MDR Services

Our Managed Detection and Response Services provide continuous monitoring from a team who’ll neutralise any breaches at speed...

Incident Response Services

Gain access to malware experts to quickly contain threats and reduce future exposure to attacks...

Gartner Recognised

Integrity360 has been recognised as a Gartner Representative Vendor.

Download our CyberFire MDR ebook

Many organisations are choosing CyberFire MDR to strengthen their defences. Discover how it can protect your business in our brochure.

The hidden human costs of a cyber attack

Cyber attacks often seem faceless, but hidden behind the headlines of financial loss and technical details there are very real human stories. 

The reality of ransomware in 2025: What you need to know

In 2025, we’re witnessing a shift in how ransomware operates, who it targets, and the consequences of falling victim.

Your guide to 2025: Trends and Predictions

Stay ahead of the latest cyber security industry developments, advancements and threats, and understand how you can best protect your organisation.

Cyber security testing services

Do you know what your company’s network vulnerabilities are? Businesses that invest in penetration testing do.

What is PCI? Your most common questions answered

If your business handles credit card data, PCI DSS compliance isn’t optional—it’s critical. From retailers and e-commerce platforms to service providers and financial institutions, securing credit card data is critical to customer trust and preventing fraud.

Weekly Threat roundups

Stay informed with the latest cyber security news with our weekly threat roundups.

The A-Z Glossary of cyber security terms

Confused about cyber security? Our A-Z Glossary of terms can help you navigate this complicated industry.

Read our latest blog

Despite its value, Penetration Testing is often misunderstood. 

Integrity360 completes SOC 2 certification to strengthen global cyber defence ecosystem

SOC 2 certification reflects Integrity360’s continued investment in strengthening cyber resilience for clients across highly regulated and high-risk industries. 

Integrity360 expands into France with acquisition of Holiseum

Holiseum will form a new Integrity360 services practice focused on OT/IoT and as a regional hub for the group in France

Integrity360 Emergency Incident Response button Under Attack?

Threat Advisories

threat advisory

Microsoft Patches Critical Entra ID Flaw Enabling Global Admin Impersonation Across Tenants

Microsoft patched a critical token-validation vulnerability in Entra ID (formerly Azure Active Directory) — CVE-2025-55241 — that could have allowed attackers to impersonate any user, including Global Administrators, across virtually any tenant. The flaw, assigned a CVSS score of 10.0, was reported by researcher Dirk-jan Mollema on 14 July 2025 and addressed by Microsoft on 17 July 2025. Microsoft states there is no evidence the issue was exploited in the wild and that no customer action was required after the fix.

Read More
threat advisory

Google Patches Chrome Zero-Day CVE-2025-10585 as Active V8 Exploit Threatens Millions

Google released security updates for Chrome to fix four vulnerabilities, including an actively exploited zero-day, CVE-2025-10585 — a type-confusion bug in the V8 JavaScript / WebAssembly engine that can lead to arbitrary code execution when a user visits a crafted webpage. Google’s Threat Analysis Group (TAG) reported the flaw on 16 September 2025 and confirmed an exploit exists in the wild. Technical details have been withheld to limit further abuse. 

Read More
threat advisory

Salesforce-Salesloft Data Breach

SalesLoft Drift is an AI-powered chat tool which interacts with Salesforce and is used by a number of large business for providing automated business support to customers. Beginning on August 08th 2025, attackers were able to compromise this tool with the objective of performing data theft.

Read More
threat advisory

CVE-2025-7775: Critical NetScaler Vulnerability Under Active Exploitation

Citrix NetScaler has had a difficult summer, with the vulnerability “CitrixBleed 2” being disclosed in July 2025 (a critical vulnerability causing memory exposure leaking sensitive information). However, this is not the end, as another critical vulnerability (CVE-2025-7775) was disclosed yesterday on the 26th of August. Because Citrix devices are normally public facing, the likelihood of exploitation in the wild increases significantly. In fact, both vulnerabilities have been actively exploited, according to Citrix. 

Read More
threat advisory

CVE20259132 Advisory – Google Chrome V8 OutofBounds Write

CVE-2025-9132 is a high-severity vulnerability affecting the V8 JavaScript engine in Google Chrome versions prior to 139.0.7258.138. It involves an out-of-bounds write that could lead to heap corruption or arbitrary remote code execution through a crafted HTML page.  

Read More
threat advisory

Critical Cisco secure firewall flaw (CVE-2025-20265) enables remote code execution

A newly disclosed critical security flaw (CVE-2025-20265) has been identified in multiple versions of Cisco Secure Firewall Management Centre (FMC). It could allow an unauthenticated, remote threat actor to execute arbitrary shell commands on the underlying system. The vulnerability resides when RADIUS authentication is enabled and affects FMC versions 7.0.7 and 7.7.0.  

Read More