Our news

  • Potential Iranian Retaliations Following US Strike on Nuclear Facilities: Cyber Attacks and Maritime Disruptions

    Introduction On June 21st, 2025, the United States conducted precision strikes on three Iranian nuclear facilities Fordow, Natanz, and Isfahan with the potential of escalating tensions in the Middle East. This military action, briefed by the Defense Department on the morning of June 22nd, 2025, codenamed Operation Midnight Hammer, has prompted Iran to vow retaliation,

    READ MORE

  • Vulnerability Summary for the Week of June 16, 2025

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info _CreativeMedia_–Elite Video Player Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in _CreativeMedia_ Elite Video Player allows Stored XSS. This issue affects Elite Video Player: from n/a through 10.0.5. 2025-06-17 7.1 CVE-2025-30988 Adnan Haque (a11n)–Virtual Moderator Cross-Site Request Forgery (CSRF) vulnerability

    READ MORE

  • Vulnerability Summary for the Week of June 9, 2025

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Acer–ControlCenter Acer ControlCenter contains Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing remote users with low privileges to interact with it and access its features.

    READ MORE

  • CISA Releases Cybersecurity Advisory on SimpleHelp RMM Vulnerability

    Today, CISA released Cybersecurity Advisory: Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider. This advisory is in response to ransomware actors targeting customers of a utility billing software provider through unpatched vulnerabilities in SimpleHelp Remote Monitoring and Management (RMM). This incident is part of a broader trend of

    READ MORE

  • Ransomware Actors Exploit Unpatched SimpleHelp Remote Monitoring and Management to Compromise Utility Billing Software Provider

    Summary The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this advisory in response to ransomware actors leveraging unpatched instances of a vulnerability in SimpleHelp Remote Monitoring and Management (RMM) to compromise customers of a utility billing software provider. This incident reflects a broader pattern of ransomware actors targeting organizations through unpatched versions of SimpleHelp

    READ MORE

  • SkillBridge Frequently Asked Questions (FAQs)

    Below is a list of frequently asked questions to help interns navigate their time at DefendEdge. General Program What is expected of me as an intern? Interns are expected to actively participate in hands-on cybersecurity tasks, follow company policies, complete assessments, ask questions, and seek mentorship when needed. What skills should I focus on developing

    READ MORE

  • Vulnerability Summary for the Week of June 2, 2025

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–ABC Courier Management System A vulnerability, which was classified as critical, was found in 1000 Projects ABC Courier Management System 1.0. Affected is an unknown function of the file /adminSQL. The manipulation of the argument Username leads to sql injection. It is possible

    READ MORE

  • Updated Guidance on Play Ransomware

    CISA, the Federal Bureau of Investigation (FBI), and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) have issued an updated advisory on Play ransomware, also known as Playcrypt. This advisory highlights new tactics, techniques, and procedures used by the Play ransomware group and provides updated indicators of compromise (IOCs) to enhance threat detection. Since

    READ MORE

  • Preparing Global SOCs for Emerging Cyber Threat Trends

    The cyber threat landscape is evolving as threats shift to emerging technologies. Today, it is not just healthcare, finance, or a government institution. Organizations and infrastructures of all kinds, from ransomware that paralyzes or shuts down operations to supply-chain breaches that expose sensitive data, are in the crosshairs of rampant cybercriminals who are constantly evolving

    READ MORE

  • Vulnerability Summary for the Week of May 26, 2025

    High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 1000 Projects–Daily College Class Work Report Book A vulnerability classified as critical has been found in 1000 Projects Daily College Class Work Report Book 1.0. Affected is an unknown function of the file /dcwr_entry.php. The manipulation of the argument Date leads to sql injection.

    READ MORE