Understanding the NCSC’s New API Security Guidance
Legislative, regulatory, and advisory bodies the world over are waking up to the importance of API security. Most recently, the…
Security
Welcoming Push Security to Have I Been Pwned’s Partner Program
Presently sponsored by: Malwarebytes Browser Guard blocks phishing, ads, scams, and trackers for safer, faster browsing As we gradually roll…
Yet Another Strava Privacy Leak
This time it’s the Swedish prime minister’s bodyguards. (Last year, it was the US Secret Service and Emmanuel Macron’s bodyguards.…
How to Shrink Your Cloud Attack Surface Without Adding Another Tool
Too many tools, not enough time. In cloud security, complexity is the enemy of prevention. Cloud security teams are drowning…
Buffer Busted: FortiOS Users Urged to Patch Buffer Overflow Vulnerability
Fortinet disclosed a critical security vulnerability in its FortiOS operating system, which is CVE-2025-24477. The flaw is classified as CWE-122,…
NTLM Hijack: DNN Users Urged to Patch Critical Unicode Flaw
DotNetNuke (DNN), a widely used open-source content management system (CMS) built on the .NET framework, has a critical vulnerability. This…
Ivanti EPM Under Fire: How Attackers Can Steal Credentials and Access Your Data
Ivanti has recently addressed three high-severity vulnerabilities in its Endpoint Manager (EPM) software. These flaws could allow attackers to decrypt…
CISA Issues Warning: Ongoing Attacks Exploiting Ruby on Rails Path Traversal Bug
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical warning about an actively exploited path traversal vulnerability in…
Bypassing Secure Boot: A Linux Initramfs Vulnerability (CVE-2016-4484)
Modern Linux systems implement layers of security, including Secure Boot, full-disk encryption, and bootloader passwords. However, a long-standing vulnerability in…
Inside the AI Threat Landscape: From Jailbreaks to Prompt Injections and Agentic AI Risks
AI has officially moved out of the novelty phase. What began with people messing around with LLM-powered GenAI tools for…