ALL POSTS

Key Findings USB-C rechargeable batteries have built-in battery charger and voltage converter electronics They deliver a constant 1.5V output, unlike NiMH batteries that have a varying voltage Measured capacities are significantly lower than advertised, with round-trip efficiencies around 63-72% They have some advantages like a flat discharge curve and no leakage, but also disadvantages like abrupt voltage drop and electrical noise These batteries cannot negotiate power with

Key Findings Sophos is launching Sophos Intelix for Microsoft 365 Copilot, a powerful new integration that brings Sophos' world-class threat intelligence directly into the Microsoft 365 ecosystem. This seamless integration allows security analysts and IT professionals to instantly access, investigate, and respond to emerging cyber threats right from the Copilot chat interface, without leaving the Microsoft 365 environment. Sophos Intelix leverages the deep threat intelligence

Key Findings Traditional vulnerability-based security approaches are insufficient against modern exposure-driven attacks Misconfigurations, forgotten assets, and publicly accessible services have become real-world attack entry points as organizations rapidly adopt cloud platforms and distributed architectures Adversaries evaluate exposed services, identify weak points, and map attack paths to exploit previously unknown or unmanaged assets Background As organizations rapidly a

Key Findings A critical XML external entity (XXE) vulnerability, tracked as CVE-2025-66516, has been discovered in the Apache Tika toolkit. The vulnerability has a CVSS score of 10.0, indicating maximum severity. The flaw allows attackers to carry out XXE injection attacks by exploiting a crafted XFA file within a PDF document. The vulnerability affects multiple Apache Tika components, including the tika-core, tika-parser-pdf-module, and tika-parsers modules. This vulnerabili

Key Findings Sprocket Security has been recognized by G2 as a "High Performer," "Best Support," and "Easiest to Do Business With" in the Winter 2025 Relationship Index for Penetration Testing. This marks the second consecutive quarter Sprocket has earned these honors, reinforcing the company's commitment to providing a seamless customer experience. Customers have consistently praised Sprocket's responsiveness, expertise, and the simplicity and transparency of its continuous p

Key Findings: Adversaries continue to use GenAI with varying levels of reliance, with state-sponsored groups and criminal organizations taking advantage of uncensored and unweighted models. Threat actors are using GenAI for coding, phishing, anti-analysis/evasion, and vulnerability discovery, although significant human involvement is still required. As models continue to shrink and hardware requirements are removed, adversarial access to GenAI and its capabilities are poised

Key Findings A critical Remote Code Execution (RCE) vulnerability has been discovered in the Sneeit Framework, a core plugin bundled with multiple premium WordPress themes. The vulnerability (CVE-2025-6389) allows unauthenticated users to take complete control of a server. Threat actors started exploiting the issue on the same day it was publicly disclosed on November 24th, 2025. The Wordfence Firewall has already blocked over 131,000 exploit attempts targeting this vulnerabi

Key Findings Phishing attacks have surged 400% year-over-year, with nearly 40% of the 28+ million recaptured phished records containing a business email address, compared to just 11.5% in recaptured malware data. Enterprises are now three times more likely to be targeted with phishing attacks than infostealer malware. Phishing has become the preferred gateway into enterprise environments, and is now the leading entry point for ransomware, accounting for 35% of all ransomware

Key Findings Cloudflare mitigated the largest ever distributed denial-of-service (DDoS) attack, measuring 29.7 terabits per second (Tbps) The attack originated from the AISURU DDoS botnet-for-hire, which has been linked to numerous high-volume DDoS attacks over the past year The 69-second attack did not disclose the target, but AISURU has targeted telecommunication providers, gaming companies, hosting providers, and financial services AISURU is believed to be powered by a mas

Key Findings Critical security flaw discovered in React Server Components (RSC) with a CVSS score of 10.0 (maximum severity) Vulnerability allows unauthenticated remote code execution (RCE) by exploiting a deserialization issue in how React decodes payloads sent to React Server Function endpoints Issue affects React versions 19.0, 19.1.0, 19.1.1, and 19.2.0, as well as Next.js versions >=14.3.0-canary.77, >=15, and >=16 Vulnerability codenamed "React2shell" and assigned CVE-2

Key Findings A critical vulnerability, CVE-2025-8489 (CVSS score of 9.8), has been discovered in the WordPress plugin King Addons for Elementor. The flaw allows unauthenticated users to register and instantly gain admin privileges on WordPress sites. Threat actors are actively exploiting the vulnerability, with the Wordfence Firewall blocking over 48,400 exploit attempts since the issue was disclosed. The vulnerability is a privilege escalation issue in versions 24.12.92 to 5

Key Findings India's Department of Telecommunications (DoT) has ordered messaging apps to work only with active SIM cards linked to users' phone numbers to prevent fraud and misuse. The amendment to the 2024 Telecom Cyber Security Rules aims to curb fraudulent activities such as phishing, scams, and cyber fraud by preventing the misuse of telecom identifiers. Messaging apps have 90 days to implement the changes and 120 days to report compliance. Background The DoT has observe

Key Findings A critical security flaw (CVE-2025-13658, CVSS 9.8) has been discovered in the Longwatch video surveillance and monitoring system developed by Industrial Video & Control (IV&C). The vulnerability allows unauthenticated remote code execution with SYSTEM-level privileges, enabling complete takeover of the affected OT surveillance systems. The flaw resides in the way the Longwatch devices handle incoming web traffic, allowing arbitrary code execution through an expo

Key Findings U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Android Framework vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: CVE-2025-48572: Android Framework Privilege Escalation Vulnerability CVE-2025-48633: Android Framework Information Disclosure Vulnerability Background The two high-severity vulnerabilities are reported to be "under limited, targeted exploitation" in the wild. Google's latest Android update for December 2025

Key Findings 83% of organizations use AI in daily operations Only 13% have strong visibility into how AI systems handle sensitive data AI increasingly behaves as an ungoverned identity, with a non-human user that reads faster, accesses more, and operates continuously 67% have caught AI tools over-accessing sensitive information 23% admit they have no controls for AI prompts or outputs Background The report, produced by Cybersecurity Insiders with research support from Cyera R

Key Findings Frenetik, a Maryland-based cybersecurity startup, has launched with a novel approach to cybersecurity using patented "Deception In-Use" technology. The company's approach aims to exploit information asymmetry, rather than relying on increased computational power and data analytics. Frenetik's technology continuously rotates identities and resources across cloud and on-premises environments, depriving attackers of reliable reconnaissance information. The solution

Key Findings Coupang, a major e-commerce company in South Korea, has suffered a massive data breach affecting over 33.7 million accounts - more than half of the country's population. The breach was initially detected on November 18, 2025, when suspicious activity was observed on around 4,500 accounts. Further investigation revealed that the breach actually dated back to late June 2025 and had compromised the personal information of nearly the entire Coupang user base. Exposed

Key Findings Sonesta International Hotels partners with AccuKnox to deploy Zero Trust Integrated Application and Cloud Security for Microsoft Azure. Sonesta's goals include addressing multi-cloud misconfigurations, achieving compliance conformance, and automating the findings and ticketing lifecycle. AccuKnox was selected due to its comprehensive features, ease of deployment, ease of use, third-party integrations, and ability to provide real-time security against advanced zer

Key Findings Authorities seized the Cryptomixer cryptocurrency mixing service, seizing $28 million in Bitcoin and disrupting a platform used by cybercriminals to launder over $1.5 billion since 2016. The operation, part of "Operation Olympia," involved coordinated efforts by Europol, Eurojust, and law enforcement agencies from Germany and Switzerland. Cryptomixer, accessible on the clear and dark web, used pooling and randomized withdrawal methods to obscure the origins of fu

Key Findings BreachLock named a Leader and Fast Mover in the 2025 GigaOm Radar Report for Penetration Testing as a Service (PTaaS) for the third consecutive year The report evaluated 16 top PTaaS providers based on key feature capabilities, enterprise business requirements, deployment models, and other important decision-making criteria BreachLock scored highly in all evaluated categories, except for crowdsourcing pentesters, which the company does not offer BreachLock's in-h