Microsoft is warning of several phishing campaigns that are leveraging tax-related themes to deploy malware and steal credentials. “These campaigns notably use redirection methods such as URL shorteners and QR….
# Localhost dangers: CORS and DNS rebinding What is CORS and how can a CORS misconfiguration lead to security issues? In this blog post, we’ll describe some common CORS issues….
HellCat – the ransomware gang that has been known to demand payment… in baguettes! Are they rolling in the dough? Bread it and weep in my article on the Tripwire….
On April 4, 2025, Ivanti released a security advisory regarding a critical vulnerability affecting their products. The vulnerability is known to be exploited in the wild. The vulnerability has been….
In April 2025, information about an easy-to-exploit critical vulnerability affecting CrushFTP was made public. It is recommended updating affected server as soon as possible. Proof of concepts are available, and….
On March 10, 2025, Apache released a security advisory regarding a critical vulnerability affecting the Apache Tomcat product. It is recommended updating the affected assets to a fixed version of….
The North Korean threat actors behind Contagious Interview have adopted the increasingly popular ClickFix social engineering tactic to lure job seekers in the cryptocurrency sector to deliver a previously undocumented….
The rules have changed. Again. Artificial intelligence is bringing powerful new tools to businesses. But it’s also giving cybercriminals smarter ways to attack. They’re moving quicker, targeting more precisely, and….
AI holds the promise to revolutionize all sectors of enterpriseーfrom fraud detection and content personalization to customer service and security operations. Yet, despite its potential, implementation often stalls behind a….
If you’ve ever taken a computer security class, you’ve probably learned about the three legs of computer security—confidentiality, integrity, and availability—known as the CIA triad. When we talk about a system being….
