SolarWinds Hotfix Fixes Web Help Desk RCE CVE-2025-26399
SolarWinds has released a new hotfix aimed at resolving a critical remote code execution (RCE) vulnerability affecting its Web Help Desk (WHD) software. The flaw,…
Author: Cybernoz
PyPI Warns Users of Fresh Phishing Campaign
The Python Package Index (PyPI), the default platform for Python’s package management tools, is warning users of a fresh phishing campaign relying on domain confusion…
AI agents building security tests
The Detectify AI Agent Alfred fully automates the creation of security tests for new vulnerabilities, from research to a merge request. In its first six…
![[tl;dr sec] #298 - Good CISO / Bad CISO, AWS Infra Canarytokens, Protect Yourself from Compromised NPM Packages](https://image.cybernoz.com/wp-content/uploads/2025/09/tldr-sec-298-Good-CISO-Bad-CISO-AWS.png)
[tl;dr sec] #298 – Good CISO / Bad CISO, AWS Infra Canarytokens, Protect Yourself from Compromised NPM Packages
How to be an effective CISO, deploy decoy assets that fit in to your AWS environment, tips and tools to minimize the impact of NPM…
How secure are passkeys, really? Here’s what you need to know
We’ve known for a long time that passwords have their flaws. Whether it’s phishing, brute force, or dictionary attacks, password-based authentication remains one of the…
New BRICKSTORM Stealthy Backdoor Attacking Tech and Legal Sectors
BRICKSTORM has surfaced as a highly evasive backdoor targeting organizations within the technology and legal industries, exploiting trust relationships to infiltrate critical networks. First detected…
Volvo Group Reports Data Breach Following Ransomware Attack on HR Vendor
Volvo Group has disclosed that a recent ransomware attack on its human resources software provider, Miljödata, may have resulted in unauthorized access to personal information belonging to…
Government might support Jaguar Land Rover supply chain to mitigate cyber attack impact
The government is looking at ways to lessen the impact of the August 2025 cyber attack on Jaguar Land Rover’s (JLR’s) supply chain, amid claims…
Black Hat USA 2025 CISO Podcast Series Episode 10 LIVE
The CISO Podcast Series returns with its much-anticipated Episode 10, filmed live at Black Hat USA 2025, and it’s one every security leader needs to…
Perspective: Why Politics in the Workplace is a Cybersecurity Risk
When I first started working, politics was intentionally kept out of the workplace, regardless of how strongly different people may have felt about their own…
Contain or be contained: The security imperative of controlling autonomous AI
Artificial intelligence is no longer a future concept; it is being integrated into critical infrastructure, enterprise operations and security missions around the world. As we…
Microsoft will offer free Windows 10 security updates in Europe
Microsoft will offer free extended security updates for Windows 10 users in the European Economic Area (EEA), which includes Iceland, Liechtenstein, Norway, and all 27…