Automated password rotation with Wazuh and Shuffle
Automated password rotation helps protect both cloud and on-premises environments from unauthorized access and credential compromise by reducing the risk associated with exposed...
A critical severity Remote Code Execution (RCE) vulnerability affecting Next.js applications that use the App Router has been identified. This vulnerability is rated CVSS 10.0, disclosed as CVE-2025-66478 and allows remote code execution (RCE) when attacker-controlled requests are processed in unpatched environments. It stems from an upstream vulnerability in the React Server Components (RSC) protocol […]
San Jose, California, November 2025 – Wazuh, the leading open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solution, announced a partnership with connecT SYSTEMHAUS AG, an owner-managed IT services provider based in Siegen, Germany. The partnership enables connecT to expand its Managed Security Services with Wazuh’s SIEM and XDR capabilities, […]
Another zero-day vulnerability tracked as CVE-2025-13223 has been discovered to affect Google Chrome and Chromium web browsers on Windows, macOS, and Linux endpoints. It follows the earlier disclosure of CVE-2025-4664, which also affects these web browsers. This is a high-severity flaw with a CVSS score of 8.8 reported to be actively exploited in the wild. […]
Funklocker ransomware is a recently observed threat attributed to the FunkSec group, primarily targeting Windows environments. It is known for using AI-assisted code generation to produce new variants, which makes traditional signature-based defenses less effective. Funklocker ransomware uses living-off-the-land (LOTL) techniques by blending malicious activity with legitimate system functions to evade detection. This includes running […]
Snowflake is a fully managed, cloud-native data warehouse designed to handle structured and semi-structured data at massive scale. It separates storage from compute, allowing organizations to independently scale workloads such as data ingestion, analytics, machine learning, and reporting. It is a high-value target for attackers because it often centralizes critical business data such as financial […]
IT Hygiene is the practice of maintaining clean, consistent, and secure endpoint configurations across your infrastructure. Every endpoint in your environment is a potential entry point for attackers. A forgotten user account, an outdated package, a rogue service, or an unapproved browser extension can silently expose your organization to risk. Consistent visibility and control over […]
San Jose, California, October 2025 – Wazuh, the leading open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solution, announced a partnership with Athena Security Group, a cybersecurity company providing advanced cyber defense software and services. Through this partnership, Athena Security Group integrates Wazuh’s SIEM, EDR, and XDR capabilities as the […]
We’re excited to announce the release of Wazuh 4.14.0. This version enhances the IT Hygiene capability with an expanded inventory that now includes browser extensions, endpoint services, users, and groups. It also introduces a new Microsoft Graph API dashboard for monitoring activity and audit events from Microsoft cloud services, and adds support for hot reload […]
The Wazuh agent is a component of the Wazuh SIEM and XDR solution that protects monitored endpoints such as servers, laptops, and virtual machines. Deploying Wazuh agents in containerized endpoints orchestrated by Kubernetes requires a more resilient deployment strategy. In containerized environments where workloads are ephemeral and dynamic, maintaining a persistent identity and configuration for […]
San Jose, California, September 2025 – Wazuh, the leading open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solution, has partnered with Saga doo Beograd, one of the largest system integration companies in Serbia. Through this collaboration, Saga doo Beograd will integrate Wazuh’s SIEM and XDR capabilities into its cybersecurity offerings, […]
Maranhão Stealer is a Node.js-based infostealer delivered through pirated software and trojanized video game installers. Threat actors lure victims with cracked or modified game launchers that secretly install the malware on Windows systems. Once installed, Maranhão Stealer harvests sensitive data, such as browser credentials, cookies, cryptocurrency wallets, and other valuable information. The malware targets common […]
San Jose, California, September 2025 – Wazuh, the leading open-source Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) solution, announced a technology partnership with Shuffle, a Security Orchestration, Automation and Response (SOAR) platform designed to simplify and scale cybersecurity operations. Through this integration, Shuffle connects seamlessly with Wazuh to provide out-of-the-box […]
Gunra ransomware is a recently identified threat that has been observed targeting Windows endpoints across multiple industries worldwide, including manufacturing and energy sectors. Known for its encryption capabilities and exfiltration tactics, the ransomware follows a double-extortion model, encrypting victim data while simultaneously threatening to leak stolen information on its Tor-hosted leak site. Gunra’s malicious behavior […]
Keep up to date
with our digest of articles
with our digest of articles