My Courses
-
Recent techniques for lateral movement within Active Directory have emerged that circumvent authentication measures and enable data exfiltration.
At Black Hat USA 2025, Dirk-Jan Mollema unveiled sophisticated attack vectors that exploit hybrid Active Directory and Microsoft Entra ID environments, revealing how attackers can…
-
Cybercriminals are utilizing legitimate drivers to disable antivirus programs and weaken the security measures of a system.
In a sophisticated campaign first observed in October 2024, attackers have begun leveraging a legitimate driver to disable antivirus software across compromised networks. By abusing…
-
Organizations Alerted to Security Flaw in Microsoft Exchange Hybrid Setup
CISA and Microsoft have recently issued critical advisories regarding CVE-2025-53786, a high-severity vulnerability that poses a significant risk of privilege escalation in cloud environments. This…
-
Recent HTTP request smuggling attacks have affected content delivery networks (CDNs), large organizations, and millions of websites.
A recent wave of HTTP Request Smuggling attacks has exploited vulnerabilities in HTTP/1.1, significantly impacting numerous websites, including those of major organisations and Content Delivery…
-
Nvidia has stated that its chips do not contain any backdoors, kill switches, or spyware.
Nvidia Corporation has issued a strong statement asserting that its Graphics Processing Units (GPUs) contain no backdoors, kill switches, or spyware. This declaration directly addresses…
-
HeartCrypt’s EDR Killer Tools called ‘AVKiller’ are currently being utilized in ransomware attacks.
Cybersecurity teams have recently faced a significant threat from a novel payload known as “AVKiller,” which has been observed disabling endpoint defences to facilitate ransomware…
-
1.2 million healthcare devices and systems have had their data exposed online, putting patient records in jeopardy of being compromised.
New research by European cybersecurity company Modat has revealed that over 1.2 million internet-connected healthcare devices and systems are exposed, endangering patient data. The findings…
-
Zero-Day Vulnerabilities in HashiCorp Vault Allow Attackers to Execute Code Remotely
In early August 2025, security researchers uncovered a series of critical zero-day vulnerabilities in HashiCorp Vault, a widely adopted secrets management solution. These vulnerabilities, which…
-
Techniques for Preventing Python Supply Chain Attacks
The Python ecosystem, powered by the Python Package Index (PyPI), has become a cornerstone for modern software development. From machine learning libraries to web frameworks,…
-
Gemini compromised through a prompt injection in a Google Calendar invitation
Artificial intelligence assistants are becoming deeply integrated into our digital lives. From managing emails to controlling smart home devices, AI tools like Google’s Gemini are…
