Other News.

MITRE ATT&CK Blog:

• What Comes After Detection Rules? Smarter Detection Strategies in ATT&CK
• ATT&CK v17: New Platform (ESXi), Collection Optimization, & More Countermeasures
• v16 Cloud Rebalancing, Analytics,
• Introducing TAXII 2.1 and a fond farewell to the TAXII 2.0 Server
• ATT&CK v15 Brings the Action

---

The Hacker News:

• EvilAI Malware Masquerades as AI Tools to Infiltrate Global Organizations
• ⚡ Weekly Recap: Cisco 0-Day, Record DDoS, LockBit 5.0, BMC Bugs, ShadowV2 Botnet & More
• The State of AI in the SOC 2025 – Insights from Recent Study 
• Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security
• First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package

---

SANS Internet Storm Center:

• Infocon: green
• Increase in Scans for Palo Alto Global Protect Vulnerability (CVE-2024-3400), (Mon, Sep 29th)
• ISC Stormcast For Monday, September 29th, 2025 https://isc.sans.edu/podcastdetail/9632, (Mon, Sep 29th)
• New tool: convert-ts-bash-history.py, (Fri, Sep 26th)
• ISC Stormcast For Friday, September 26th, 2025 https://isc.sans.edu/podcastdetail/9630, (Fri, Sep 26th)

---

Threat Research:

• HeartCrypt’s wholesale impersonation effort
• GOLD SALEM’s Warlock operation joins busy ransomware landscape
• September Patch Tuesday handles 81 CVEs
• Velociraptor incident response tool abused for remote access
• Threat Intelligence Executive Report – Volume 2025, Number 4

---

NVD (National Vulnerability Database):

• CVE-2023-36409
• CVE-2023-36769
• CVE-2023-47004
• CVE-2023-45556
• CVE-2023-5605