Blog

The latest news and developments

Latest Blogs and News

Secora Consulting’s blog is a mixture of news and developments in the security world and technical breakdowns of our services. Bookmark this page to stay informed.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 49

This week’s intelligence confirms a critical surge in maximum severity flaws and systemic exploitation across both developer pipelines and corporate identity infrastructure. We track a CVSS 10.0 RCE flaw in React/Next.js, the urgent patching required for a CVSS 9.8 WordPress takeover and a dangerous cross tenant bypass in Microsoft Teams. These technical failures, combined with the sophisticated use of identity theft by the Lazarus APT group, demand immediate action to secure privileged access and the application supply chain.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 48

This week’s intelligence confirms a surge in identity based exploitation and systemic operational risk. We track a maximum severity flaw in Grafana SCIM (CVSS 10.0) and the deployment of ShadowPad malware via unpatched update servers, underscoring the danger of flawed privileged access. Furthermore, the ClickFix social engineering attack that is leveraging a realistic, full screen Windows Update animation to trick users into running malware, and a major breach of London councils, reinforces that operational resilience and vendor security are paramount.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 47

This week’s intelligence confirms an alarming surge in actively exploited vulnerabilities targeting critical network appliances and end-user software, demanding immediate action across security teams. We also track the increasing fragility of the Internet’s core infrastructure, highlighted by a major Cloudflare outage and a record breaking DDoS attack. For strategic and resilient organisations, the lesson is clear that security must be layered, extending from zero day patching to global resilience planning.

SME Cybersecurity

Beyond the Firewall: Supply Chain and Cloud Security for Black Friday 2025

Black Friday and Cyber Monday are two of the most anticipated shopping days, with millions of customers flocking online and in store for deals. However, they are also a peak hunting ground for cybercriminals looking to exploit the massive surge in online activity and transaction volume. Cyberattacks on consumers and retailers surged by over 300% during the Black Friday period in 2024, with phishing attacks mimicking major brands increasing by over 2,000% .

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 46

This week highlights an surge in active exploitation targeting critical network and identity infrastructure, confirmed by the zero day attacks against Cisco and Citrix and the urgent patch for an exploited Windows Kernel bug. Simultaneously, the user’s browser has been validated as the weakest link, with shadow AI usage, poor SSO practices and massive Phishing-as-a-Service (PhaaS) networks combining to create unprecedented identity and data loss risks. 1. Critical Exploitation & Patching Urgency Advanced Hackers Exploited Zero Days in Cisco and Citrix A report from Amazon’s threat intelligence team revealed an advanced, highly resourced threat actor exploiting two separate zero day vulnerabilities in critical network infrastructure in the Cisco Identity Service Engine (ISE) and Citrix NetScaler ADC/Gateway.

Cybersecurity News

This Week in Cybersecurity: Looking Back at Week 45

This week’s threat intelligence highlights the sophisticated evolution of adversary tactics, where attackers are moving beyond simple malware to exploit legitimate software and virtualisation features for evasion. We cover a novel technique using Windows Hyper-V to bypass EDR, a critical confirmation that a SonicWall cloud breach was linked to state sponsored actors and a highly exploitable WordPress flaw that puts over 400,000 sites at risk of takeover. For strategic and resilient organisations, the lessons are clear that security must be layered, extending beyond the endpoint to cover supply chain, cloud backups and third party risk.