My Courses
-
Parallel-Poisoned Web Attack presents poisoned web pages to AI web bots
AI agents can be manipulated into executing malicious actions by websites that remain concealed from regular users, as discovered by JFrog AI architect Shaked Zychlinski….
-
SAP S/4HANA vulnerability CVE-2025-42957 actively exploited
A critical security vulnerability affecting SAP S/4HANA, an Enterprise Resource Planning (ERP) software, has been actively exploited in the wild. The command injection vulnerability, identified…
-
AI-driven supply chain attack using model namespace reuse
A critical AI supply chain vulnerability known as Model Namespace Reuse has emerged, posing significant risks to major tech companies like Google and Microsoft. This…
-
Importance of the CVE matrix for cybersecurity
The industry operates under the influence of Common Vulnerabilities and Exposures (CVE). Each security update released by various vendors addresses specific software flaws that could…
-
Hidden SVG files launch base64-encoded phishing sites
Cybersecurity researchers have identified a new malware campaign that utilises Scalable Vector Graphics (SVG) files in phishing attacks, impersonating the Colombian judicial system. According to…
-
File security risks increasing due to insider threats, malware, and AI
Breaches related to file access are increasingly common, leading to significant financial repercussions for many organisations. Over the past two years, numerous companies have experienced…
-
GhostRedirector compromises Windows servers utilizing Rungan backdoor and Gamshen IIS module
Cybersecurity researchers have uncovered a previously undocumented threat cluster known as GhostRedirector, which has compromised at least 65 Windows servers, primarily located in Brazil, Thailand,…
-
Russian cyberespionage group APT28 targets NATO member firms with Outlook “NotDoor” backdoor
The Russian state-sponsored hacking group known as APT28 has been linked to a new Microsoft Outlook backdoor called NotDoor, which has been used in attacks…
-
Cybercriminals distributing malware via ‘Grokking’
Cybersecurity researchers have identified a new technique, codenamed Grokking, that cybercriminals are using to circumvent malvertising protections on social media platform X. Nati Tal, head…
-
USA and allies advocating Software Bill of Materials (SBOMs)
The adoption of Software Bill of Materials (SBOM) is set to significantly enhance software supply chain security, thereby reducing risks and costs associated with vulnerabilities….