The New Jersey Office of Homeland Security and Preparedness (NJOHSP) released the 2025 Threat Assessment, which details domestic terrorists, foreign terrorists, counterintelligence, transnational crime, and cybersecurity threats facing New Jersey. The NJCCIC assesses that in 2025...
This Joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed...
The adoption of Generative Artificial Intelligence (GenAI) for malicious cyber activity is in a transitional period. Cyber threat actors (CTAs) are exploring incorporating GenAI into their campaigns while relying on more traditional tactics, techniques, and procedures (TTPs).
Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
This Multi-State Information Sharing and Analysis Center (MS-ISAC) Advisory is being provided to assist agencies and organizations in guarding against the persistent malicious actions of cybercriminals. Multiple vulnerabilities have been discovered Fortinet Products.
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs, and more.
A vulnerability has been discovered in Trimble Cityworks that could allow for remote code execution. Trimble Cityworks is a system that helps manage the lifecycle of assets for public infrastructure. It uses GIS (geographic information systems) to help with many tasks.
The NJCCIC received reports of a business email compromise (BEC) campaign circulating using a compromised emergency management email account. The phishing email referenced a contract and directed the recipient to click a link to view a related document.
First discovered in 2022, XWorm malware is a remote access trojan (RAT) capable of evading detection and collecting sensitive information, including financial details, browsing history, saved passwords, and cryptocurrency wallet data. XWorm tracks keystrokes, captures webcam...
