FortiSIEM PoC Released, Rakuten Viber CISO on Messaging Risks

Last week delivered a significant development for security teams with the public release of a proof-of-concept exploit for a critical FortiSIEM vulnerability (CVE-2025-64155), dramatically increasing the urgency for immediate patching. This news arrived alongside a wide range of insights, from a Rakuten Viber executive detailing the complex balance of encryption and platform resilience to fresh research on evolving threats like stylized QR code phishing and the persistent rise of ransomware. The cybersecurity landscape continues to be shaped by the convergence of advanced cybercrime, rapid AI adoption, and intricate supply chain risks.

Security professionals are increasingly looking at unconventional data sources for threat intelligence. A recent research paper explores how publicly available torrent metadata can provide valuable signals about policy violations, insider risk, and external criminal activity targeting an organization. This approach reframes common network alerts through an open-source intelligence lens.

Operational technology environments face unique challenges, especially in complex industrial settings. In a detailed discussion, the CISO of Damen Shipyards Group outlined how project-based work with rotating contractors and temporary systems expands the threat surface in shipyards. He emphasized the complications for access control and the risks that emerge when integrating legacy OT with modern IT systems.

For messaging platforms like Rakuten Viber, cybersecurity priorities are heavily influenced by their role as critical infrastructure during global crises. The company’s CISO and CTO explained how this responsibility shapes their focus on areas like end-to-end encryption, abuse prevention, and building resilient systems capable of withstanding both technical attacks and sophisticated social engineering campaigns.

The practical challenges of firmware analysis were highlighted in new research examining the EMBA tool. The study contextualizes the common routine of running lengthy scans overnight, analyzing how the tool’s performance and resource consumption vary across different computing environments, which directly impacts security workflows.

An open-source option for governance, risk, and compliance has emerged with CISO Assistant. This GRC platform allows security teams to systematically document risks, controls, and framework alignments. The community edition is maintained as a self-hosted tool, giving organizations full control over their code and data.

Digital identity and verification are becoming portable assets. LinkedIn’s VP of Trust Product discussed how the platform is extending professional verification beyond its own ecosystem to combat AI-driven fraud and impersonation across the internet. This initiative positions LinkedIn as a player in the broader digital trust landscape alongside other identity systems.

Instagram’s parent company, Meta, firmly denied reports of a systemic data breach after rumors spread about 17.5 million compromised accounts. The company attributed a surge in password reset requests to other factors, not a breach of their internal systems, though user concerns about the repeated alerts persisted.

A refined phishing technique, Browser-in-the-Browser (BitB), is seeing a resurgence. Attackers use HTML, CSS, and JavaScript to generate deceptive pop-up windows that appear within a legitimate browser window, cleverly mimicking real login pages to steal credentials and bypass both user caution and some technical security controls.

Beyond Fortinet, other major vendors addressed critical flaws. Cisco released patches for a zero-day vulnerability (CVE-2025-20393) in the AsyncOS software running on its Email Security Gateway devices, which had been actively exploited by suspected state-sponsored actors since late last year.

Travelers across Europe were impacted by a data breach at the company managing Eurail and Interrail passes. The incident in the Netherlands compromised personal and sensitive information for an undetermined number of customers.

Translating cybersecurity metrics into actionable business intelligence remains a core challenge for leaders. A Field CISO emphasized that effective metrics must support executive decisions and clearly align security initiatives with overarching business priorities, moving beyond mere compliance reporting.

For penetration testers, a tool called PentestPad aims to streamline the reporting process. It focuses on organizing notes, screenshots, and findings during an engagement to prevent the typical chaos that can slow down analysis and reporting after the test is complete.

A contentious European Union proposal, Chat Control, could have unforeseen consequences in robotics, according to academic researchers. They argue that extending communication surveillance laws into robots that interact physically with people creates new privacy and security dilemmas beyond traditional digital screens.

The open-source pfSense firewall platform continues to be a staple in many production networks. Its Community Edition provides robust firewall, VPN, and routing capabilities, supported by a dedicated community, often fitting well within constrained budgets.

Cryptocurrency-related crime reached new heights in 2025, with a marked increase in involvement by nation-state actors. Research indicates that illicit crypto operations have grown more organized, using sophisticated on-chain infrastructure to move billions, support criminal networks, and launder funds internationally.

A major international law enforcement operation successfully dismantled a cyber fraud network tied to the Nigerian-originated Black Axe group. The collaboration between Spanish, German, and Europol authorities targeted the hierarchical criminal organization, which was responsible for losses estimated at nearly €6 million.

Hands-on, practical experience is proving highly effective in cybersecurity education. A study involving Airbus Cybersecurity and Dauphine University found that student engagement soars when courses incorporate structured hacking scenarios, social engineering exercises, and competitive games, moving beyond theoretical lectures.

Canonical expanded its cloud security offerings with Minimal Ubuntu Pro. These streamlined images provide a smaller software footprint for public cloud workloads, giving teams greater control over what runs in production environments while maintaining essential security updates and support.

The potential for AI image generators to be manipulated for political propaganda was demonstrated in a new study. Researchers found that commercial text-to-image systems could be tricked into creating misleading visuals of real public figures, even with safety filters ostensibly in place, raising concerns about disinformation.

Anthropic committed $1.5 million to support the Python Software Foundation, specifically focusing on security work within the Python ecosystem. This two-year partnership highlights the growing corporate investment in securing the foundational tools of modern software development.

The familiar QR code is becoming a more dangerous threat vector. Security researchers detailed how attackers are using visually stylized and colorful QR codes in “quishing” attacks, exploiting the inherent trust users place in these codes to direct them to malicious sites.

Microsoft led a coordinated legal action to disrupt RedVDS, a global cybercrime subscription service linked to millions in fraud losses. The operation, conducted with UK authorities and supported by Europol, is part of a broader effort to target the infrastructure enabling large-scale cyber fraud.

Amazon Web Services launched its European Sovereign Cloud, a region designed to keep all customer data, operational processes, and oversight within the European Union. Backed by a €7.8 billion investment, it aims to address strict regulatory requirements for data residency and sovereignty.

Ransomware activity demonstrated remarkable resilience in 2025. Research revealed that even as major ransomware groups were disrupted, the overall threat landscape adapted quickly, with extortion methods diversifying and new groups forming, leading to a net increase in attacks.

Business continuity is now a central metric for security success. New data shows that CISOs are increasingly defining their role around organizational resilience, keeping operations running through disruptions, rather than focusing solely on threat prevention.

The Debian project released Debian 13.3, the third maintenance update for its “trixie” stable distribution. This point release delivers over 100 updates and critical security patches for numerous packages, including the Apache HTTP Server and GNOME components.

Anthropic’s Claude AI platform expanded its healthcare integrations with new connectors and tools designed for HIPAA-ready workflows. The enhancements aim to assist provider, payer, and life sciences teams with tasks involving coverage, coding, and care coordination.

Insurers are closely watching several converging trends as they model cyber risk for 2026. A global study points to the overlapping impacts of technological change, regulatory decisions, and evolving attacker tactics as key factors influencing underwriting, claims, and risk management strategies.

Enterprise security leaders feel they are fighting a three-front war against cybercrime, AI misuse, and supply chain vulnerabilities. Findings from the World Economic Forum’s cybersecurity outlook highlight how these pressures extend far beyond the realm of technical controls into geopolitical and operational domains.

The Parrot Security OS project outlined its roadmap for 2026, detailing planned updates for its suite of penetration testing, forensics, and privacy tools. The Debian-based distribution is widely used by security practitioners in labs, training, and daily workflows.

Google’s Mandiant unit released AuraInspector, an open-source tool for auditing access control misconfigurations in Salesforce Experience Cloud applications. It focuses on the Aura framework to help identify potential data exposure paths.

The Wine compatibility layer received a major update with version 11, which introduced significant architectural work and synchronization changes alongside fixes for over 600 bugs, improving its ability to run Windows applications on Linux, macOS, and BSD systems.

Proton enhanced its privacy-focused Lumo AI assistant with a new feature called Projects. These encrypted workspaces allow users to group chats, files, and task requirements, keeping everything synchronized across devices while maintaining Proton’s commitment to not using conversations for model training.

For iOS users seeking privacy, Orbot provides a free, open-source VPN that routes supported app traffic through the Tor network. Developed by the Guardian Project, it helps reduce tracking and network-level monitoring on iPhones and iPads.

The National Security Agency published new guidance on zero trust adoption, offering practical first steps for organizations. The documents address the common challenges of mapping assets, defining access rules, and establishing authority in complex, real-world environments.

A persistent disconnect exists between rising cybersecurity budgets and demonstrable business impact. A survey of security and finance executives found that while spending increases, many leaders still struggle to articulate the tangible value delivered, pointing to a need for better communication and aligned metrics.

Third-party risk management remains a top concern for CISOs, with surveys indicating rising incidents and regulatory scrutiny. However, many organizations report that their visibility into vendor ecosystems and the resources to manage that risk are not keeping pace with the growing threat.

Trust on gig platforms is being undermined by fraudulent activities like account renting and selling. A study of U.S. gig workers revealed widespread exposure to fraud and inconsistent reporting mechanisms, creating security and integrity challenges for the platforms themselves.

The rapid integration of AI into enterprise systems is outpacing security and governance controls. Global research indicates that while companies are aggressively deploying AI, gaps in infrastructure readiness, data integrity, and governance frameworks are limiting safe and effective operation at scale.

Application modernization is now inextricably linked to security strategy, especially for scaling AI programs. Survey data suggests that successful AI implementation depends less on isolated pilots and more on disciplined modernization efforts that are tightly coupled with security from the outset.

A forthcoming webinar promises an analyst’s guide to evaluating email security vendors in 2026, offering security leaders a practical framework for vendor selection based on deep market insight.

The weekly roundup also featured a curated list of currently available cybersecurity jobs and a look at new information security products released recently from various vendors.

(Source: HelpNet Security)