The Department of Homeland Security (DHS) has released an Analysis Report (AR) related to malicious cyber activity designated as GRIZZLY STEPPE. This AR provides a thorough analysis of the methods threat actors use to infiltrate systems, as well as specific mitigation techniques that may be used to counter this threat.
US-CERT recommends that network administrators review the Analysis Report and the previously-released Joint Analysis Report for additional information and mitigation recommendations.
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-3502 TrueConf Client…