CISO Intelligence
Source: The Register (Security) · Category: Ransomware & Breach Cisco Secure Workload admin API flaw permits cross-tenant access and configuration manipulation. If firm uses Cisco Secure Workload, privilege escalation and lateral-movement risk is material; request vendor patch status and audit access controls immediately. → Read the full article
CISO Intelligence
Source: The Hacker News · Category: Security News — Technology Drupal releases patch for 'highly critical' RCE flaw (CVE-2026-9082, CVSS 6.5) in Core affecting PostgreSQL sites. Determine urgently whether firm or clients run Drupal; if so, patch immediately to prevent RCE exploitation. → Read the full article
CISO Intelligence
Source: Wired Security · Category: Supply Chain TeamPCP gang carried out unprecedented supply chain attack on open-source code, compromising hundreds of organizations via GitHub and multiple repositories. Corroborates articles [0], [5], [14] on npm/GitHub poisoning. Law firm dependencies on open-source libraries face heightened contamination risk. Urgent: audit and lock open-source
CISO Intelligence
Source: Reddit r/netsec · Category: Supply Chain Poisoned VS Code extension led to exfiltration of ~3,800 internal GitHub repositories at GitHub itself; customer data reportedly spared but scope unclear. Law firms using GitHub for code or IP storage face similar supply chain exposure; verify extension policies and monitor GitHub
CISO Intelligence
Source: The Hacker News · Category: Supply Chain GitHub confirms internal repos breached via poisoned Nx Console VS Code extension; attacker compromised developer's system. Supply-chain attack on widely-used dev tooling; firm must audit VS Code extensions in use and assess if employees ran malicious Nx Console version. → Read the
CISO Intelligence
Source: The Hacker News · Category: Security News — Technology 9-year-old Linux kernel flaw (CVE-2026-46333, CVSS 5.5) enables unprivileged root command execution on major distros. Privilege escalation in foundational infrastructure; relevant if firm operates Linux servers; patch after vendor guidance available. → Read the full article
CISO Intelligence
Source: The Hacker News · Category: Security News — Technology Cached AWS access key on single Windows machine exposed 98% of cloud entities. Identity and access control risk; relevant for firm's own cloud governance and client cloud security advisory; escalate if firm uses AWS. → Read the full article
CISO Intelligence
Source: The Hacker News · Category: Security News — Technology Microsoft discloses two actively exploited Defender flaws: privilege escalation (CVE-2026-41091, CVSS 7.8) and DoS. Active exploitation in wild of widely-deployed endpoint security; firm must patch all Defender instances immediately. → Read the full article
CISO Intelligence
Source: DataBreaches.net · Category: Supply Chain GitHub confirmed breach of 3,800 internal repositories via malicious VS Code extension; trojanized extension removed from marketplace. Corroborates article [5]. VS Code supply chain compromise poses risk to law firm development infrastructure. Immediate audit of all VS Code extensions in use. → Read the
CISO Intelligence
Source: Wired Security · Category: Regulatory & Legal Report finds AI firms, data brokers, and defense contractors using dark-pattern opt-out forms to obstruct user data rights. FTC and state AGs increasingly scrutinizing dark patterns; enforcement risk rising. Law firms advising AI/tech clients should audit consent and opt-out workflows for legal
CISO Intelligence
Source: The Register (Security) · Category: AI Security Claude AI sandbox vulnerability silently patched with no CVE or disclosure. Frontier AI platform security flaw without transparency raises concerns about disclosure practices; if firm uses Claude API or integrates frontier LLMs, request transparency from vendor on patched risks. → Read the full article
CISO Intelligence
Source: Dark Reading · Category: Ransomware & Breach GitHub confirmed a breach in which threat actor TeamPCP stole ~4,000 internal repositories. If the firm uses GitHub for code storage or integrations, client IP or proprietary work could be exposed; conduct immediate audit of repository contents and assess whether client notification