Top CWPP Vendors in 2025: The Ultimate Guide
Here’s a fun fact. Cloud Workload Protection Platforms (CWPPs) are no longer optional but essential. As cloud-native architectures grow more…
Security
Auto-Color Backdoor Weaponizes SAP Flaw for Stealthy Access
A critical zero-day vulnerability in SAP NetWeaver, CVE-2025-31324, is being exploited to deliver “Auto-Color,” a stealthy Linux backdoor. The vulnerability…
The hidden risks of browser extensions – and how to stay safe
Not all browser add-ons are handy helpers – some may contain far more than you have bargained for
Measuring the Attack/Defense Balance
“Who’s winning on the internet, the attackers or the defenders?” I’m asked this all the time, and I can only…
Why your computer will thank you for choosing Webroot Essentials
Let’s be honest – nobody wants antivirus software that slows down their computer. You know the feeling: you install security…
Aeroflot Hacked
Looks serious.
Microsoft Uncovers Sploitlight: How a Spotlight Plugin Flaw Evades macOS TCC Protections
Microsoft Threat Intelligence recently disclosed a serious macOS vulnerability dubbed Sploitlight. It tracked as CVE-2025-31199 that leverages Spotlight importer plugins…
Privileged Path Hijack: Eye Security Exposes Root-Level Vulnerability in Copilot Enterprise
SummaryOn April 18, 2025, Eye Security researchers identified a critical privilege escalation issue in Microsoft Copilot Enterprise’s live Python sandbox…
That Time Tom Lehrer Pranked the NSA
Bluesky thread. Here’s the paper, from 1957. Note reference 3.
Virtual Environments Under Fire: Fire Ant Campaign Breaches VMware Systems
A threat actor, codenamed Fire Ant, has targeted virtualization and networking infrastructure as part of a prolonged cyber-espionage campaign uncovered…