Discord Invites Are Leveraged in Malware Distribution
Threat actors are actively abusing a flaw in Discord’s invite link system to deliver malware through hijacked or spoofed server invites. The campaign, uncovered in mid-2025 by multiple cybersecurity research teams, leverages expired or recycled Discord invite links and redirects users through silent redirection chains that lead to multi-stage malware payloads. These payloads include AsyncRAT, […]
Critical Unauthenticated RCE Vulnerabilities in Cisco ISE and ISE-PIC
On June 25, 2025, Cisco disclosed two critical vulnerabilities affecting Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). Tracked as CVE-2025-20281 and CVE-2025-20282, these flaws enable unauthenticated remote attackers to execute arbitrary commands as the root user via exposed HTTPS APIs. CVE-2025-20281 arises from insufficient validation of user-supplied input in a public […]
What’s Really Putting SMBs at Risk? These 8 Cybersecurity Myths
If you’ve done everything you can think of to stay protected — patched systems, trained employees, upgraded tools — but the number of threats still keep increasing, you’re not alone. You’re not behind. You’re not unprepared. But you may be operating on outdated assumptions. For small and midsize businesses, the real danger isn’t just what […]