search

CCTR.3.JAN.26

Monday morning cyber coffee read CCTR.3.JAN.26. Trusted intelligence sources indicate a potential high severity unauthenticated PII disclosure (set of chained vulnerabilities) affecting Salesforce Marketing Cloud instances. At this time, Salesforce has not yet verified or published this issue via an official Security Advisory. Use the following search query to identify potentially affected assets within your environment. (autonomous_system_organizations=SALESFORCE) Organisations using Salesforce Marketing Cloud should remain alert for unauthenticated data exposure patterns and be prepared to respond rapidly….

A High risk unauthenticated remote code execution vulnerability CVE-2025-64155 has been identified in Fortinet FortiSIEM. The flaw allows an unauthenticated attacker with network access to a core FortiSIEM service to gain full administrative control of the appliance and escalate privileges to root. Fortinet FortiSIEM is a security operations platform providing SIEM capabilities. It is not a good look to have remote code execution vulnerabilities in your SIEM.

Microsoft has patched a vulnerability (Reprompt) in its Copilot AI assistant that allowed attackers to exfiltrate sensitive user data after a single click on a legitimate Copilot URL.

Copilot is deeply integrated into enterprise workflows and has access to contextual, user-specific data. Vulnerabilities like this can become high-trust data exfiltration channels, even without malware or obvious indicators of compromise. Traditional endpoint controls offer little protection in scenarios like this.

In one week, an unconfirmed SaaS vulnerability, an unauthenticated RCE in a SIEM and high-trust data exfiltration via enterprise AI tools. Now is the time to assume compromise, validate trust boundaries and hunt beyond vendor advisories. This is why cyber risk must be tested continuously, not managed through assurance statements alone.

PreviousCCTR.4.JAN.26NextCCTR.2.JAN.26

Last updated