Staying on top of security news shouldn't be another full-time job.
That's why Iβm thrilled to launch Blumira Briefings, our new weekly panel series where security experts break down the headlines you might have missed, and explain what they actually mean for your security practice! π
What to Expect from Blumira Briefings
Each week, I'll be joined by different Blumira experts (and sometimes special guests!) to:
- Share the top threats, suspects, and risks we're seeing across our detection and response platform
- Discuss significant security stories and what they mean for YOU
- Provide practical advice you can actually implement right away
- Keep it conversational, informative, and under 30 minutes (donβt mind the extra 14 seconds in this episode π€«)
Episode 1 Highlights: What We Covered π‘
In our inaugural episode, I chatted with Matt Warner (Blumira's co-founder and CEO), Mike Toole (Director of Security and IT), and Nick Brigmon (Security Operations Manager) about:
Blumira's Top Findings This Week π
Matt shared our top threats, suspects, and risks from the past week. Top of the list:
- Sophos website blocking alerts
- Sentinel One unmitigated suspicious threats
- Failed single-factor PowerShell authentication
- Mailbox permission changes in Microsoft 365
- SSH and SMB connections from public IPs (please stop doing this!)
Critical Next.js Vulnerability π οΈ
We discussed the recent Next.js middleware vulnerability (CVE-2025-29927), rated critical severity with a CVSS score of 9.1. This flaw could allow attackers to bypass authorization checks by manipulating a specific header β not great! If you're using Next.js in your environment, patch ASAP to versions 12.3.5, 13.5.9, 14.2.25, or 15.2.3.
Microsoft Security Copilot's New AI Agents π€
Microsoft has introduced 11 task-specific AI agents for its Security Copilot platform, including a phishing investigation agent. Our team had mixed feelings about this development, and AI as a security asset (or liability?) in general.
23andMe's Bankruptcy Filing π
Following its massive data breach in 2023, 23andMe has filed for Chapter 11 bankruptcy. California's Attorney General has advised users to delete their accounts and data before potentially losing access. Mike even shared some clever tips about using California privacy laws to your advantage!
Fake SEMrush Ads Targeting SEO Professionals π―
We explored a phishing campaign using fake Google ads for SEMrush to steal credentials from SEO and marketing professionals. This targeted approach shows how attackers are marketing directly to specific roles with access to valuable business data.
Malicious VS Code Extensions π
The team discussed recently discovered malicious extensions in the VS Code marketplace that deployed ransomware. We explored broader issues around extension security and the importance of periodically reviewing what you've installed.
Watch the Full Episode
For the complete discussion and more security insights, click the video below or join the conversation by watching on our YouTube channel!
