Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

AI IDEs such as Cursor and Windsurf include their own browser engine. If that engine is not up to date, it carries known vulnerabilities. This week’s signals show Cursor 2.0 released on Oct 29, 2025 without a stated browser upgrade in the Cursor 2.0 changelog. Users also posted About screenshots that still show older builds. Windsurf’s October notes list a newer baseline in the Windsurf changelog. Treat these tools like browsers: verify versions, reduce risky paths, upgrade when available.

Third-party patch management is a vital security practice that involves identifying, testing, and applying updates to third-party software, including business-critical applications like browsers, plug-ins, and productivity tools, to reduce risk, maintain compliance, and ensure endpoint stability.

Linux patch management is the disciplined process of identifying, testing, and applying security patches and updates to Linux-based systems. It’s essential for fixing vulnerabilities, improving performance, and maintaining compliance—ensuring your infrastructure remains resilient in the face of evolving threats.

Few security practices carry as much weight as patch management. Consider the cautionary tale of Travelex. In early 2020, the British currency exchange was hit by a ransomware attack that spread quickly across its network, locking staff out of their systems. Reports suggest the company paid millions to restore access and prevent sensitive data from being sold; an outcome that underscores how a single gap in patching can cascade into a business-wide crisis.

In order to collect various security-related metrics, Bitsight scans the entire internet, collecting a unique set of data that enables us to carry out a variety of studies that would be extremely difficult for any other company to conduct. One of the metrics that we collect is related to the presence of certain vulnerabilities. For this, we need to take into consideration all possible mitigation strategies that are available and that allow us to reduce the risk.

CVE-2024-7348, which was discovered by Noah Misch, is a race condition vulnerability affecting multiple versions of PostgreSQL when using the `pg_dump` utility. An attacker with sufficient privileges can exploit this vulnerability to execute arbitrary SQL commands with the permission of the user, which is typically a superuser, running the dump.

The cybersecurity landscape witnessed a perfect storm in July 2025 when multiple critical SharePoint vulnerabilities collided with sophisticated IIS module-based persistence techniques, creating a nightmare scenario for enterprise defenders. CVE-2025-53770, CVE-2025-53771, CVE-2025-49704, and CVE-2025-49706 are being actively exploited by sophisticated threat actors, but the real danger extends far beyond the initial exploitation phase.

JounQin’s npm account, the maintainer of popular packages such as eslint-config-prettier, was compromised in a phishing attack. The attackers used the breached credentials to publish six malicious versions of eslint-config-prettier, along with three additional infected packages tied to the same account. In total, the compromised packages see roughly 78 million weekly downloads. Notably, the account had publishing rights for packages with a combined weekly download count of 180 million!