[webapps] Siklu EtherHaul Series EH-8010 - Remote Command Execution
Siklu EtherHaul Series EH-8010 - Remote Command Execution
General
20 articles
Account Compromise Surged 389% in 2025, Says eSentire
An eSentire report showed credential theft accounted for 74% of all observed cyber threats in 2025
Why LinkedIn is a hunting ground for threat actors – and how to protect yourself
The business social networking site is a vast, publicly accessible database of corporate information. Don’t believe everyone on the site is who they say they...
Global Agencies Release New Guidance to Secure Industrial Networks
CISA, NCSC and the FBI have released a new security guide to enhance protection for OT environments
CISO Role Reaches “Inflexion Point” With Executive-Level Titles
IANS Research reveals a growth in executive-level CISO titles, amid resource challenges
Closing the Door on Net-NTLMv1: Releasing Rainbow Tables to Accelerate Protocol Deprecation
Written by: Nic Losby Introduction Mandiant is publicly releasing a comprehensive dataset of Net-NTLMv1 rainbow tables to underscore the urgency of migrating...
Is it time for internet services to adopt identity verification?
Should verified identities become the standard online? Australia’s social media ban for under-16s shows why the question matters.
Your personal information is on the dark web. What happens next?
If your data is on the dark web, it’s probably only a matter of time before it’s abused for fraud or account hijacking. Here’s what to do.
AuraInspector: Auditing Salesforce Aura for Data Exposure
Written by: Amine Ismail, Anirudha Kanodia Introduction Mandiant is releasing AuraInspector, a new open-source tool designed to help defenders identify and a...
Practitioners Reveal What Makes Threat Intelligence Programs Mature
Threat intelligence practitioners from Global Payments, Adobe, and Superhuman reveal how mature CTI programs transform data overload into strategic business ...
GRU-Linked BlueDelta Evolves Credential Harvesting
Insikt Group reveals how GRU-linked BlueDelta evolved credential-harvesting campaigns targeting government, energy, and research organizations across Europe ...
When Your AI Coding Plugin Starts Picking Your Dependencies: Marketplace Skills and Dependency Hijack in Claude Code
Learn how AI coding assistants managing dependencies via plugins are now creating a new supply-chain risk when automation is compromised.
Detect Go’s silent arithmetic bugs with go-panikint
Go’s arithmetic operations on standard integer types are silent by default, meaning overflows “wrap around” without panicking. This behavior has hidden an en...
This month in security with Tony Anscombe – December 2025 edition
As 2025 draws to a close, Tony looks back at the cybersecurity stories that stood out both in December and across the whole of this year
[webapps] Chained Quiz 1.3.5 - Unauthenticated Insecure Direct Object Reference via Cookie
Chained Quiz 1.3.
A brush with online fraud: What are brushing scams and how do I stay safe?
Have you ever received a package you never ordered? It could be a warning sign that your data has been compromised, with more fraud to follow.
Digital Threat Detection Tools & Best Practices
Explore digital threat detection tools and learn best practices to identify, analyze, and neutralize digital threats before they impact your business.
Can chatbots craft correct code?
I recently attended the AI Engineer Code Summit in New York, an invite-only gathering of AI leaders and engineers. One theme emerged repeatedly in conversati...
Cyber on the Geopolitical, Battlefield: Beyond the, “Big Fourˮ
Offensive cyber operations are spreading beyond the Big Four. Discover how regional conflicts are driving new state-linked cyber threats.
ESET Threat Report H2 2025
A view of the H2 2025 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts