Cloud computing’s rise is a success story under scrutiny. It has been nothing short of transformative, enabling businesses to scale…
A set of vulnerabilities have been identified in Ingress-NGINX Controller for Kubernetes, posing a risk to organizations relying on the…
A serious security vulnerability has recently been identified in NetApp’s SnapCenter software, a widely used enterprise solution for managing data…
CBA has opened a ‘tech hub’ in Seattle this month that will act as a “strategic gateway” to collaborate with…
Habits are so good. They even compound! But, they can be hard to start and maintain. I’ve successfully started new…
Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!) Pierluigi Paganini March 27, 2025 Arkana Security, a…
![[tl;dr sec] #271 - Threat Modeling (+ AI), Backdoored GitHub Actions, Compromising a Threat Actor's Telegram](https://image.cybernoz.com/wp-content/uploads/2025/03/1743072871_tldr-sec-271-Threat-Modeling-AI-Backdoored-GitHub.png "[tl;dr sec] #271 – Threat Modeling (+ AI), Backdoored GitHub Actions, Compromising a Threat Actor’s Telegram")
Threat modeling (with) LLMs, tj-actions woes, reading a threat actor’s Telegram C2 I hope you’ve been doing well! Working on…
A series of vulnerabilities, known as IngressNightmare (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974), have been identified in ingress-nginx, a widely used Kubernetes…
The Intigriti team have recently observed an abuse scenario, trending across the industry, where malicious actors are posing as legitimate…
Back in May 2023, I wrote the blogpost You may not care where you download software from, but malware does…
The Commerce Department plans to finalize economic sanctions this week on nearly 20 Chinese and Taiwanese organizations, citing the need…
The UK Information Commissioner’s Office (ICO) has issued a £3.07 million fine on Advanced Computer Software Group Ltd for a 2022…