top of page
ALL POSTS
FreeRADIUS and Chrome Security Updates Address Critical Buffer Overflow and Multiple Vulnerabilities
Key Findings FreeRADIUS released emergency patches to fix critical unauthenticated buffer overflow vulnerabilities affecting multiple authentication protocols Malicious actors can crash vulnerable servers without any authentication by sending specially crafted UDP packets Chrome 149 stable release addresses 429 security vulnerabilities including critical memory corruption bugs in graphics and GPU handling Developers are intentionally limiting technical disclosure details to p
Jun 53 min read
Hackers Exploited Meta's AI Support Bot to Compromise Instagram Accounts
Key Findings Meta's AI support assistant was exploited to hijack high-profile Instagram accounts including the Obama White House account and U.S. Space Force Chief Master Sergeant account over the weekend of May 31 Hackers used a VPN to spoof location, then tricked the AI bot into adding unauthorized email addresses to target accounts and resetting passwords The exploit bypassed two-factor authentication entirely and was defeated only by accounts with multi-factor authenticat
Jun 23 min read
Verifying AI Agents: The Emerging Cybersecurity Challenge
Key Findings Autonomous AI agents are already deployed in production environments with access to inboxes, code repositories, financial systems, and decision-making authority that previously required human approval Current infrastructure cannot reliably verify AI agent identity, authorization scope, instruction integrity, or revoke access in real time AI agent verification is fundamentally different from traditional user or software authentication due to dynamic capabilities,
May 164 min read
Nginx UI Vulnerability: CVE-2026-27944 Exposes Server Backups
Key Findings A critical vulnerability in Nginx UI, tracked as CVE-2026-27944, allows attackers to download and decrypt full server backups without authentication. The vulnerability stems from two major flaws: the /api/backup endpoint lacks authentication, and the server exposes the AES-256 encryption key and IV in an HTTP response header. Exploitation of the vulnerability could have serious consequences as a full Nginx UI backup contains large amounts of sensitive operational
Mar 82 min read
Fortinet Warns of Active FortiCloud SSO Bypass Impacting Patched Devices
Key Findings Fortinet confirmed attacks are bypassing FortiCloud SSO authentication, affecting even fully patched devices, similar to recent SSO flaws. Threat actors automate firewall changes, add users, enable VPNs, and steal configs, in campaigns resembling December 2025 exploits of critical FortiCloud SSO flaws. Arctic Wolf researchers reported a new automated attack cluster observed since January 15, 2026, targeting FortiGate devices. Attackers created generic accounts fo
Jan 231 min read
Fortinet Warns of Active Exploitation of FortiOS SSL VPN Vulnerability
Key Findings Fortinet reported active exploitation of a five-year-old security vulnerability, CVE-2020-12812 (CVSS score: 5.2), in FortiOS SSL VPN. The vulnerability is an improper authentication flaw that may allow users to bypass two-factor authentication (2FA) by changing the case of the username, enabling successful login without being prompted for the second authentication factor. The issue occurs when FortiGate has local 2FA users linked to LDAP, the same users belong t
Dec 25, 20252 min read
Zombie Protocol: How NTLM Flaws Like CVE-2024-43451 Are Haunting 2025
Key Findings Despite being over two decades old, the NTLM authentication protocol remains a critical security liability in 2025. Cybercriminals are actively exploiting newly discovered vulnerabilities to launch sophisticated attacks across the globe. One of the most alarming vulnerabilities is CVE-2024-43451, which allows attackers to steal a user's NTLMv2 hash with virtually no interaction. The vulnerability abuses the MSHTML engine to trigger an NTLM authentication attempt
Nov 28, 20252 min read
bottom of page
