ZÜRICH, Switzerland – Flowable, a global provider of enterprise automation and orchestration software, has been recognized in the…

ZÜRICH, Switzerland – Flowable, a global provider of enterprise automation and orchestration software, has been recognized in the inaugural 2025 Gartner® Magic Quadrant™ for Business Orchestration and Automation Technologies.

The Magic Quadrant evaluates vendors based on their completeness of vision and ability to execute. According to the Gartner report, “Business orchestration and automation technology platforms unify process orchestration, connectivity and agentic features to enable enterprise-wide automation.”

“We are honored to be included in Gartner’s first Magic Quadrant for Business Orchestration and Automation Technologies,” said Micha Kiener, chief technology officer and co-founder at Flowable. “We believe this recognition highlights our continued focus on dynamic case management, orchestration, and natively embedded agentic AI that help enterprises in regulated industries run complex work with adaptability and governance at enterprise scale.”

Flowable’s agentic case platform coordinates people, AI agents, and business processes in a unified, governed environment that delivers advanced intelligent automation, control, and autonomy. “Our platform is designed to coordinate humans and AI in a responsible, governed way-ensuring agility, auditability, and scale,” Kiener added.

The company’s capabilities, including agentic case management and its orchestration framework, are aligned with Gartner’s definition of a Business Orchestration and Automation Technology (BOAT) platform.

Flowable enables enterprises to model and automate complex, exception-driven processes across sectors such as banking, insurance, healthcare, and manufacturing. This approach ensures that critical business operations remain compliant and efficient even in highly regulated environments.

Flowable’s architecture also embeds responsible AI orchestration within its core, allowing organizations to safely integrate multi-agent systems while maintaining governance and transparency. Built on open automation standards – BPMN, CMMN, and DMN – the Flowable platform promotes interoperability, flexibility, and innovation without vendor lock-in.

For a complete view of the report’s assessment of the business orchestration and automation market and vendors, including Flowable, access the full report here.

****Gartner Disclaimer****

Gartner, Magic Quadrant for Business Orchestration and Automation Technologies, Saikat Ray, Tushar Srivastava, Marc Kerremans, Arthur Villa, Cathy Tornbohm, Sachin Joshi, 15 October 2025.

Gartner is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation.

Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

****About Flowable****

Flowable is a global provider of enterprise automation software headquartered in Zurich, Switzerland. Since 2010, Flowable’s software has helped organizations coordinate automation, people, and processes through a unified platform built on open standards. The company serves leading enterprises across industries where adaptability and accountability are essential. For more information, visit www.flowable.com.

****Media Contact****

Violet Diamanti-Race   
\[email protected\]  
+41 31 329 09 00

Gartner Recognizes Flowable in 2025 Magic Quadrant for Business Orchestration and Automation Technologies

Are you using a fake version of a popular app? Appknox warns US users about malicious brand clones hiding on third-party app stores. Protect yourself from hidden spyware and ‘commercial parasites.’

A new report from mobile application security provider Appknox reveals a troubling trend where malicious apps are masquerading as trusted brands like ChatGPT, DALL·E, and WhatsApp.

Appknox’s investigation, which focused on US-based third-party app stores, found that these app clones range from harmless unofficial interfaces to full-scale surveillance tools. More importantly, these fakes are currently available to US users through these alternative stores.

****The Advertising Deception****

One such app, named DALL·E 3 AI Image Generator, was found on the Aptoide store. Appknox researchers determined that this app pretends to be an image-generation tool from OpenAI, but it has no actual AI capability.

Instead, its code only connects to advertising networks like Unity Ads, AppsFlyer, Adjust, and Bigo Ads. The app displays a fake loading screen that looks like an image is being generated, but network logs confirm it is just loading advertisements in disguise.

“It’s not malware in the strict sense,” said Abhinav Vasisth, Lead Security Researcher at Appknox. Instead, “it is a commercial parasite that profits from deception. It sells ad impressions, not intelligence.”

Further probing revealed that this application was likely built using commercial templates from a developer known for reusing code across many fake app listings.

****Spyware Hidden Behind a Chat Icon****

The most serious threat is WhatsApp Plus. Disguised as an upgraded messenger, this app is a complete spyware framework. After installation, it silently requests broad permissions, including access to contacts, SMS, and device accounts. This access allows the app to intercept crucial data like one-time passwords (OTPs).

Apart from simple privacy invasion, the extensive permissions grant the spyware the power to intercept banking verification codes and execute identity fraud. In short, it doesn’t just steal information; it effectively steals a person’s digital identity and financial access.

For companies, spyware like WhatsApp Plus creates a systemic enterprise threat. It can steal multi-factor authentication codes and infiltrate corporate accounts. In regulated sectors (Finance, Healthcare), these risks massive compliance failures under frameworks like GDPR, HIPAA, and PCI-DSS, resulting in hefty fines, the report reads.

****The Grey Area: Harmless Wrappers****

However, researchers found that not all cloned apps are harmful. For instance, the ChatGPT Wrapper app was an authentic, unofficial interface that genuinely connected to the OpenAI API for chat requests, with no hidden malicious code.

This app actually sits in a “grey zone” of convenience as it is “not endorsed by OpenAI, but not deceptive either,” researchers noted in the blog post shared exclusively with Hackread.com.

These findings are alarming because they prove how easily users can be tricked by the AI hype. Given their diversity in deception, from simple ad traps to dangerous spyware, it becomes essential for users to be careful about where they download their apps from.

Spyware-Plugged ChatGPT, DALL·E and WhatsApp Apps Target US Users

Thor gets into the Halloween spirit, sharing new CVE trends, a “treat” for European Windows 10 users, and a reminder that patching is your best defense against zombie vulnerabilities.

Thursday, October 30, 2025 14:00

Welcome to this week’s edition of the Threat Source newsletter. 

This one is pretty much an updated, Halloween-themed version of my newsletter from July, including data up through Q3. 

October 14th has passed, so free support for Windows 10 has come to an end, leaving you with no more fixes unless you’re willing to pony up. While users in many countries must now pay to get Windows 10 security updates (the "trick"), private users in the European Economic Area get free security updates (the "treat") until Oct. 14, 2026. This special reward, won after consumer rights groups pushed Microsoft to do better under EU law,  means no $30 fee, no reward points, and no cloud backup needed... just a Microsoft account.  

There's another trick: The treat is for consumers, not companies, and there are some technical prerequisites (described here). 

While Cybersecurity Awareness Month is coming to end, you still have a chance to reach out to friends and family and encourage them to update their software (one of the Core4 Messages this year). Get them to enable the Extended Security Updates (ESU), update to Windows 11, or migrate to any other OS that will receive future patches. 

Patching is critical. In Q3, we did not run short on vulnerabilities.

Figure 1. Total number of CVEs per year.

With roughly 35,000 CVEs by the end of September, we are still tracking a pace of about 130 CVEs per day. If the almost-linear trend continues, we will land at round about 47,000 for 2025. And for legal purposes, I am **not** challenging anyone to break the barrier of 50,000! 

This is not just about theoretical vulnerabilities. Known Exploited Vulnerabilities (KEVs) are also on the rise. In comparison, the number of KEVs stayed nearly the same between 2023 and 2024, with 187 and 186, respectively.

Figure 2. Total number of KEVs per year.

With 183 at the end of Q3, I think it is safe to say we are going to surpass the number this year. (Spoiler: At the time of writing, there were already 210.) KEVs that affect network-related gear are up by 3% to 28%, which is not a massive increase but for sure a relevant portion. Overall, vendor diversity also continues to expand, increasing from 61 in July to 79 so far this year.

Figure 3. CVE from year added to KEV in 2025.

While the oldest CVE added to the catalog was from 2017 last time, the third quarter introduced a few new negative records from 2007, 2013, 2014, and 2016. 

While this isn't a part of our Q3 data, CVE-2025-59287 caught my attention late Friday afternoon. I didn’t expect WSUS service to be publicly exposed to the internet, but it found its way into the KEV, too. 

In a pumpkin shell: Keep stalking those bugs and patching your spells, because vulnerabilities won’t patch themselves. Happy Halloween!

**The one big thing **

We're introducing the Tool Talk series, where Talos shares open-source tools alongside practical insights, tips, and enhancements to help cybersecurity professionals and researchers work smarter and more effectively.  

Our first post introduces dynamic binary instrumentation (DBI) and provides a step-by-step guide to building your own DBI tool using the open-source DynamoRIO framework on Windows 11. DBI lets you analyze and modify running programs — crucial for malware analysis, security audits, reverse engineering, and performance profiling — even when you don’t have the original source code. The post covers DynamoRIO’s strengths, compares it to other frameworks, and offers practical examples, including sample code from our GitHub repository. 

**Why do I care? **

If you’re interested in malware analysis, debugging, or getting a deeper look inside how binaries behave at runtime, this blog shows you how to do all that without needing source code access. DBI tools like DynamoRIO are essential for modern security research, especially for bypassing common malware defenses and anti-analysis tricks. 

**So now what? **

Ready to get hands-on? Follow the blog’s step-by-step instructions to build your own DBI client, test it out, and explore the example code provided. Whether you’re looking to automate malware analysis, profile software, or just tinker with low-level instrumentation, you’ll find everything you need to kickstart your own DBI projects.

**Top security headlines of the week **

**Microsoft issues emergency patch for critical Windows Server bug**   
This CVE is a remote code execution (RCE) flaw in WSUS, which is part of Windows Server and allows administrators to schedule, manage, and deploy patches, hotfixes, service packs, and other updates. (DarkReading) 

**Shutdown sparks 85% increase in U.S. government cyberattacks**   
Cyberattacks against federal employees have nearly doubled since the US government shut down on Oct. 1. Experts emphasize that the most serious cyber consequences of the shutdown won't come in the form of immediate breaches. (DarkReading) 

**Over 250 Magento stores hit overnight as hackers exploit new Adobe Commerce flaw**   
E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Commerce and Magento Open Source platforms. (The Hacker News) 

**Hacking Team successor linked to malware campaign, new “Dante” commercial spyware**   
Kaspersky found that victims were infected through personalized phishing links exploiting a zero-day Chrome vulnerability, with the campaign targeting a broad range of Russian organizations for espionage. (CyberScoop) 

**Can’t get enough Talos? **

*   **The TTP: How attackers use your own tools against you**   
    From a wave of Toolshell events, to a rise in post-exploitation phishing, and the misuse of legitimate tools like Velociraptor, the team unpacks Q3 trends. 
*   **Cybersecurity on a budget: Strategies for an economic downturn**   
    Budget cuts and layoffs make securing an organization more difficult. This blog offers practical strategies, creative defenses, and talent management advice to help your business stay secure when every dollar counts. 
*   **Principles of the CIA triad, threat intel, and threat hunting**   
    This recorded CCNA prep session with our own Pierre Cadieux teaches you how to effectively discuss risks and threats using the CIA triad, build a solid foundation in threat intelligence, and gain insight into how threat hunting operates in today’s security landscape.

**Upcoming events where you can find Talos **

*   Bsides Osijek (Nov. 5) Osijek, Croatia 
*   AVAR (Dec. 3 – 5) Kuala Lumpur, Malaysia

**Most prevalent malware files from Talos telemetry over the past week **

**SHA256: 9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507**    
MD5: 2915b3f8b703eb744fc54c81f4a9c67f    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=9f1f11a708d393e0a4109ae189bc64f1f3e312653dcf317a2bd406f18ffcc507    
Example Filename: e74d9994a37b2b4c693a76a580c3e8fe\_1\_Exe.exe    
Detection Name: Win.Worm.Coinminer::1201 

**SHA256: d933ec4aaf7cfe2f459d64ea4af346e69177e150df1cd23aad1904f5fd41f44a**    
MD5: 1f7e01a3355b52cbc92c908a61abf643    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=d933ec4aaf7cfe2f459d64ea4af346e69177e150df1cd23aad1904f5fd41f44a    
Example Filename: cleanup.bat    
Detection Name: W32.D933EC4AAF-90.SBX.TG 

**SHA256: c0ad494457dcd9e964378760fb6aca86a23622045bca851d8f3ab49ec33978fe**    
MD5: bf9672ec85283fdf002d83662f0b08b7    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=c0ad494457dcd9e964378760fb6aca86a23622045bca851d8f3ab49ec33978fe   
Example Filename: f\_003b84.html   
Detection Name: W32.C0AD494457-95.SBX.TG 

**SHA256: 41f14d86bcaf8e949160ee2731802523e0c76fea87adf00ee7fe9567c3cec610**    
MD5: 85bbddc502f7b10871621fd460243fbc    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=41f14d86bcaf8e949160ee2731802523e0c76fea87adf00ee7fe9567c3cec610    
Example Filename: 85bbddc502f7b10871621fd460243fbc.exe    
Detection Name: W32.41F14D86BC-100.SBX.TG 

**SHA256: 96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974**    
MD5: aac3165ece2959f39ff98334618d10d9    
Talos Rep: https://talosintelligence.com/talos\_file\_reputation?s=96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974   
Example Filename: 96fa6a7714670823c83099ea01d24d6d3ae8fef027f01a4ddac14f123b1c9974.exe    
Detection Name: W32.Injector:Gen.21ie.1201

Trick, treat, repeat

Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 billion suspected malicious calls and messages every month.
The tech giant also said it has blocked over 100 million suspicious numbers from using Rich Communication Services (RCS), an evolution of the SMS protocol, thereby preventing scams before they could even be sent.
In

Google on Thursday revealed that the scam defenses built into Android safeguard users around the world from more than 10 billion suspected malicious calls and messages every month.

The tech giant also said it has blocked over 100 million suspicious numbers from using Rich Communication Services (RCS), an evolution of the SMS protocol, thereby preventing scams before they could even be sent.

In recent years, the company has adopted various safeguards to combat phone call scams and automatically filter known spam using on-device artificial intelligence and move them automatically to the "spam & blocked" folder in the Google Messages app for Android.

Earlier this month, Google also globally rolled out safer links in Google Messages, warning users when they attempt to click on any URLs in a message flagged as spam and step them visiting the potentially harmful website, unless the message is marked as "not spam."

Google said its analysis of user-submitted reports in August 2025 found employment fraud to be the most prevalent scam category, where individuals searching for work are lured with fake opportunities in order to steal their personal and financial information.

Another prominent category relates to financially-motivated scams that revolve around bogus unpaid bills, subscriptions, and fees, as well as fraudulent investment schemes. Also observed to a lesser extent are scams related to package deliveries, government agency impersonation, romance, and technical support scams.

In an interesting twist, Google said it has increasingly witnessed scam messages arrive in the form of a group chat with a number of potential victims, as opposed to sending them a direct message.

"This shift may have happened because group messages can feel less suspicious to recipients, particularly when a scammer includes a fellow scammer in the group to validate the initial message and make it appear to be a legitimate conversation," Google said.

The company's analysis also found that the malicious messages stick to a "distinct daily and weekly schedule," with the activity commencing around 5 a.m. PT in the U.S., before peaking between 8 a.m. and 10 a.m. PT. The highest volume of fraudulent messages is typically sent on Mondays, coinciding with the start of the workday, when recipients are likely to be the busiest and less wary of incoming messages.

Some of the common aspects that tie these scams together are that they begin with a "Spray and Pray" approach by casting a wide net in hopes of reeling in a small fraction of victims by inducing a false sense of urgency through lures related to topical events, package delivery notifications, or toll charges.

The intention is to rush prospective targets into acting on the message without thinking too much, causing them to click on malicious links that are often shortened using URL shorteners to mask dangerous websites and ultimately steal their information.

Alternatively, scams can also embrace what's called as "Bait and Wait," which refers to a more calculated, personalised targeting method where the threat actor establishes rapport with a target over time before going for the kill. Scams like romance baiting (aka pig butchering) fall into this category.

Top three scam categories

"The scammer engages you in a longer conversation, pretending to be a recruiter or old friend," Google explained. "They may even include personal details gathered from public websites like your name or job title, all designed to build trust. The tactics are more patient, aiming to maximize financial loss over time."

Regardless of the high-pressure or slow-moving tactic employed, the end goal remains the same: to steal information or money from unsuspecting users, whose details, such as phone numbers, are often procured from dark web marketplaces that sell data stolen from security breaches.

The operation is also supported by suppliers that provide the necessary hardware for operating phone and SIM farms that are used to blast smishing messages at scale, Phishing-as-a-Service (PhaaS) kits that deliver a turnkey solution to harvest credentials and financial information and manage the campaigns, and third-party bulk messaging services to distribute the messages themselves.

"\[The messaging services\] are the distribution engine that connects the scammer's infrastructure and target lists to the end victim, delivering the malicious links that lead to the PhaaS-hosted websites," Google said.

The search behemoth also described the scam message landscape as highly volatile, where fraudsters seek to purchase SIM cards in bulk from markets that present the fewest obstacles.

"While it may appear that waves of scams are moving between countries, this constant churn doesn't mean scammers are physically

relocating," it added. "Once enforcement tightens in one area, they simply pivot to another, creating a perpetual cycle of shifting hotspots."

"While it may appear that waves of scams are moving between countries, this constant churn doesn't mean scammers are physically relocating," it added. "Once enforcement tightens in one area, they simply pivot to another, creating a perpetual cycle of shifting hotspots."

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

Google's Built-In AI Defenses on Android Now Block 10 Billion Scam Messages a Month

The open-source command-and-control (C2) framework known as AdaptixC2 is being used by a growing number of threat actors, some of whom are related to Russian ransomware gangs.
AdaptixC2 is an emerging extensible post-exploitation and adversarial emulation framework designed for penetration testing. While the server component is written in Golang, the GUI Client is written in C++ QT for

The open-source command-and-control (C2) framework known as AdaptixC2 is being used by a growing number of threat actors, some of whom are related to Russian ransomware gangs.

AdaptixC2 is an emerging extensible post-exploitation and adversarial emulation framework designed for penetration testing. While the server component is written in Golang, the GUI Client is written in C++ QT for cross-platform compatibility.

It comes with a wide range of features, including fully encrypted communications, command execution, credential and screenshot managers, and a remote terminal, among others. An early iteration was publicly released by a GitHub user named "RalfHacker" (@HackerRalf on X) in August 2024, who describes themselves as a penetration tester, red team operator, and "MalDev" (short for malware developer).

In recent months, AdaptixC2 has been adopted by various hacking groups, including threat actors tied to the Fog and Akira ransomware operations, as well as by an initial access broker that has leveraged CountLoader in attacks that are designed to deliver various post-exploitation tools.

Palo Alto Networks Unit 42, which broke down the technical aspects of the framework last month, characterized it as a modular and versatile framework that can be used to "comprehensively control impacted machines," and that it has been put to use as part of fake help desk support call scams via Microsoft Teams and through an artificial intelligence (AI)-generated PowerShell script.

While AdaptixC2 is offered as an ethical, open-source tool for red teaming activities, it's also clear that it has attracted the attention of cybercriminals.

Cybersecurity company Silent Push said RalfHacker's GitHub bio about them being a "MalDev" triggered an investigation, allowing them to find several email addresses for GitHub accounts linked to the account's owner, in addition to a Telegram channel called RalfHackerChannel, where they re-shared messages posted on a dedicated channel for AdaptixC2. The RalfHackerChannel channel has more than 28,000 subscribers.

In a message on the AdaptixFramework channel in August 2024, they mentioned their interest in starting a project about a "public C2, which is very trendy right now" and hoped "it will be like Empire," another popular post-exploitation and adversary emulation framework.

While it's currently not known if RalfHacker has any direct involvement in malicious activity tied to AdaptixC2 or CountLoader at this stage, Silent Push said their "ties to Russia's criminal underground, via the use of Telegram for marketing and the tool's subsequent uptick in utilization by Russian threat actors, all raise significant red flags."

The Hacker News has reached out to RalfHacker for comment, and we will update the story if we hear back.

Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

Russian Ransomware Gangs Weaponize Open-Source AdaptixC2 for Advanced Attacks

Ribbon Communications discloses a year-long breach by nation-state actors. The attack highlights critical supply chain risk, reflecting the Salt Typhoon and F5 espionage trends.

Ribbon Communications, a key American telecom firm that helps run the world’s major phone and data networks, has revealed a major security breach. The company confirmed that nation-state hackers, working for an unnamed foreign power, infiltrated its computer systems and remained hidden for almost a full year without detection.

The Texas-based company, which makes the technology that enables real-time communications (like allowing a standard voice call to connect with web-based systems or conference applications), made the disclosure public in its 10-Q Quarterly Report filed with the US Securities and Exchange Commission (SEC) and published on its own website on October 23.

Ribbon Communications 10-Q filing with the SEC (Credit: Hackread.com)

****Discovery and Damage Assessment****

Ribbon discovered the unauthorised access in early September 2025, prompting an immediate investigation. Early probing revealed that the initial compromise may have occurred as far back as December 2024.

The company stated that they have found no evidence yet that the attackers gained access to any “material information” or managed to infiltrate any of their customers’ own systems. However, they did confirm that the hackers accessed four older customer files saved on two laptops outside of the main network, and the three smaller customers whose files were involved have already been notified.

****A Broader Espionage Trend****

Ribbon Communications is currently working with federal law enforcement and multiple outside experts to investigate the intrusion, and they believe the attackers have been successfully evicted from the network.

This exposure is particularly upsetting because Ribbon Communications serves a vast, international customer base, including telecom giants like Verizon, BT, Deutsche Telekom, and even the US Department of Defence.

This incident intensifies the threat to telco firms, given the consistently increasing trend of nation-state actors targeting them for espionage. As _Hackread.com_ has been observing lately, this aligns with major ongoing campaigns such as the Salt Typhoon campaign, where telecom organisations globally were targeted using backdoors like SNAPPYBEE and leveraging network device vulnerabilities.

It also follows the recent state-backed attack on F5, which led to the theft of BIG-IP source code and vulnerability research. The pattern shows a clear focus on technology providers to gain deep intelligence.

The year-long breach comes as no surprise that companies like Ribbon are high-value targets for state-aligned hackers, especially since they work with both major government and critical infrastructure organisations, making them a vital point of compromise in the global supply chain

In response to the news, Ryan McConechy, CTO of Barrier Networks, shared comments with Hackread.com, emphasising the concerning stealth of the attack:

“This latest breach against a major telecommunications provider is further evidence that the online world has become the preferred playing field for all adversaries today. We don’t know which nation state is behind the attack, or what their MO was, but the fact that they were inside the network for as long as a year before being noticed is deeply concerning.

This could also suggest the attack was executed out of China, as their attackers often rely on living off the land and stealthy techniques to stay under the radar for as long as possible, allowing them to conduct reconnaissance, which can advance their objectives in the future.”

McConechy concluded by stressing the need for better preparation among critical infrastructure providers:

“As nation state threat actors focus their attention on targeting critical infrastructure and other telco firms, it is essential these organisations are prepared for these assaults. The UK government recently updated its cyber-Code of Practice for Telcos, so following the recommendations outlined there is a vital first step.”

Year-Long Nation-State Hack Hits US Telecom Ribbon Communications

User with CREATE and no UPDATE privilege for Pools, Connections, Variables could update existing records via bulk create API with overwrite action.

Skip to content

**Navigation Menu**

*   *   AI CODE CREATION
        
        *   GitHub CopilotWrite better code with AI
            
        *   GitHub SparkBuild and deploy intelligent apps
            
        *   GitHub ModelsManage and compare prompts
            
        *   MCP RegistryNewDiscover and integrate external tools
            
        
    
    View all features
    

*   Pricing

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

Appearance settings

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2025-62503

**Apache Airflow's create action can upsert existing Pools/Connections/Variables**

Moderate severity GitHub Reviewed Published Oct 30, 2025 to the GitHub Advisory Database • Updated Oct 30, 2025

**Package**

pip apache-airflow (pip)

**Affected versions**

\>= 3.0.0, < 3.1.1

**Description**

Published to the GitHub Advisory Database

Oct 30, 2025

Last updated

Oct 30, 2025

**EPSS score**

GHSA-gp5f-cx7h-8q6f: Apache Airflow's create action can upsert existing Pools/Connections/Variables

API users via `/api/v2/dagReports` could perform Dag code execution in the context of the api-server if the api-server was deployed in the environment where Dag files were available.

Skip to content

**Navigation Menu**

*   *   AI CODE CREATION
        
        *   GitHub CopilotWrite better code with AI
            
        *   GitHub SparkBuild and deploy intelligent apps
            
        *   GitHub ModelsManage and compare prompts
            
        *   MCP RegistryNewDiscover and integrate external tools
            
        
    
    View all features
    

*   Pricing

**Provide feedback**

**Saved searches****Use saved searches to filter your results more quickly**

Sign up

Appearance settings

1.  GitHub Advisory Database
2.  GitHub Reviewed
3.  CVE-2025-62402

**Apache Airflow \`/api/v2/dagReports\` executes DAG Python in API**

Moderate severity GitHub Reviewed Published Oct 30, 2025 to the GitHub Advisory Database • Updated Oct 30, 2025

**Package**

pip apache-airflow (pip)

**Affected versions**

\>= 3.0.0, < 3.1.1

**Description**

Published to the GitHub Advisory Database

Oct 30, 2025

Last updated

Oct 30, 2025

**EPSS score**

GHSA-273c-4g26-4jpm: Apache Airflow `/api/v2/dagReports` executes DAG Python in API

Silver Spring, USA/ Maryland, 30th October 2025, CyberNewsWire

**Silver Spring, USA/ Maryland, October 30th, 2025, CyberNewsWire**

*   **The new capabilities, anchored by Blended Identity and the MCP Identity Gateway, give enterprises a secure and auditable way to manage how AI agents identify themselves and access sensitive systems.**

Aembit today announced the launch of Aembit Identity and Access Management (IAM) for Agentic AI, a set of capabilities that help organizations safely provide and enforce access policies for AI agents as they move into production. The release introduces Blended Identity, which defines how AI agents act on behalf of verified users, and the MCP Identity Gateway, which ensures secure access to enterprise resources based on identity, access policy, and runtime attributes.

The new offering extends the Aembit Workload IAM Platform to address one of the most pressing operational questions in artificial intelligence and modern IT: how to control what autonomous and user-driven AI agents can access, under what conditions, and with what accountability.

AI agents are rapidly becoming a key part of enterprise operations. Nearly half of technology executives say they are already adopting or fully deploying agentic AI, and about the same share expect most of their AI deployments to be autonomous within two years, according to an EY survey. These agents retrieve sensitive data, open tickets, and execute code across cloud, on-premises, and SaaS environments.

Yet most access models were built for people, not self-directed software. Many still rely on static secrets and shared credentials, creating risk and obscuring accountability. Worse yet, agents’ actions are often hidden behind the identity of a human, making it almost impossible to audit the actions each actor has taken. The result is a widening gap between the pace of AI adoption and the ability of organizations to secure it with confidence.

Aembit IAM for Agentic AI assigns each agent a cryptographically verified identity, issues ephemeral credentials, and enforces policy at runtime. The system records every access decision and maintains attribution across both human-driven and autonomous agent activity. By bringing agent activity under the same centralized policy control plane that governs other workloads, Aembit enables enterprises to deploy AI at scale while maintaining control, auditability, and compliance.

> “Enterprises want to say yes to agentic AI, and they’re asking Aembit for ways to securely grant agents access to data and applications,” said David Goldschlag, co-founder and CEO of Aembit. “Aembit IAM for Agentic AI gives enterprises the same level of control and audit over agent access that IAM systems have long provided for employees. Our approach enables organizations to advance their AI initiatives without expanding their threat and risk surface.”

The release introduces two core capabilities to the Aembit Workload IAM Platform:

*   **Blended Identity**, which gives every AI agent its own verified identity and, when needed, binds it to the human it represents. This establishes a single, traceable identity for each agent action and allows Aembit to issue a secure credential that reflects that combined context.
*   **MCP Identity Gateway**, which receives that identity credential and controls how agents connect to tools through the Model Context Protocol (MCP). The gateway authenticates the agent, enforces policy, and performs token exchange to securely retrieve the necessary access permissions for each connected resource – without ever exposing them to the agent runtime.

Together, this functionality allows enterprises to apply least-privilege access, revoke permissions immediately when needed, and ensure that every AI action is attributable and auditable. They operate on Aembit’s established Workload IAM foundation, which enforces policy dynamically at runtime, issues ephemeral credentials just in time, and records structured events for full traceability.

Aembit developed IAM for Agentic AI through collaboration with large businesses, government organizations, and innovative agentic AI startups deploying AI for operational and security workloads. Those efforts helped shape an approach that combines enterprise enforcement with the adaptability AI projects demand.

> “AI agents don’t live inside one stack or trust domain,” said Kevin Sapp, co-founder and CTO of Aembit. “They move between hybrid environments in seconds. With Aembit, every agent carries a verified identity that our gateway can authenticate and control in real time. It’s how enterprises can give agents the access they need to work, while never losing sight of who they are or what they touch.”

Aembit IAM for Agentic AI is now available to customers using its Workload IAM Platform. Organizations can learn more, request a demo, or get started today at aembit.io.

**About Aembit**

Aembit is the identity and access management platform for agentic AI and workloads. It enforces access based on identity, context, and centrally managed policies, giving organizations a singular place to control access risk from AI agents, automate credential management, and accelerate AI adoption. With Aembit, enterprises can confidently control access to sensitive resources across all the workloads that power their business. Users can visit aembit.io and follow the company on LinkedIn.

**Contact**

**Apurva Dave**  
**Aembit**  
**\[email protected\]**

Aembit Introduces Identity and Access Management for Agentic AI

Security doesn’t fail at the point of breach. It fails at the point of impact. 
That line set the tone for this year’s Picus Breach and Simulation (BAS) Summit, where researchers, practitioners, and CISOs all echoed the same theme: cyber defense is no longer about prediction. It's about proof.
When a new exploit drops, scanners scour the internet in minutes. Once attackers gain a foothold,

**Security doesn't fail at the point of breach. It fails at the point of impact.**

That line set the tone for this year's **Picus** **Breach and Simulation (BAS) Summit**, where researchers, practitioners, and CISOs all echoed the same theme: cyber defense is no longer about prediction. It's about proof.

When a new exploit drops, scanners scour the internet in minutes. Once attackers gain a foothold, lateral movement often follows just as fast. If your controls haven't been tested against the exact techniques in play, you're not defending, you're hoping things don't go seriously pear-shaped.

That's why pressure builds long before an incident report is written. The same hour an exploit hits Twitter, a boardroom wants answers. As one speaker put it, _"You can't tell the board, 'I'll have an answer next week.' We have hours, not days."_

BAS has outgrown its compliance roots and become the daily voltage test of cybersecurity, the current you run through your stack to see what actually holds.

This article isn't a pitch or a walkthrough. It's a **recap of what came up on stage**, in essence, how BAS has evolved from an annual checkbox activity to a simple and effective everyday way of proving that your defenses are actually working.

****Security isn't about design, it's about reaction****

For decades, security was treated like architecture: **design**, **build**, **inspect**, **certify**. A checklist approach built on plans and paperwork.

Attackers never agreed to that plan, however. They treat defense like physics, applying continuous pressure until something bends or breaks. They don't care what the blueprint says; they care where the structure fails.

Pentests still matter, but they're snapshots in motion.

**BAS changed that equation.** It doesn't certify a design; it stress-tests the reaction. It runs safe, controlled adversarial behaviors in live environments to prove whether defenses actually respond as they should or not.

As Chris Dale, Principal Instructor at SANS, explains: The difference is mechanical: BAS measures **reaction**, not **potential**. It doesn't ask, _"Where are the vulnerabilities?"_ but _"What happens when we hit them?"_

Because ultimately, you don't lose when a breach happens, _you lose when the impact of that breach lands_.

****Real defense starts with knowing yourself****

Before you emulate/simulate the enemy, you have to understand yourself. You can't defend what you don't see - the forgotten assets, the untagged accounts, the legacy script still running with domain admin rights.

_sıla-blog-video-1\_1920x1080.mp4_

Then assume a breach and work backward from the outcome you fear the most.

Take **Akira**, for instance, a ransomware chain that deletes backups, abuses PowerShell, and spreads through shared drives. Replay that behavior safely inside your environment, and you'll learn, not guess, whether your defenses can break it midstream.

Two principles separated mature programs from the rest:

*   **Outcome first:** start from impact, not inventory.
*   **Purple by default:** BAS isn't red-versus-blue theater; it's how intel, engineering, and operations converge — simulate → observe → tune → re-simulate.

As John Sapp, CISO at Texas Mutual Insurance noted, "teams that make validation a weekly rhythm start seeing proof where they used to see assumptions."

****The real work of AI is curation, not creation****

AI was everywhere this year, but the most valuable insight wasn't about power, it was about restraint. Speed matters, but provenance matters more. **Nobody wants an LLM model improvising payloads** or making assumptions about attack behavior.

For now, at least, the most useful kind of AI isn't the one that _creates_, it's the one that _organizes_, taking messy, unstructured threat intelligence and turning it into something defenders can actually use.

sıla-blog-video-2\_1920x1080.mp4

AI now acts less like a single model and more like a **relay of specialists**, each with a specific job and a checkpoint in between:

*   **Planner** — defines what needs to be collected.
*   **Researcher** — verifies and enriches threat data.
*   **Builder** — structures the information into a safe emulation plan.
*   **Validator** — checks fidelity before anything runs.

Each agent reviews the last, keeping accuracy high and risk low.

One example summed it up perfectly:

_"Give me the link to the Fin8 campaign, and I'll show you the MITRE techniques it maps to in hours, not days."_

That's no longer aspirational, it's operational. What once took a week of manual cross-referencing, scripting, and validation now fits inside a single workday.

**Headline → Emulation plan → Safe run.** Not flashy, just faster. Again, _hours, not days._

****Proof from the field shows that BAS works****

One of the most anticipated sessions of the event was a live showcase of BAS in real environments. It wasn't theory, **it was operational proof**.

A healthcare team ran ransomware chains aligned with sector threat intel, measuring **time-to-detect** and **time-to-respond**, feeding missed detections back into SIEM and EDR rules until the chain broke early.

An insurance provider demonstrated weekend BAS pilots to verify whether endpoint quarantines actually triggered. Those runs exposed silent misconfigurations long before attackers could.

The takeaway was clear:

BAS is already part of daily security operations, **not a lab experiment**. When leadership asks, _"Are we protected against this?"_ the answer now comes from evidence, not opinion.

****Validation turns "patch everything" into "patch what matters"****

One of the summit's sharpest moments came when the familiar board question surfaced: _"Do we need to patch everything?"_

The answer was unapologetically clear, **no.**

sıla-blog-video-3\_1920x1080.mp4

BAS-driven validation proved that **patching everything isn't just unrealistic**; _it's unnecessary_.

What matters is knowing which vulnerabilities are _actually exploitable_ in your environment. By combining vulnerability data with live control performance, security teams can see where real risk concentrates, not where a scoring system says it should.

"_You shouldn't patch everything,"_ Volkan Ertürk, Picus Co-Founder & CTO said. _"Leverage control validation to get a prioritized list of exposures and focus on what's truly exploitable for you."_

A CVSS 9.8 shielded by validated prevention and detection may carry little danger, while a medium-severity flaw on an exposed system can open a live attack path.

That shift, **from patching on assumption to patching on evidence**, was one of the event's defining moments. BAS doesn't tell you _what's wrong everywhere_; it tells you _what can hurt you here_, turning Continuous Threat Exposure Management (CTEM) from theory into strategy.

**You don't need a moonshot to start**

Another key takeaway from Picus security architecture leaders Gürsel Arıcı and Autumn Stambaugh's session was that **BAS doesn't require a grand rollout; it simply needs to get started.**

Teams began without fuss or fanfare, proving value in weeks, not quarters.

*   Most picked one or two scopes, finance endpoints, or a production cluster, and mapped the controls protecting them.
*   Then they chose a realistic outcome, like data encryption, and built the smallest TTP chain that could make it happen.
*   Run it safely, see where prevention or detection fails, fix what matters, and run it again.

In practice, that loop accelerated fast.

_By week three_, AI-assisted workflows were already refreshing threat intel and regenerating safe actions. By week four, validated control data and vulnerability findings merged into exposure scorecards that executives could read at a glance.

The moment a team watched a simulated kill chain stop mid-run **because of a rule shipped the day before**, everything clicked, BAS stopped being a project and became part of their daily security practice.

****BAS works as the verb inside CTEM****

Gartner's Continuous Threat Exposure Management (CTEM) model: "Assess, validate, mobilize" only works when validation is continuous, contextual, and tied to action.

**This is where BAS lives now.**

It's not a standalone tool; it's the engine that keeps CTEM honest, feeding exposure scores, guiding control engineering, and sustaining agility as both your tech stack and the threat surface shift.

The best teams run validation like a heartbeat. Every change, every patch, every new CVE triggers another pulse. _That's what continuous validation actually means_.

****The future lies in proof****

Security used to run on belief. BAS replaces belief with proof, running electrical current through your defenses to see where the circuit fails.

AI brings speed. Automation brings scale. Validation brings truth. BAS isn't how you talk about security anymore. It's how you prove it.

Be among the first to experience AI-powered threat intelligence. **Get your early access now!**

**Note:** _This article was expertly written and contributed by Sila Ozeren Hacioglu, Security Research Engineer at Picus Security._

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post.

Tag

#intel