Cytidel Blog - Vulnerability Intelligence Insights

Inside the University of Nottingham Breach: ShinyHunters and the Oracle PeopleSoft Campaign

The University of Nottingham breach was blamed on Oracle WebLogic. The real flaw was elsewhere, in PeopleSoft PeopleTools, and it stayed a zero-day for the full two weeks ShinyHunters exploited it. The label you patch matters more than the headline you read.

The UK and Ireland: Two Countries Normally Closely Aligned, but Vastly Different in Their Response to Mythos

Anthropic's Claude Mythos demonstrated autonomous end-to-end exploitation. The UK called it a board-level risk. Ireland said defenders still hold the advantage. Why two closely-aligned governments diverged, and what it means for vulnerability management teams over the next six months

MCPwnfluence: What Two MCP Server Vulnerabilities Tell Us About the Next Attack Surface

MCPwnfluence: What two critical MCP server vulnerabilities tell us about the emerging attack surface for AI agents. As enterprises embed AI into workflows like Jira, the infrastructure connecting agents to internal systems is becoming a target. Here's what caught our attention and why it matters.

[Updated] Four 9.8s in SolarWinds Web Help Desk: Why We're Flagging This Before Exploitation Hits

💡Update (3 Feb 2026): CISA has now added CVE-2025-40551 to its Known Exploited Vulnerabilities (KEV) catalog, confirming active exploitation in the wild. Federal agencies have been ordered to patch within three days. If you haven't upgraded to Web Help Desk 12.8.9 yet, do it

CVE-2026-24858: FortiCloud SSO Let Attackers Log Into Other Customers' Devices

CVE-2026-24858 exploited in the wild: FortiCloud SSO Let Attackers Log Into Other Customers' Devices

CVE-2025-59718: Patched FortiGate Firewalls Are Still Being Exploited - Here's What You Need To Know

CVE-2025-59718: Patched FortiGate Firewalls Are Still Being Exploited and require urgent action

CVSS is 8.6 but Cytidel's Risk Rating is Low. Here's Why.

CVSS tells you potential impact. Threat intelligence tells you reality. Here's how a hybrid approach to vulnerability prioritisation actually works — and why a high CVSS score doesn't always mean high risk.

The Vulnerability Landscape So Far in 2025 — What It Means for Security Leaders

CVE volume and exploit speed have surged in 2025. With most teams able to fix only one in ten issues, and attackers moving within hours, vulnerability management has become a scale problem that demands a threat-led and automated approach.

When a Cornerstone Cracks: What the NVD’s Funding Crisis Means for Cybersecurity

Funding lapses and delays have exposed how fragile the National Vulnerability Database has become. As updates pause and backlogs grow, Cytidel explores what this means for vulnerability management — and how security teams can stay resilient when public data sources slow down.

From 3,000 Vulnerability Alerts to Focused Action: Three Sources To Get You Started

Security teams are drowning in vulnerability alerts. With 135,000+ "High" and "Critical" CVEs, traditional CVSS prioritization overwhelms teams. Learn how three intelligence sources - CISA KEV, EPSS, and MSRC - help you focus on what matters and move from alert fatigue to action

Top Trending Vulnerabilities of 2024

Cytidel take a look at the top trending vulnerabilities of 2024, plus some significant risk vulnerabilities you may have missed

DORA Compliance and your Threat & Vulnerability Management Programme. Part 2: Tips to get ready

This is part two of a two-part blog post series that aims to simplify what DORA compliance entails from a TVM perspective and offer actionab