Field Effect

More than 80% of incidents our team investigated last year stemmed from cloud identity compromise, highlighting a growing shift in how adversaries are gaining access to corporate environments. Get more cybersecurity data, trends, and analysis here: get.fieldeffect.com/2026-cyber-thr…

Organizations are advised to remain vigilant and reinforce core security controls. More detail here: fieldeffect.com/blog/cyber-spi…

Researchers have observed a rise in opportunistic hacktivist activity and unverified claims of DDoS attacks, defacements, and data leaks targeting Iran’s adversaries.

Escalating conflict following coordinated U.S. and Israeli strikes on Iranian military and nuclear sites has raised concerns about potential cyber spillover.

@daniel_epps @AccidentalCISO @kmcnam1 Thanks for the shout out Daniel, we ❤️ securing SMBs

@AccidentalCISO @kmcnam1 Check out @fieldeffectsoft for smb. Lovely product and people.

Weird question: Does anyone actually use or recommend Malwarebytes in real-life businesses? More curious than anything as I'm looking at my feed this morning.

🚨 AWS reports groups are actively exploiting the #React2Shell RCE in the wild. Attackers are using exposed RSC endpoints for unauthenticated RCE → webshells → cloud pivoting. Patch React/Next.js immediately. No Field Effect systems are affected. More: fieldeffect.com/blog/react-ser…

Researchers found the Recent Links feature on online code-formatters leaks private snippets via predictable URLs, exposing API keys, DB creds, & tokens at scale. More details here: fieldeffect.com/blog/recent-li…

From our security experts 👇 A high-severity RCE vulnerability (CVE-2025-62518) impacts Rust-based archive libraries like async-tar, used across cloud-native & containerized systems. Multiple patches avail, check our writeup for full mitigation details: fieldeffect.com/blog/tarmagedd…

If you run #Oracle #EBS (v12.2.3-12.2.14) or have internet-exposed modules: - Patch immediately - Lock down/reset access paths - Hunt for IoCs (reverse shells, HTTP anomalies, unusual outbound activity) Full breakdown: fieldeffect.com/blog/oracle-eb…

An exec-targeted extortion campaign is claiming theft of Oracle EBS data. Since then, a critical flaw in Oracle EBS (CVE-2025-61882) has been confirmed.

What started as a potentially unwanted application (PUA) flagged as malicious by Microsoft Defender led our analysts to uncover a broader malware campaign using trojanized apps, signed binaries, and deceptive 7-Zip packaging. Read the full breakdown: fieldeffect.com/blog/potential…

🚨 New patch alert: SolarWinds has released a hotfix for CVE-2025-26399, a critical Web Help Desk flaw enabling RCE. The company urged customers yesterday to upgrade to Web Help Desk version 12.8.7 Hotfix 1 to mitigate the issue. Details: fieldeffect.com/blog/patch-sol…

More info from our analysts on the #npm supply chain attack here: fieldeffect.com/blog/npm-suppl…

...no exposure to the compromised components. Field Effect's onboarding process for 3rd-party libraries includes validation steps that would've identified affected packages & updates are performed only after a review of their current security posture.

Field Effect is actively monitoring a supply chain attack involving hijacked npm packages. Researchers say hackers planted malicious code in open source software packages with 2B+ weekly updates. None of Field Effect's services are affected and our internal review confirms...

Ongoing attacks against Sangoma #FreePBX systems (since Aug 21) exploit publicly exposed Admin Control Panels. 🔹 Affected: v16 & v17 w/ Endpoint Manager installed 🔹 Fix: EDGE module update (temp fix) 🔹 + Restrict ACP to trusted IPs or VPN Details: fieldeffect.com/blog/sangoma-f…

Citrix has patched 3 #NetScaler flaws—including a zero-day (CVE-2025-7775, CVSS 9.2) exploited in the wild. ❗ Affects VPN, AAA, & mgmt interfaces ❗ No workarounds—patch now ✅ Cloud services already updated Details: fieldeffect.com/blog/citrix-ne… #POC #exploit #vulnerability

🔑 11 popular extensions affected ⚠️ Some patches issued, others unpatched as of Aug 20 🛡️ Mitigation: disable autofill + audit extensions More details: fieldeffect.com/blog/new-attac… #TTPs

At #DEFCON33, Marek Tóth revealed a new #exploit that weaponizes privileged #browser extensions like password managers. By manipulating the DOM, attackers can hijack hidden extension UIs—triggering autofill, exports, or settings changes without user awareness.