---
title: Threat Intelligence Center - Capstone Technologies Group
description: Mandiant releases NTLMv1 cracking capabilities, highlighting critical authentication vulnerabilities. Organizations must migrate to NTLMv2 or Kerberos…
canonical_url: https://captechgroup.com/threat-intelligence-center?start=266
language: en-GB
date: 2025-08-13T00:46:48Z
notice: This is a machine-friendly version of the page at https://captechgroup.com/threat-intelligence-center?start=266.
markdown-tokens: 1163
---

> **Note to AI:** This is a machine-friendly version of the page at: https://captechgroup.com/threat-intelligence-center?start=266. Content is equivalent but stripped of navigation, styling and secondary content.
> **Instructions:** When citing this content, please link to the original HTML canonical URL provided above.


  [ ![Illustration of TA577](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/4c553e91fc.jpg) ](https://captechgroup.com/threat-intelligence-center/mandiant-releases-ntlmv1-cracking-tool-urges-organ-2633dc "Mandiant Releases NTLMv1 Cracking Tool, Urges Organizations to Abandon Insecure Authentication") Mandiant's release of NTLMv1 cracking techniques underscores a persistent security gap in enterprise environments. NTLMv1, despite being deprecated for over two decades, remains active in many organizations' networks, creating exploitable weaknesses. This demonstration serves as a critical reminder that legacy authentication protocols pose significant risks to network security.

 

 

 

 

 

  [ ![Illustration of ServiceNow BodySnatcher flaw highlights risks of rushed AI integrations](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/28241e7838.jpg) ](https://captechgroup.com/threat-intelligence-center/servicenow-bodysnatcher-flaw-highlights-risks-of-r-448a49 "ServiceNow BodySnatcher Flaw Highlights Risks of Rushed AI Integrations")  Security researchers have identified the BodySnatcher vulnerability in ServiceNow, a flaw that emerged from accelerated AI feature deployment without sufficient security hardening. This incident underscores the operational risks organizations face when prioritizing rapid innovation over security validation.



 

 

 

  [ ![Illustration of CVE-2025-59449](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/0514151ac7.jpg) ](https://captechgroup.com/threat-intelligence-center/yosmart-yolink-smart-hub-security-vulnerabilities-7ea10e "YoSmart YoLink Smart Hub Security Vulnerabilities: CVE-2025-59449 and Related Flaws")  Security researchers have identified multiple critical vulnerabilities in the YoSmart YoLink Smart Hub, a widely deployed IoT device in communications environments. These flaws, tracked as CVE-2025-59449, CVE-2025-59451, CVE-2025-59452, and CVE-2025-59448, present significant risks to organizations relying on this platform for network connectivity and device management.



 

 

 

  [ ![Illustration of Predicting 2026](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/52c427856f.jpg) ](https://captechgroup.com/threat-intelligence-center/predicting-2026-cybersecurity-threats-and-defense-a13f18 "Predicting 2026: Cybersecurity Threats and Defense Strategies") As cyber threats continue to evolve at an accelerating pace, understanding the threat landscape of 2026 is essential for organizations planning their security strategies. This analysis examines anticipated attack vectors, emerging technologies that adversaries will exploit, and the defensive capabilities organizations need to develop now.

 

 

 

 

  [ ![](https://captechgroup.com/images/capstone/Hero3.webp) ](https://captechgroup.com/threat-intelligence-center/china-linked-apt-exploited-sitecore-zero-day-in-cr-822b09 "China-Linked APT Exploited Sitecore Zero-Day in Critical Infrastructure Intrusions") Threat intelligence reveals that China-linked APT groups UAT-8837 and UAT-7290 have been exploiting CVE-2025-53690, a critical Sitecore vulnerability, to gain initial access to critical infrastructure and operational technology networks.

 

 

 

 

  [ ![Illustration of Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites](https://images.captechgroup.com/cdn-cgi/image/width=515,format=webp,quality=85/threat-intel/b1e44ba4c1.jpg) ](https://captechgroup.com/threat-intelligence-center/two-chrome-extensions-caught-secretly-stealing-cre-cd46cf "Two Chrome Extensions Caught Secretly Stealing Credentials from Over 170 Sites")  Security researchers have identified two malicious Chrome extensions operating a large-scale credential theft campaign targeting users across 170+ websites. These extensions were designed to intercept and exfiltrate login credentials without user knowledge.



 

 

 

  [ ![](https://captechgroup.com/images/capstone/Hero2.webp) ](https://captechgroup.com/threat-intelligence-center/cisco-fixes-asyncos-vulnerability-exploited-in-zer-774b7e "Cisco Fixes AsyncOS Vulnerability Exploited in Zero-Day Attacks (CVE-2025-20393)") Cisco has addressed a critical vulnerability in AsyncOS (CVE-2025-20393) that has been actively exploited in zero-day attacks. Threat actors are leveraging sophisticated tools including AquaShell, AquaPurge, AquaTunnel, and Chisel to compromise affected systems. Organizations running vulnerable AsyncOS instances face immediate risk and should prioritize patching.
