CISA issues emergency directive to patch critical Microsoft Exchange vulnerability CVE-2025-53786 by Monday.
Posted inCybersecurity News

CISA issues emergency directive to patch critical Microsoft Exchange vulnerability CVE-2025-53786 by Monday.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive requiring all Federal Civilian Executive Branch (FCEB) agencies to address a critical vulnerability in Microsoft Exchange hybrid environments, identified as CVE-2025-53786. This action is a direct response to the severe security threat posed by the flaw, with agencies mandated to complete mitigation steps by 9:00 AM EDT on Monday, August 11, 2025, and submit a comprehensive status report to CISA by 5:00 PM EDT the same day.
Samourai Wallet founders plead guilty to laundering > $200 million for criminal enterprises.
Posted inCybersecurity News

Samourai Wallet founders plead guilty to laundering > $200 million for criminal enterprises.

The founders of Samourai Wallet, a cryptocurrency mixing service, have pleaded guilty to operating an unlicensed money transmitting business and facilitating the laundering of over $200 million for criminals. Keonne Rodriguez, the CEO, and William Lonergan Hill, the CTO, admitted their roles in providing a platform that enabled users to transfer illicit proceeds, effectively β€œwashing” illegal funds and obscuring transaction origins.
SonicWall says spike in recent VPN attacks is tied to now-patched vulnerability, not a zero-day.
Posted inCybersecurity News

SonicWall says spike in recent VPN attacks is tied to now-patched vulnerability, not a zero-day.

SonicWall has addressed concerns regarding a recent increase in attacks targeting Gen 7 and newer firewalls with SSL VPN enabled, clarifying that the surge is not linked to any new, undisclosed vulnerabilities. Following a thorough investigation, the company determined that the activity stems primarily from the exploitation of an older, now-patched vulnerability (CVE-2024-40766) combined with the reuse of passwords, particularly among organizations that migrated user accounts from Gen 6 to Gen 7 devices without enforcing password resets.