Welcome to DIY IT

The Wild West of Shadow IT: Why Your Staff Are Installing Trouble at the Click of a Button The CyberWhite article The Wild West of Shadow IT warns that employees now adopt SaaS and AI tools faster than security teams can vet them, creating a sprawl of unapproved apps, OAuth tokens and embedded AI that […]

Read More

How to Stop Sneaky MitM

How to Stop a Sneaky Man-in-the-Middle The CyberWhite guide explains how man-in-the-middle (MITM) attacks let crooks slip between users and online services to pinch log-ins, card details and other goodies. It recaps headline-grabbing examples (Equifax, Lenovo Superfish, DigiNotar) and outlines favourite tactics: rogue public-Wi-Fi, mDNS/DNS spoofing, ARP games and look-alike access points. Defence boils down […]

Read More

Dahua Cameras

Dahua Cameras Get the Starring Role in Their Own Horror Film Security researchers at Bitdefender uncovered two critical buffer-overflow bugs (CVE-2025-31700, CVE-2025-31701, CVSS 8.1) in Dahua smart-camera firmware built before 16 April 2025. One flaw sits in the ONVIF request handler, the other in the RPC file-upload routine. An unauthenticated attacker can sling a specially […]

Read More

SonicWalls VPN Nasty Zero-Day

SonicWall’s VPNs May Have a Nasty Zero-Day – Akira Ransomware Gate-crashes the Party SonicWall is probing a potential zero-day flaw in its Gen 7 SSL VPN firewalls after security firms Arctic Wolf and Huntress logged more than 20 Akira-ransomware break-ins since late July 2025. Victims were fully patched and even with MFA attackers still slipped […]

Read More

ClickFix malvertising

“ClickFix” malvertising: crooks rent Google Ads so you’ll download their dodgy installers Researchers have spotted a sprawling malvertising operation nick-named “ClickFix” that hijacks Google Ads to lure users searching for popular software (Chrome, WhatsApp, Adobe Reader) onto copy-cat sites. The bogus pages serve malicious MSI installers laced with OxtaRAT remote-access malware. Once executed, the payload […]

Read More

fake M365 OAuth apps

Fake OAuth apps: the latest con trick against Microsoft 365 users Threat actors are using fake Microsoft 365 OAuth apps, spoofing brands like RingCentral, SharePoint and Adobe, to trick users into granting access to their accounts. The crooks combine the bogus apps with Tycoon Phishing-as-a-Service kits, redirecting victims through a CAPTCHA and then an adversary-in-the-middle […]

Read More

HPEs Wi‑Fi Hard‑Coded Passwords

HPE’s Wi‑Fi Kit Gets a Nasty Surprise: Hard‑Coded Passwords Hewlett‑Packard Enterprise (HPE) has patched two nasty bugs in its Instant On wireless access‑points. The worst, CVE‑2025‑37103 (CVSS 9.8), comes from hard‑coded admin credentials that let anyone waltz straight past the login screen. A second flaw, CVE‑2025‑37102 (CVSS 7.2), allows command injection once you’re signed in. Chained together, the pair […]

Read More

Patch your SharePoint

Patch your SharePoint, or it’ll patch you Microsoft has rushed out emergency patches for CVE‑2025‑53770, a critical (CVSS 9.8) remote‑code‑execution flaw in on‑premises SharePoint Server. The bug, triggered by unsafe deserialisation in the machineAccountCheck function, is already being weaponised in the wild—at least 54 organisations have been hit, including banks, universities and government bodies. A related spoofing […]

Read More

Hackers Turn GitHub into Malware Hotel

Hackers Turn GitHub into a Free Malware Hotel Researchers have spotted cyber‑crooks abusing public GitHub repositories as free, trustworthy‑looking hosting for malware. The gang, nicknamed “GrokRAT” by Trend Micro, uploads innocent‑looking projects that actually hide an encrypted Remote‑Access Trojan. Victims receive a phishing email with a link to the repo’s raw file; a PowerShell one‑liner […]

Read More