My Courses
-
BruteForceAI: New AI-powered Github tool
BruteForceAI is an innovative penetration testing tool that leverages Large Language Models (LLMs) to enhance the execution of brute-force attacks. Unlike traditional methods that require…
-
Connected vehicles are intelligent, user-friendly, and vulnerable to cyberattack
Consumers are increasingly concerned about vulnerabilities in their vehicles, which significantly impacts their purchasing behaviour and brand loyalty, according to RunSafe Security. Modern vehicles operate…
-
Fake npm packages stealing Ethereum wallet keys
A new set of four malicious packages has been discovered in the NPM package registry, designed to steal cryptocurrency wallet credentials from Ethereum developers. These…
-
North Korean fake job interview schemes
North Korean hackers have been observed actively monitoring cyber threat intelligence to identify and reconstruct exposed infrastructure. This strategic approach enables them to exploit vulnerabilities…
-
TAG-150 creates CastleRAT using Python and C, broadening the capabilities of CastleLoader malware.
The threat actor known as TAG-150 is behind the malware-as-a-service (MaaS) framework and loader called CastleLoader, as well as a remote access trojan (RAT) named…
-
Parallel-Poisoned Web Attack presents poisoned web pages to AI web bots
AI agents can be manipulated into executing malicious actions by websites that remain concealed from regular users, as discovered by JFrog AI architect Shaked Zychlinski….
-
SAP S/4HANA vulnerability CVE-2025-42957 actively exploited
A critical security vulnerability affecting SAP S/4HANA, an Enterprise Resource Planning (ERP) software, has been actively exploited in the wild. The command injection vulnerability, identified…
-
AI-driven supply chain attack using model namespace reuse
A critical AI supply chain vulnerability known as Model Namespace Reuse has emerged, posing significant risks to major tech companies like Google and Microsoft. This…
-
Importance of the CVE matrix for cybersecurity
The industry operates under the influence of Common Vulnerabilities and Exposures (CVE). Each security update released by various vendors addresses specific software flaws that could…
-
Hidden SVG files launch base64-encoded phishing sites
Cybersecurity researchers have identified a new malware campaign that utilises Scalable Vector Graphics (SVG) files in phishing attacks, impersonating the Colombian judicial system. According to…
