My Courses
-
Android malware targeting banking applications through NFC relay scams and call hijacking
Cybersecurity researchers have identified a new Android trojan named PhantomCard, which exploits Near-Field Communication (NFC) technology to execute relay attacks aimed at facilitating fraudulent transactions…
-
MadeYouReset vulnerability in HTTP2 facilitates large-scale DDoS attacks
A new Distributed Denial of Service (DDoS) attack vector has emerged, exploiting flaws in HTTP/2 implementations. This vulnerability, dubbed ‘MadeYouReset’, has drawn comparisons to the…
-
Bypassing Passkey Login through Manipulation of the WebAuthn Process
Researchers at the enterprise browser security firm SquareX have demonstrated a significant vulnerability in passkey security systems. They revealed that an attacker could impersonate a…
-
Hackers using specialized phishing tools for downgrade attacks on FIDO authentication
A sophisticated new threat vector has emerged that could undermine one of the most trusted authentication methods in cybersecurity. FIDO-based passkeys, long considered the gold…
-
AI-assisted SOC boosts efficiency and cuts investigation time
Security operations have never been a 9-to-5 job. For Security Operations Centre (SOC) analysts, the day often begins and ends deep in a queue of…
-
Croatian research institute targeted by ToolShell ransomware attack
The Ruđer Bošković Institute (RBI), the largest Croatian science and technology research institute, confirmed that it was among “at least 9,000 institutions worldwide” targeted by…
-
Microsoft has addressed the “BadSuccessor” Kerberos vulnerability identified as CVE-2025-53779.
In August 2025, Microsoft released security updates addressing over 100 vulnerabilities across its products, including a significant relative path traversal flaw in Windows Kerberos (CVE-2025-53779)….
-
NIST releases lightweight cryptography standard for IoT devices
The National Institute of Standards and Technology (NIST) has finalised a lightweight cryptography standard aimed at safeguarding even the smallest networked devices from cyberattacks. Published…
-
Manpower has reported that a data breach resulting from a ransomware attack has affected 140,000 individuals.
In January, the RansomHub ransomware group executed a significant cyberattack on the staffing and recruiting firm Manpower, resulting in a substantial data breach. This incident…
-
New Zoom and Xerox security updates address privilege escalation and remote code execution (RCE)
Zoom and Xerox have recently addressed significant security vulnerabilities in their respective software products, which could potentially lead to privilege escalation and remote code execution….
