For providers

Active Directory users could be compromised with the new BadSuccessor attack technique, which involves the exploitation of a privilege escalation vulnerability within Windows Server 2025's delegated Managed Service Account feature that was made to allow legacy service account migrations while preventing Kerberoasting intrusions, reports The Hacker News.

Versa Networks' centralized management and orchestration platform Versa Concerto has been impacted by a trio of serious vulnerabilities, which could be leveraged for authentication evasion and arbitrary code execution, according to BleepingComputer.

SecurityWeek reports that nearly 150,000 internet-exposed industrial control system devices worldwide could be compromised in cyberattacks, with the rate of online devices used as honeypots increasing from almost 15% in April 2024 to 25% in January 2025.

Digitizing and automating the utility network can lead to significant operational and financial benefits by reducing OPEX, CAPEX, human errors and time to deploy.

Three zero-days could have allowed an attacker to completely compromise the Concerto application and the host system running it.

More than 184 million account credentials likely obtained via information-stealing malware attacks have been exposed by an unsecured database potentially owned by malicious actors, Cybernews reports.

Decentralized cryptocurrency exchange Cetus had nearly $223 million pilfered following an attack on Thursday, according to The Record, a news site by cybersecurity firm Recorded Future.

Hackread reports that Coca-Cola and bottling partner Coca-Cola Europacific Partners were purportedly compromised by the Everest ransomware operation and Gehenna hacking group, respectively, in separate intrusions.

As the summer event season kicks off, venue managers and security firms aim to make AI part of the solution for keeping control of crowds and protecting against cyber-physical threats.