CISA Confirms Active Attacks on SysAid CVSS 9.3 Flaws Hijacking Admin Accounts; Patches Due August 12

The Cybersecurity and Infrastructure Security Agency (CISA) has confirmed active attacks exploiting two critical vulnerabilities in SysAid, a popular IT service management software. These flaws, rated with a CVSS score of 9.3, allow attackers to hijack administrator accounts, gain remote file access, and potentially execute malicious code. Patches addressing these vulnerabilities have been released, with a remediation deadline set for August 12, 2025. In related cybersecurity developments, researchers have identified a new variant of the Coyote malware that leverages a Windows feature to steal banking login credentials and facilitate financial fraud. Additionally, critical vulnerabilities in Sophos Firewall have been patched. Other industry updates include new approaches to detecting Kerberoasting attacks, the convergence of IT and operational technology security, and Microsoft’s integration of its Data Lake with the Sentinel Security Information and Event Management (SIEM) platform.