ransomware, highlighting supply chain risks
💡 Quick tip of the week: Remind your team that LLMs generate information rather than retrieve it - so it’s important to always verify URLs!
Expert Insights On:
* Building failover communication options in case primary systems are compromised
* How to better validate API security before implementation
* Why organizations should treat AI-generated information with skepticism
* Defensive domain registration strategies to counter AI misdirection
* Preparation steps to mitigate third-party security risks
SOURCES:
Cisco Root Credential Flaw: https://hackread.com/cisco-emergency-fix-critical-root-credential-flaw-unified-cm/
Cisco ISE Vulnerabilities: https://www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-rce-flaws-in-identity-services-engine/
Chrome Zero-Day: https://www.infosecurity-magazine.com/news/google-patch-chrome-zero-day/
Windows Blue Screen Changes: https://www.securityweek.com/windows-infamous-blue-screen-of-death-will-soon-turn-black/
CitrixBleed 2 Exploits: https://go.theregister.com/feed/www.theregister.com/2025/07/07/citrixbleed_2_exploits/
AI Models URL Issues: https://www.infosecurity-magazine.com/news/ai-models-mislead-users-login-urls/
Ingram Micro Ransomware: https://www.darkreading.com/cyberattacks-data-breaches/ransomware-attack-outage-ingram-micro
RESOURCES:
Burnout Assessment Test for Security Professionals: https://github.com/Patrick-Kelley/CBI-CS
Jake's video on double extension file attacks: https://youtu.be/qXGcNCSLDKw