Well, this certainly isn’t what I expected to be talking about this week! But I think the fact it was someone most people didn’t expect to be on the receiving….

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shed light on a new malware called RESURGE that has been deployed as part of exploitation activity targeting a now-patched security….

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this….

Cybersecurity researchers have discovered a new Android banking malware called Crocodilus that’s primarily designed to target users in Spain and Turkey. “Crocodilus enters the scene not as a simple clone,….

In what’s an instance of hacking the hackers, threat hunters have managed to infiltrate the online infrastructure associated with a ransomware group called BlackLock, uncovering crucial information about their modus….

In another rare squid/cybersecurity intersection, APT37 is also known as “Squid Werewolf.” As usual, you can also use this squid post to talk about the security stories in the news….

First reported earlier in March 2025, VanHelsing is a new ransomware-as-a-service operation. Read more in my article on the Tripwire State of Security blog.

Cybersecurity researchers have disclosed 46 new security flaws in products from three solar inverter vendors, Sungrow, Growatt, and SMA, that could be exploited by a bad actor to seize control….

**security-research** Public # W3C – CSS Validator XXE ## Package ## Affected versions ## Patched versions ## Description ### Summary All versions of W3C CSS validator are vulnerable to XXE….

# CSPT Resources 27 Mar 2025 – Posted by Maxence Schmitt As a follow up to Maxence Schmitt’s research on **Client-Side Path Traversal (CSPT)**, we wanted to encourage researchers, bug….