Cisco has issued patches for four critical security vulnerabilities affecting its Identity Services Engine and Webex platforms that could allow attackers to execute malicious code. The flaws represent serious security risks as they could enable unauthorized access and remote code execution on affected systems. Organizations using these Cisco products are urged to apply the security updates immediately to protect against potential exploitation.

This appears to be promotional content for a webinar focused on identifying and removing orphaned non-human identities, which are automated accounts or service credentials that may have been abandoned or improperly managed in an organization's systems. The content also references a Zscaler report highlighting how AI has accelerated attack speeds through VPN vulnerabilities, making traditional remote access a major security risk. The piece includes various educational and cybersecurity training promotions alongside the main webinar announcement.

Eight major industrial technology companies including Siemens, Schneider Electric, and Rockwell Automation have released new security advisories addressing vulnerabilities in critical infrastructure systems. The advisories cover a range of issues from critical flaws in Wi-Fi devices and industrial control software to high-severity vulnerabilities that could allow unauthorized access and privilege escalation. Notably, Rockwell Automation issued an urgent warning urging customers to disconnect programmable logic controllers from the internet following potential threat activity, likely related to Iran-linked attacks on critical infrastructure.

Fortinet has issued patches for 27 vulnerabilities across its product line, including two critical flaws in FortiSandbox with CVSS scores of 9.1 that could allow unauthenticated attackers to bypass authentication and execute arbitrary commands via specially crafted HTTP requests. The company also addressed a high-severity buffer overflow in FortiAnalyzer Cloud and SQL injection bugs in FortiDDoS-F and FortiClientEMS, though there's currently no evidence these vulnerabilities are being exploited in the wild.

President Trump is calling for an 18-month extension of Section 702 of the Foreign Intelligence Surveillance Act, a controversial program that allows U.S. spy agencies to collect foreigners' communications without warrants but also incidentally sweeps up Americans' data. While Trump previously opposed the program and once posted "KILL FISA" on social media, he now says it's proven vital to national security, particularly in recent operations involving Venezuela and Iran. Critics in Congress are pushing for reforms including warrant requirements before accessing Americans' communications and restrictions on government use of data brokers, though significant changes appear less likely following Trump's endorsement.

Researchers at Huntress discovered that malware disguised as adware from Dragon Boss Solutions had evolved to disable antivirus software and disable security updates on over 25,000 compromised computers worldwide. The most alarming finding was that the malware's update domain was unregistered, meaning anyone could have purchased it for as little as $10 to take complete control of infected systems, including those at 324 high-value targets like universities, government agencies, operational technology networks running critical infrastructure, and Fortune 500 companies. Huntress registered the domain themselves to prevent exploitation, highlighting how a simple oversight could have enabled massive cyber attacks across sensitive networks in 124 countries.

Ivanti has patched two medium-severity vulnerabilities in its Neurons for ITSM product that affect both on-premises and cloud deployments. The first flaw could allow authenticated attackers to retain access even after their accounts are disabled, while the second is a cross-site scripting vulnerability that could leak limited session information. Cloud customers were automatically updated on December 12th, but on-premises users are urged to upgrade to version 2025.4 immediately, though Ivanti says there's no evidence of active exploitation.

A new Android malware called Mirax RAT has been targeting users across Europe through malicious ads on Facebook and Instagram, reaching more than 200,000 users with fake IPTV app promotions. The sophisticated remote access trojan not only steals credentials and allows full device control, but can also turn infected phones into residential proxy nodes for routing malicious traffic. Security firm Cleafy warns that while primarily used by Russian-speaking cybercriminals against European targets, the malware's proxy capability represents a concerning new threat to banks and other institutions.

Microsoft has released its latest security update addressing 169 vulnerabilities, including a critical SharePoint zero-day that was being actively exploited in the wild. The patch bundle represents one of the company's larger monthly security releases, highlighting the ongoing challenges in securing enterprise software. Organizations using SharePoint are urged to apply these patches immediately given the active exploitation of the zero-day vulnerability.

Cybersecurity researchers discovered dangerous prompt injection vulnerabilities in both Salesforce Agentforce and Microsoft Copilot that could have allowed attackers to steal sensitive data from outside the systems. Both tech giants have now patched these security flaws in their AI agent platforms. The vulnerabilities highlight growing security concerns as companies rapidly deploy AI assistants that have access to confidential business information.