Evolving under strain: Networks, cyber and EW in transition
What’s next in the military’s digital realm? Catch up on Breaking Defense’s coverage of how the Army’s reorganization, federal staff cuts and more are reshaping nonkinetic operations.
Cyber Security
How AI-driven decision-making is shaping Army modernization
[Sponsored] AI-powered automation helps solve warfighter problems, improve force readiness and enable mission execution.
CISA Alerts on Actively Exploited Windows Improper Access Control Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding an actively exploited vulnerability in Microsoft Windows. The flaw resides in the Windows Remote Access Connection Manager component, which handles remote …
Critical Samba Flaw Allows Remote Attackers to Execute Arbitrary Code
A newly disclosed vulnerability in Samba’s WINS server hook script enables unauthenticated attackers to run arbitrary commands on affected domain controllers. This critical flaw, tracked as CVE-2025-10230, carries a maximum CVSSv3.1 score of 10.0, refl…
Capita Fined £14 Million After Data Breach Exposes 6.6 Million Users
The UK’s Information Commissioner’s Office has imposed a £14 million penalty on Capita following a major cyber attack in March 2023 that exposed the personal information of 6.6 million people. The fine was split between Capita plc, which re…
Critical Apache ActiveMQ Let Attackers Execute Arbitrary Code
An important security flaw in Apache ActiveMQ’s .NET client library has put developers at risk of remote code execution. The vulnerability, tracked as CVE-2025-54539, exists in the Apache ActiveMQ NMS AMQP Client and can be triggered when the client co…
Windows BitLocker Flaws Allow Attackers to Bypass Encryption Protection
Two newly disclosed vulnerabilities in Microsoft’s BitLocker drive encryption feature could allow attackers to bypass encryption safeguards on Windows systems. Tracked as CVE-2025-55333 and CVE-2025-55338, these flaws involve incomplete comparison logi…
CISA Alerts on Adobe Experience Manager Flaw Exploited for Code Execution
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Adobe Experience Manager Forms vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, warning that the flaw is being actively exploited in the wild. The secur…
Microsoft’s October 2025 Patches Disrupt Active Directory Sync on Server 2025 Systems
Microsoft has confirmed a critical issue affecting Windows Server 2025 systems following the installation of October 2025 security updates. The problem disrupts Active Directory directory synchronization, specifically impacting organizations managing l…
Microsoft Halts Vanilla Tempest Cyberattack by Revoking Malicious Teams Installer Certificates
Microsoft has successfully disrupted a major cyberattack campaign orchestrated by the Vanilla Tempest threat group in early October 2025. The tech giant revoked over 200 fraudulent certificates that the cybercriminals had used to sign fake Microsoft Te…