H-ISAC: White Reports
Exploitation of the SAP S/4HANA flaw, tracked as CVE-2025-42957, has been disclosed.
FS-ISAC has released several white papers discussing AI best practices.
This week, Health-ISAC®'s Hacking Healthcare® examines evidence that the HIPAA Security Rule effort launched at the end of the Biden administration may be moving ahead under the Trump administration and more.
On August 26, 2025, Citrix released a security bulletin (CTX694938) to address three critical vulnerabilities affecting its NetScaler ADC and NetScaler Gateway products: CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424.
A highly sophisticated Russian state-sponsored cyber espionage group, known as Static Tundra, has been targeting organizations of strategic interest within critical infrastructure verticals.
On August 15, 2025, exploit code was released that chains two critical vulnerabilities in SAP NetWeaver’s Visual Composer to bypass authentication and achieve remote code execution.
On August 12, 2025, FortiGuard Labs published an advisory for a flaw in FortiWeb tracked as CVE-2025-52970.
On August 14, 2025, Cisco disclosed a critical remote code execution (RCE) vulnerability.
This week, Health-ISAC®'s Hacking Healthcare® examines the recent publication of a new version of the United Kingdom’s (U.K.) National Cyber Security Centre (NCSC) developed Cyber Assessment Framework (CAF).
On August 13, 2025, HORIZON3.ai security researchers published an Attack Blog regarding two high-severity vulnerabilities, CVE-2025-8355 and CVE-2025-8356, affecting Xerox FreeFlow Core version 8.0.4.