Eclypsium Research discusses critical vulnerabilities in American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC) software, affecting millions of devices. These vulnerabilities enable unauthenticated remote code execution and unauthorized device access.| Eclypsium | Supply Chain Security for the Modern Enterprise
Verizon DBIR 2025 Key Stats: Network Device Attacks, Third Party Risk, and More Massive shifts in cyber attack behavior have been revealed in the 2025 Verizon Data Breach Investigation Report (DBIR). Here are a few of the most surprising stats with real world implications for cybersecurity strategy and attack surface management. Network Device and Edge […]| Eclypsium | Supply Chain Security for the Modern Enterprise
Last week CISA took a major step in the fight against ransomware and state-sponsored attacks by issuing Binding Operational Directive 23-02. This directive directly calls out an area where threat actors are the most active and successful in the wild—the exploitation of network infrastructure appliances such as VPNs, switches, routers, and firewalls as well as […]| Eclypsium | Supply Chain Security for the Modern Enterprise
Eclypsium Research has discovered and reported 5 vulnerabilities in AMI MegaRAC Baseboard Management Controller (BMC) software. MegaRAC BMC is widely used by many leading server manufacturers to provide “lights-out” management capabilities for their server products.| Eclypsium | Supply Chain Security for the Modern Enterprise
Secure the hardware and firmware of AI data centers at the foundations, from the supply chain to secure decommissioning of devices. AI is the defining competition| Eclypsium | Supply Chain Security for the Modern Enterprise
Network devices were impacted by over 50% of the most routinely exploited vulnerabilities in 2023, and most were zero days.| Eclypsium | Supply Chain Security for the Modern Enterprise
AI is now critical infrastructure—and its foundation is under attack. As the global AI arms race accelerates, nation-state hackers are targeting the hardware, firmware, and supply chains powering AI data centers and neocloud platforms. In this webinar, we’ll explore the escalating risks, the rapid buildout of AI infrastructure, and how IT supply chain security can protect the core technologies driving today’s most advanced workloads.| Eclypsium | Supply Chain Security for the Modern Enterprise
F5 recently disclosed that a nation-state actor accessed a proprietary BIG-IP development network, including source code and details about vulnerabilities still under development. Bloomberg reported that the company sent customers a threat hunting guide for the “Brickstorm” malware, linked by Mandiant to UNC5221—a China-based state-sponsored group known for stealing source code from major tech providers. […] The post F5 Systems Compromised, BIG IP Vulnerabilities Exfiltrated: What To ...| Eclypsium | Supply Chain Security for the Modern Enterprise
UEFI shell vulnerabilities allow attackers to bypass Secure Boot One of our fears, as individuals who have spent years examining firmware security, is stumbling upon a vulnerability that reveals the fundamental flaws in our trust models. Recently, that fear became a reality when we conducted deeper research into signed UEFI shells and discovered what can […] The post BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices appeared first on Eclypsium | Supply Chain Security...| Eclypsium | Supply Chain Security for the Modern Enterprise
In this episode of Below the Surface, the hosts discuss various cybersecurity topics, including the Red November campaign targeting network edge devices, the implications of the Cisco SNMP vulnerability, and the recent vulnerabilities associated with Cisco ASA devices. They also delve into the hybrid Petya ransomware and its connection to supply chain security, emphasizing the […] The post BTS #61 - Red November, Cisco Vulnerabilities, and Supply Chain Security appeared first on Eclypsium |...| Eclypsium | Supply Chain Security for the Modern Enterprise
The post GovWare 2025 appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.| Eclypsium | Supply Chain Security for the Modern Enterprise
Cisco SNMP Vulnerability (CVE-2025-20352) is evidence that attackers will weaponize mismanaged credentials and unpatched edge devices the moment the window opens. Supply chain security, visibility, behavioral monitoring, and privileged access discipline are no longer optional—they’re essential.| Eclypsium | Supply Chain Security for the Modern Enterprise
The post Dropping FBOMs: Securing Your Supply Chain with Software and Firmware Bills of Materials appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.| Eclypsium | Supply Chain Security for the Modern Enterprise
The Edge Case That Became the Main Event Network edge devices such as routers, switches, firewalls, VPNs, and access points are being targeted by waves of cyberattacks. The RedNovember attack campaign disclosed by RecordedFuture’s Insikt Group is the latest in a string of campaigns targeting SonicWall, Cisco, Palo Alto, Fortinet, and Ivanti devices inside government, […] The post The Hunt for RedNovember: A Depth Charge Against Network Edge Devices appeared first on Eclypsium | Supply Cha...| Eclypsium | Supply Chain Security for the Modern Enterprise
Transcript CISA ED 25 03 – Cisco Security Update: Multiple Critical Vulnerabilities Under Active Attack Host: Chase SnyderRecording Date: September 2025 Current Threat Landscape Overview Chase: Cisco is in the news and in the crosshairs of cyber attackers today, so we’re going to do a quick update on the threat landscape around Cisco because there are several different […] The post CISA ED 25-03 Warns of Cisco ASA Device Compromises appeared first on Eclypsium | Supply Chain Security...| Eclypsium | Supply Chain Security for the Modern Enterprise
Attackers Living Outside The Operating System Like many in our field, I thought we’d seen the last of Petya-style attacks after the chaos of 2017. As it turns out, that was wishful thinking. ESET Research recently uncovered something that caught my attention immediately – a new variant they’ve dubbed “HybridPetya” that combines ransomware with UEFI […] The post HybridPetya Ransomware Shows Why Firmware Security Can't Be an Afterthought appeared first on Eclypsium | Supply Chain Se...| Eclypsium | Supply Chain Security for the Modern Enterprise
Firmware protection is gaining increased urgency as cyberattackers from ransomware gangs to nation state APTs target firmware vulnerabilities to maintain persistence in target environments. Eclypsium has been mentioned as a sample vendor in two Gartner Hype Cycles in 2025 under the Firmware Protection as a Service product category. Why Firmware Protection Is Important to Infrastructure […] The post Eclypsium Acknowledged for the Firmware Protection as A Service Category in two Gartner® H...| Eclypsium | Supply Chain Security for the Modern Enterprise
In this episode of Below the Surface, the hosts discuss various cybersecurity topics, including the evolution of malware with a focus on Hybrid Petya, the implications of UEFI vulnerabilities, and the security risks associated with Windows 10’s end of life. They also explore the vulnerabilities of Cisco ASA devices, the rise of supply chain attacks […] The post BTS #60 - HybridPetya and UEFI Threats appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.| Eclypsium | Supply Chain Security for the Modern Enterprise
UPDATE: CISA has issued an emergency directive about an active attack against CISCO ASA devices. A massive surge in scans targeting Cisco Adaptive Security Appliance (ASA) devices was observed by GreyNoise in late August 2025, with over 25,000 unique IPs probing ASA login portals in a single burst. This anomalous activity is highly suggestive of […] The post Surge in Cisco ASA Scanning Hints At Coming Cyberattacks appeared first on Eclypsium | Supply Chain Security for the Modern Enterprise.| Eclypsium | Supply Chain Security for the Modern Enterprise
Eclypsium’s digital supply chain security platform secures the infrastructure code inside connected devices that most security products don’t touch.| Eclypsium | Supply Chain Security for the Modern Enterprise
Juniper routers are under attack using custom versions of open source backdoors, likely by nation-state adversaries targeting network infrastructure in telcos and ISPs.| Eclypsium | Supply Chain Security for the Modern Enterprise
Internal conflicts within the notorious Black Basta ransomware group have led to a massive leak of the group’s internal chat messages. While the messages are disorganized and full of internal jargon, they contain a wealth of insight into the group’s operations and techniques. This type of disclosure can be a goldmine for security professionals because […]| Eclypsium | Supply Chain Security for the Modern Enterprise
Attackers have a tendency to exploit legacy IT infrastructure, especially outdated and end-of-life (EOL) network devices, as they are often overlooked by security teams. Recent cases of router-based malware campaigns highlight the need for proactive defense even against decades-old vulnerabilities.| Eclypsium | Supply Chain Security for the Modern Enterprise
The GPUHammer Vulnerability is one of many hardware level security challenges facing AI infrastructure. Here’s what’s happening, and how to secure your GenAI Cloud workloads.| Eclypsium | Supply Chain Security for the Modern Enterprise
Get insights on how to protect supply chain security for your enterprise infrastructure with Eclypsium.| Eclypsium | Supply Chain Security for the Modern Enterprise
CISA’s Known Exploited Vulnerabilities catalog has added a baseboard management controller vulnerability for the first time, marking a paradigm shift in attacker behavior.| Eclypsium | Supply Chain Security for the Modern Enterprise
Eclypsium's platform enhances supply chain security by incorporating zero-trust in every device, fortifying hardware, firmware, and software.| Eclypsium | Supply Chain Security for the Modern Enterprise
The Eclypsium research team has discovered a previously unknown remotely exploitable vulnerability in AMI’s MegaRAC software that allows attackers to bypass authentication remotely.| Eclypsium | Supply Chain Security for the Modern Enterprise
Was it DNS? It’s always DNS. In this case, DNS (Domain Name System) is filled with sitting ducks (Ducks Now Sitting) for domain name hijacking. Multiple threat actors have been exploiting this attack vector which we are calling Sitting Ducks since at least 2019 to perform malware delivery, phishing, brand impersonation, and data exfiltration. As […]| Eclypsium | Supply Chain Security for the Modern Enterprise
