ALL POSTS

Background The emldump.py script is a powerful tool used by security analysts and incident responders to extract and analyze data from Microsoft Outlook email archives. This update focuses on enhancing the functionality of the "--yarastrings" option, which allows users to search for specific Yara signatures within the email data. Key Findings The update to emldump.py version 0.0.16 includes fixes and improvements to the "--yarastrings" option. The provided MD5 and SHA256 hash

Key Findings OpenAI has launched Codex Security, an AI-powered security agent designed to find, validate, and propose fixes for software vulnerabilities. Over the last 30 days, Codex Security has scanned more than 1.2 million commits across external repositories, identifying 792 critical and 10,561 high-severity findings. The vulnerabilities found include issues in various open-source projects like OpenSSH, GnuTLS, GOGS, Thorium, libssh, PHP, and Chromium. Codex Security leve

Key Findings The FBI has warned of a sharp rise in ATM jackpotting attacks across the U.S., with losses exceeding $20 million in 2025 alone. Since 2020, about 1,900 incidents have been reported, including 700 last year. Total losses tied to jackpotting have reached roughly $40.7 million since 2021. Background The jackpotting technique was first proposed by white-hat hacker Barnaby Jack in 2010. Ploutus is one of the most sophisticated ATM malware that was first discovered in

Key Findings: Interoperability in healthcare introduces significant security and privacy risks, as every data exchange connection becomes a potential failure point. Misconfigured integrations, outdated protocols, or weak identity controls can lead to unauthorized access and exposure of sensitive medical data. Healthcare breaches increasingly involve data interception, unauthorized access to shared systems, or abuse of trusted data exchange workflows rather than traditional ma

Key Findings Critical vulnerability (CVE-2026-1868) discovered in GitLab self-hosted AI Gateway with a CVSS score of 9.9 Flaw allows attackers to execute arbitrary code or trigger a Denial of Service on affected systems The vulnerability is caused by improper sanitization of user-supplied templates in the Duo Workflow Service Affects versions 18.1.6, 18.2.6, and 18.3.1 of the GitLab AI Gateway Patched versions 18.6.2, 18.7.1, and 18.8.1 have been released to address the issue

Key Findings Anthropic's latest AI model, Claude Opus 4.6, has found over 500 previously unknown high-severity security flaws in major open-source libraries like Ghostscript, OpenSC, and CGIF. The model was able to identify vulnerabilities by parsing commit histories, spotting dangerous functions, and understanding complex algorithmic concepts. Anthropic says Opus 4.6 can "read and reason about code the way a human researcher would", enabling it to find vulnerabilities that t

Key Findings Cisco has released urgent updates to address critical vulnerabilities in Cisco Meeting Management and Cisco TelePresence Collaboration Endpoint (CE) Software The vulnerabilities could allow attackers to seize control of meeting management systems or crash communication endpoints The most severe flaw, CVE-2026-20098, carries a high CVSS score of 8.8 and allows remote attackers to execute arbitrary commands with root privileges Background Cisco Meeting Management i

Key Findings Microsoft's latest cumulative updates for Windows 11 have caused technical issues, including devices failing to enter sleep mode or shutdown correctly, often resulting in involuntary reboots. The problems have also extended to Windows 10 systems with Virtualization-Based Security (VBS/VSM) enabled. Microsoft has acknowledged the defects and is working on a comprehensive resolution for both Windows 10 and 11. As an interim mitigation, affected users are advised to

Key Findings Kyverno, a popular Kubernetes-native policy engine, has released an urgent security update to address a critical vulnerability (CVE-2026-22039) with a maximum CVSS score of 10. The flaw allows any user with policy creation rights to effectively become a cluster admin, shattering Kyverno's isolation boundaries. The update also fixes a high-severity Denial of Service (DoS) vulnerability (CVE-2026-23881) with a CVSS score of 7.7. Background Kyverno is a Kubernetes-n

Key Findings VoidLink is a sophisticated Linux malware framework, built largely by a single developer with assistance from an artificial intelligence (AI) model. The malware reached over 88,000 lines of code in a short timeframe, showcasing the efficiency enabled by AI-driven development. Operational security failures by the developer exposed development artifacts, providing clear evidence that VoidLink was produced predominantly through AI-driven processes. VoidLink includes

Key Findings Researchers have disclosed a new hardware vulnerability, codenamed "StackWarp", affecting AMD Zen 1 through Zen 5 processors. The flaw can be exploited to bypass AMD's Secure Encrypted Virtualization with Secure Nested Paging (SEV-SNP) protections, allowing attackers to run malicious code within confidential virtual machines (CVMs). StackWarp targets a synchronization bug in the CPU's stack engine, a microarchitectural optimization responsible for accelerated sta

Key Findings NHIcon 2026 is a virtual conference organized by Aembit examining the technical, operational, and security challenges of agentic artificial intelligence systems in enterprise environments. The event features keynote addresses from industry leaders including Phil Venables, Misam Abbas, and Jason Clinton. The agenda includes over 20 practitioner-led sessions on topics like large language model evaluation, agent behavior, secrets management, and the OWASP Top 10 for

Key Findings Microsoft released its first security update for 2026, addressing 114 security flaws 8 vulnerabilities were rated Critical, and 106 were rated Important in severity The update includes 58 privilege escalation, 22 information disclosure, 21 remote code execution, and 5 spoofing flaws The update marks the third-largest January Patch Tuesday after January 2025 and January 2022 2 previously disclosed zero-day vulnerabilities were also addressed Background Microsoft r

Key Findings NVIDIA has issued a critical security update for its Isaac Launchable software, patching three vulnerabilities with a CVSS score of 9.8. The most severe flaw, CVE-2025-33222, involves hard-coded credentials that allow attackers to bypass authentication and gain complete control of affected systems. The remaining two vulnerabilities, CVE-2025-33223 and CVE-2025-33224, stem from improper privilege management, enabling attackers to execute code with elevated permiss

Key Findings NVIDIA has issued critical security updates for its Merlin framework, addressing high-severity vulnerabilities (CVSS 8.8) in two key components: NVTabular and Transformers4Rec. The vulnerabilities stem from unsafe deserialization, which could allow attackers to execute malicious code, tamper with data, or cause denial of service in AI recommendation pipelines. The first flaw (CVE-2025-33214) affects the Workflow component of NVTabular, a feature engineering libra

Key Findings: A high-severity unpatched security vulnerability in Gogs (CVE-2025-8110) with a CVSS score of 8.7 is under active exploitation, affecting over 700 compromised instances accessible online. The vulnerability allows for file overwrite in the file update API, enabling an attacker to achieve arbitrary code execution through a four-step process. The malware deployed in the attacks is a payload based on Supershell, an open-source command-and-control (C2) framework ofte

Key Findings A critical XML external entity (XXE) vulnerability, tracked as CVE-2025-66516, has been discovered in the Apache Tika toolkit. The vulnerability has a CVSS score of 10.0, indicating maximum severity. The flaw allows attackers to carry out XXE injection attacks by exploiting a crafted XFA file within a PDF document. The vulnerability affects multiple Apache Tika components, including the tika-core, tika-parser-pdf-module, and tika-parsers modules. This vulnerabili

Key Findings Blast Security, a cybersecurity startup, has launched from stealth with a $10 million seed round co-led by 10D and MizMaa Ventures. The company is founded by industry veterans from Solebit (acquired by Mimecast) and elite IDF units. Blast is introducing a new operating model for cloud security with its first-of-its-kind Preemptive Cloud Defense Platform. The platform replaces reactive response with continuous prevention, turning native cloud control into a preven

Key Findings A critical vulnerability, tracked as CVE-2025-11001, has been discovered in the popular file-compression tool 7-Zip. The flaw, which is a Directory Traversal Remote Code Execution (RCE) vulnerability, has a public exploit available. The vulnerability poses a high-risk warning from the UK's NHS England Digital, though active exploitation has not been observed yet. The issue was discovered by researchers at GMO Flatt Security Inc. and revealed by Trend Micro's Zero

Key Findings: Google has updated its Android Quick Share file transfer service to work natively with Apple's AirDrop on Pixel 10 devices. The cross-platform compatibility is achieved through Google's own implementation, not official collaboration with Apple. The communication channel is built using the memory-safe Rust programming language to enhance security and prevent vulnerabilities. Independent security assessment by NetSPI found the Quick Share AirDrop implementation to