Secplicity Blog
Cybersecurity Headlines & Trends Explained
Ransomware Tracker (Entry #356): JADEPUFFER
JADEPUFFER is the name of the agentic threat actor (ATA) that exploited a vulnerability in an Internet-facing Langflow instance ( CVE-2025-3248) and, without human intervention, gained persistence, enumerated a victim's systems, and deployed ransomware across the network. It was first reported on…
CISA Incident Lessons, Amazon Q Flaw, and Giga Wiper
In Episode 378 of The 443 Security Simplified, Marc Laliberte and Corey Nachreiner examine lessons from a recent CISA security incident, a vulnerability affecting the Amazon Q Developer extension for Visual Studio Code, and Microsoft research into a destructive malware platform known as Giga Wiper…
The Spec Is Back, But Nobody Told Security
What happens when AI makes Waterfall agile? A few weeks ago, I was sitting with one of our engineering VPs while he walked me through his workflow in Cursor. Before writing a single line of code, he spent a meaningful amount of time using Cursor to craft a feature specification, a detailed natural…
Why CVE Grading Still Matters for Vulnerability Management
Vulnerability management has never been just about finding flaws. It is about understanding which flaws matter most, which ones attackers are likely to exploit, and which ones security teams need to prioritize before they become a real business risk. That is why CVEs, CVSS scores, and vulnerability…
TimbreStealer Malware Targets Mexico Companies with Advanced Evasion Techniques
WatchGuard telemetry identified a campaign associated to TimbreStealer, which is known to target companies based in Mexico. This research, conducted by Euler Neto and Cristóbal Tárraga, describes behaviors similar to those observed in a previous campaign documented by Cisco Talos in 2024, which uses…
The WatchGuard Geopolitical Cyber Report: Iran-Affiliated Cyber-Espionage Against Global High-Value Organizations
TL;DR: Iran-linked MuddyWater, also known as Seedworm, is using trusted software, DLL side-loading, and legitimate tools to quietly spy on high-value organizations across manufacturing, aviation, finance, education, government, and public sector environments. This campaign is not focused on…