How to Protect Your SaaS from Bot Attacks with SafeLine WAF
Most SaaS teams remember the day their user traffic started growing fast. Few notice the day bots started targeting them. On paper, everything looks great:…
Author: Cybernoz
Operational Security (OPSEC) Basic Guide for Windows Users
I. Introduction This is one in a series of my articles on the configuration operations and how to use Windows to keep your computer and…
From Reactive Defense to Threat Intelligence
Ask any CISO in Latin America what keeps them up at night and you’ll hear the same answers: ransomware, payment fraud, credential theft, supply chain…
Mutagen Astronomy: A Linux Vulnerability’s Path to CISA KEV
Introduction On January 26, 2026, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2018-14634 to its Known Exploited Vulnerabilities (KEV) catalog. The same vulnerability was…
Fickle PDFs: exploiting browser rendering discrepancies
Imagine the CEO of a random company receives an email containing a PDF invoice file. In Safari and MacOS Preview, the total price displayed is…
Google Develops Merkle Tree Certificates to Enable Quantum-Resistant HTTPS in Chrome
Ravie LakshmananMar 02, 2026Cryptography / Browser Security Google has announced a new program in its Chrome browser to ensure that HTTPS certificates are secure against…
OPSEC Basic: Virtualization Technology
I. Introduction This time, I will introduce the use of virtualization technology to mitigate potential threat models when using suspicious software and tools. By…
Iranian cyberattacks fail to materialize but threat remains acute
Security company Radware detected 149 DDoS attacks that appeared to be connected to Iran between February 28 and March 2, the majority targeting government entities…
Scaling security operations with Microsoft Defender autonomous defense and expert-led services
Today’s security leaders are operating in an environment of truncated cyberattack timelines with aging defenses built for slower, linear cyberthreats that can no longer keep…
Huntress Catches SmarterMail Account Takeover Leading to RCE
Background / Summary The Huntress DE&TH (Detection Engineering and Threat Hunting) Team has observed in-the-wild exploitation of a privileged account takeover vulnerability (CVE-2026-23760) in SmarterTool’s…
Introducing the URL validation bypass cheat sheet
URL validation bypasses are the root cause of numerous vulnerabilities including many instances of SSRF, CORS misconfiguration, and open redirection. These work by using ambiguous…
New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel
Ravie LakshmananMar 02, 2026Vulnerability / Artificial Intelligence Cybersecurity researchers have disclosed details of a now-patched security flaw in Google Chrome that could have permitted attackers…