My Courses
-
North Korean cybercriminals are exploiting NPM packages to pilfer cryptocurrency and confidential information.
A sophisticated North Korean cryptocurrency theft campaign has resurfaced, utilising twelve malicious NPM packages to target developers and steal digital assets. This campaign marks a…
-
SonicWall has issued a warning about a rise in cyberattacks aimed at their Generation 7 firewalls over the past 72 hours.
SonicWall has issued an urgent security advisory due to a significant rise in cyber incidents targeting its Gen 7 SonicWall firewalls over the past 72…
-
Kimsuky APT hackers are utilizing LNK files as a means to deploy reflective malware, successfully evading detection by Windows Defender.
The North Korean state-sponsored cyber-espionage group Kimsuky has launched a sophisticated campaign targeting South Korean entities through malicious Windows shortcut (LNK) files. This operation exemplifies…
-
Approov Secures $6.7 Million in Funding to Enhance Mobile App Security
Approov has successfully raised $6.7 million in Series A funding to enhance its mobile application and API security solutions. This significant investment will enable Approov…
-
Vibe Coding: If Everyone Becomes a Developer, Who is Responsible for Code Security?
As AI technology continues to democratise software development, security teams encounter a significant challenge in safeguarding applications created by non-developers. This shift towards “Vibe Coding”…
-
A summary of the key announcements from vendors at Black Hat USA 2025 (Part 1).
The 2025 edition of the Black Hat conference in Las Vegas has become a significant platform for numerous companies to showcase their latest products and…
-
Misconfigurations Should Not Be Considered Vulnerabilities: The Expensive Misunderstanding Surrounding Security Threats.
In SaaS security discussions, the terms “misconfiguration” and “vulnerability” are frequently used interchangeably, yet they represent distinct concepts. Misunderstanding this difference can lead to significant…
-
Cybercriminals have the ability to access IIS machine keys by taking advantage of a vulnerability in SharePoint’s deserialization process.
Hackers are employing a sophisticated attack method that exploits a deserialization vulnerability in SharePoint to steal Internet Information Services (IIS) Machine Keys. This exploitation allows…
-
The August 2025 update for Android addresses a Qualcomm vulnerability that has been exploited.
The Android August 2025 security update addresses a critical vulnerability affecting the Adreno GPU, which was confirmed to have been exploited as early as June….
-
How Leading CISOs Manage Their SOCs to Avoid Alert Overload and Ensure No Genuine Incidents are Overlooked
Security Operations Centre (SOC) teams often find themselves overwhelmed by alerts, despite significant investments in security tools. False positives accumulate, stealthy threats evade detection, and…
