JSON Config File Leaks Azure ActiveDirectory Credentials Summary Researchers from Resecurity’s HUNTER team discovered a publicly accessible appsettings.json for an ASP.NET Core application that exposed Azure Active Directory credentials (ClientId…
Proof-of-Concept in 15 Minutes? AI Turbocharges Exploitation Content summary Two independent Israeli researchers built an AI-driven pipeline (dubbed Auto Exploit) that uses LLM prompts, CVE advisories and open-source patches to…
Jaguar Land Rover Shuts Down in Scramble to Secure ‘Cyber Incident’ Summary Jaguar Land Rover (JLR) shut down parts of its IT systems after detecting a ‘cyber incident’, describing retail…
Hackers Are Sophisticated & Impatient — That Can Be Good Summary Ensar Seker (Vice President of Research & CISO, SOCRadar) argues that modern ransomware crews combine high sophistication with opportunism…
NIST Enhances Security Controls for Improved Patching Summary The US National Institute of Standards and Technology (NIST) released an update to its Security and Privacy Control catalogue (version 5.2.0) to…
Amazon Stymies APT29 Credential Theft Campaign Summary Amazon’s threat‑intelligence team disrupted a watering‑hole credential‑theft campaign attributed to APT29 (also tracked as Midnight Blizzard / Cozy Bear / Nobelium), a group…
WordPress Woes Continue Amid ClickFix Attacks, TDS Threats Summary Recent campaigns are exploiting vulnerable and malicious WordPress plug-ins to compromise sites and funnel visitors to scams and malware. The Israel…
Zscaler, Palo Alto Networks Breached via Salesloft Drift Summary A widespread supply-chain attack against the Salesloft Drift marketing SaaS platform allowed threat actors tracked as UNC6395 to steal OAuth and…
WhatsApp, Apple warn of highly targeted attacks with zero-day vulnerability Summary WhatsApp says it patched a zero-day vulnerability (CVE-2025-55177) that involved “incomplete authorisation of linked device synchronization messages” and could…
Nick Andersen appointed to CISA leadership role Summary The Cybersecurity and Infrastructure Security Agency (CISA) announced that Nicholas (Nick) Andersen has taken on the role of executive assistant director for…
