Two decades of penetration testing

I’ve been elbow-deep in other people’s networks for nineteen years now, and if there’s one constant it’s that the shiny toys always turn up long before the basics are nailed down. The EDR / MDR / XDR mirage Over the last half-decade every board slide has the same checkbox: “SOC in place – ✅”. They […]

Read More

Oracle Cloud Credential Leak

CISA Issues Warning Over Oracle Cloud Credential Leak The US Cybersecurity and Infrastructure Security Agency (CISA) has warned organisations that a January breach of two obsolete Oracle Cloud servers may expose millions of credentials. • Oracle privately told customers that its core Oracle Cloud Infrastructure (OCI) was not compromised, but attackers accessed usernames from legacy […]

Read More

ASUS Routers Critical Security Flaw

ASUS Routers Hit by Critical AiCloud Security Flaw ASUS has disclosed CVE-2025-2492, a critical authentication-bypass flaw (CVSS 9.2) affecting multiple router models that run the AiCloud remote-access feature. A crafted request lets remote attackers execute functions without logging in. ASUS has released patched firmware in the 382, 386, 388 and 102 branches and urges owners […]

Read More

Phishing Kit That Sidesteps Office 365 MFA

SessionShark: The Phishing Kit That Sidesteps Office 365 MFA Security researchers at SlashNext have uncovered “SessionShark,” a new phishing kit for hire that steals Microsoft Office 365 session tokens and lets criminals bypass multi-factor authentication (MFA). Sold on underground markets, SessionShark spins up convincing fake Office 365 login pages. When a victim enters their credentials, […]

Read More

159 Vulnerabilities Exploited in the Wild

Q1 2025: 159 Vulnerabilities Exploited in the Wild – Is Your Firm Still Behind on Patching? Threat-intelligence analysts have counted 159 distinct CVEs actively exploited in the wild during Q1 2025—a 28 percent rise on the same period last year. Nearly half of the in-use flaws date from 2023 or earlier, confirming that organisations still […]

Read More

Small Vulnerabilities Trigger Big Breaches

How Small Vulnerabilities Trigger Big Breaches – Five Lessons from the Front Line A research team from Intruder dissected five real-world security incidents to show how seemingly “low-risk” flaws can snowball into full-scale breaches: 1. SSRF → AWS credential theft – an application followed a 302 redirect to the EC2 metadata service, leaking cloud keys. […]

Read More

Phishers Use Real-Time Checks to Outsmart Security

Phishers Use Real-Time Checks to Outsmart Security Measures According to the report, cybercriminals have begun using real-time checks within phishing campaigns to determine whether a victim’s system or browser is under active security inspection. By performing quick, automated lookups in the moment a user clicks a malicious link, attackers can decide whether to serve genuine […]

Read More

Fortinet Attackers Staying Hidden Despite Patches

Fortinet Cautions Users: Attackers Staying Hidden in Networks Despite Patches Fortinet has issued a warning that cybercriminals continue to lurk in networks even after organisations have patched known vulnerabilities in Fortinet products. Attackers who exploited older flaws have managed to maintain persistence by using compromised credentials, backdoor accounts, or hidden footholds. Although many organisations patched […]

Read More

PipeMagic Trojan Exploits Windows CLFS

PipeMagic Trojan Exploits Windows CLFS for Stealth Attacks A newly identified PipeMagic trojan exploits the Common Log File System (CLFS) in Windows to launch sophisticated attacks. Security researchers observed the malware injecting itself into system processes using a previously undocumented technique related to Windows’ CLFS driver. This stealthy approach helps bypass many endpoint defences, allowing […]

Read More