https://cluster-site.onrender.com/categories/threat-intel/ Recent content in Threat-Intel on Tenu Tech Brief Hugo -- 0.146.0 en-us Thu, 26 Feb 2026 01:01:40 +0000 https://cluster-site.onrender.com/posts/active-exploitation-of-cisco-catalyst-sd-wan-by-uat-8616/ Wed, 25 Feb 2026 16:13:36 +0000 https://cluster-site.onrender.com/posts/active-exploitation-of-cisco-catalyst-sd-wan-by-uat-8616/ • Active exploitation of Cisco Catalyst SD-WAN by UAT-8616 Cisco Talos is tracking the active exploitation ofCVE-2026-20127, a vulnerability in Cisco Catalyst SD-WAN Controller, fo https://cluster-site.onrender.com/posts/developer-creates-app-to-detect-nearby-smart-glasses/ Wed, 25 Feb 2026 15:48:34 +0000 https://cluster-site.onrender.com/posts/developer-creates-app-to-detect-nearby-smart-glasses/ • Developer creates app to detect nearby smart glasses An independent developer, moved after reading about the abuse ofsmart glassesto film people without their consent, decided to https://cluster-site.onrender.com/posts/exposing-the-undercurrent-disrupting-the-gridtide-global-cyber-espionage-campaign/ Wed, 25 Feb 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/exposing-the-undercurrent-disrupting-the-gridtide-global-cyber-espionage-campaign/ • Exposing the Undercurrent: Disrupting the GRIDTIDE Global Cyber Espionage Campaign Google Threat Intelligence Group Mandiant Google Threat Intelligence Visibility and context on https://cluster-site.onrender.com/posts/caught-in-the-hook-rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536-cve-2026-21852/ Wed, 25 Feb 2026 13:58:39 +0000 https://cluster-site.onrender.com/posts/caught-in-the-hook-rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536-cve-2026-21852/ • By Aviv Donenfeld and Oded Vanunu Check Point Research has discovered critical vulnerabilities in Anthropic’s Claude Code that allow attackers to achieve remote code execution an https://cluster-site.onrender.com/posts/mquire-linux-memory-forensics-without-external-dependencies/ Wed, 25 Feb 2026 12:00:00 +0000 https://cluster-site.onrender.com/posts/mquire-linux-memory-forensics-without-external-dependencies/ • mquire: Linux memory forensics without external dependencies If you’ve ever done Linux memory forensics, you know the frustration: without debug symbols that match the exact kern https://cluster-site.onrender.com/posts/zdi-26-124-claude-hovercraft-executeclaudecode-command-injection-remote-code-execution-vulnerability/ Wed, 25 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-124-claude-hovercraft-executeclaudecode-command-injection-remote-code-execution-vulnerability/ • Advisory Details claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability ZDI-26-124ZDI-CAN-27785 This vulnerability allows remote attackers to e https://cluster-site.onrender.com/posts/zdi-26-127-pwn2own-ubiquiti-networks-ai-pro-cleartext-transmission-information-disclosure-vulnerability/ Wed, 25 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-127-pwn2own-ubiquiti-networks-ai-pro-cleartext-transmission-information-disclosure-vulnerability/ • Advisory Details (Pwn2Own) Ubiquiti Networks AI Pro Cleartext Transmission Information Disclosure Vulnerability ZDI-26-127ZDI-CAN-28474 This vulnerability allows network-adjacent https://cluster-site.onrender.com/posts/zdi-26-128-pwn2own-ubiquiti-networks-ai-pro-uncaught-exception-denial-of-service-vulnerability/ Wed, 25 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-128-pwn2own-ubiquiti-networks-ai-pro-uncaught-exception-denial-of-service-vulnerability/ • Advisory Details (Pwn2Own) Ubiquiti Networks AI Pro Uncaught Exception Denial-of-Service Vulnerability ZDI-26-128ZDI-CAN-28824 This vulnerability allows network-adjacent attacker https://cluster-site.onrender.com/posts/zdi-26-129-socomec-diris-a-40-http-api-authentication-bypass-vulnerability/ Wed, 25 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-129-socomec-diris-a-40-http-api-authentication-bypass-vulnerability/ • CVE ID | CVE-2026-2491 | CVSS SCORE | 6 • 3, AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | AFFECTED VENDORS | Socomec | AFFECTED PRODUCTS | DIRIS A-40 | VULNERABILITY DETAILS | This vuln https://cluster-site.onrender.com/posts/zdi-26-130-icewarp-collaboration-directory-traversal-information-disclosure-vulnerability/ Wed, 25 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-130-icewarp-collaboration-directory-traversal-information-disclosure-vulnerability/ • Advisory Details IceWarp collaboration Directory Traversal Information Disclosure Vulnerability ZDI-26-130ZDI-CAN-25440 This vulnerability allows remote attackers to disclose sen https://cluster-site.onrender.com/posts/zdi-26-132-siemens-sinec-nms-uncontrolled-search-path-element-local-privilege-escalation-vulnerability/ Wed, 25 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-132-siemens-sinec-nms-uncontrolled-search-path-element-local-privilege-escalation-vulnerability/ • Advisory Details Siemens SINEC NMS Uncontrolled Search Path Element Local Privilege Escalation Vulnerability ZDI-26-132ZDI-CAN-28108 This vulnerability allows local attackers to https://cluster-site.onrender.com/posts/reddit-porn-sites-fined-by-uk-regulators-over-childrens-safety-and-privacy/ Tue, 24 Feb 2026 15:48:02 +0000 https://cluster-site.onrender.com/posts/reddit-porn-sites-fined-by-uk-regulators-over-childrens-safety-and-privacy/ • Reddit, porn sites fined by UK regulators over children’s safety and privacy The UK’s online safety and privacy regulators are targeting companies that violate new age verificati https://cluster-site.onrender.com/posts/roblox-gives-predators-%238220powerful-tools%238221-to-target-children-says-la-county/ Tue, 24 Feb 2026 15:22:20 +0000 https://cluster-site.onrender.com/posts/roblox-gives-predators-%238220powerful-tools%238221-to-target-children-says-la-county/ • Roblox gives predators ‘powerful tools’ to target children, says LA County Los Angeles County has sued online gaming company Roblox, adding to a series of suits that accuse the v https://cluster-site.onrender.com/posts/fake-zoom-meeting-%238220update%238221-silently-installs-rogue-version-of-monitoring-tool-abused-by-cybercriminals-to-spy-on-victims/ Tue, 24 Feb 2026 09:47:26 +0000 https://cluster-site.onrender.com/posts/fake-zoom-meeting-%238220update%238221-silently-installs-rogue-version-of-monitoring-tool-abused-by-cybercriminals-to-spy-on-victims/ • Fake Zoom meeting ‘update’ silently installs rogue version of monitoring tool abused by cybercriminals to spy on victims UPDATE (February 25, 2026): Teramind has stated that it i https://cluster-site.onrender.com/posts/fake-zoom-meeting-%238220update%238221-silently-installs-surveillance-software/ Tue, 24 Feb 2026 09:47:26 +0000 https://cluster-site.onrender.com/posts/fake-zoom-meeting-%238220update%238221-silently-installs-surveillance-software/ • Fake Zoom meeting ‘update’ silently installs surveillance software A fake Zoom meeting website is silently pushing surveillance software onto Windows machines. • Visitors land on https://cluster-site.onrender.com/posts/refund-scam-impersonates-avast-to-harvest-credit-card-details/ Tue, 24 Feb 2026 08:28:32 +0000 https://cluster-site.onrender.com/posts/refund-scam-impersonates-avast-to-harvest-credit-card-details/ • Refund scam impersonates Avast to harvest credit card details A fraudulent website dressed in Avast’s brand is tricking French-speaking users into handing over their full credit https://cluster-site.onrender.com/posts/openclaw-what-is-it-and-can-you-use-it-safely/ Mon, 23 Feb 2026 21:10:50 +0000 https://cluster-site.onrender.com/posts/openclaw-what-is-it-and-can-you-use-it-safely/ • OpenClaw: What is it and can you use it safely? • An AI tool with a funny name has caused quite a commotion as of late-including some allegations ofmachine consciousness-so here https://cluster-site.onrender.com/posts/2025-the-untold-stories-of-check-point-research/ Mon, 23 Feb 2026 15:27:21 +0000 https://cluster-site.onrender.com/posts/2025-the-untold-stories-of-check-point-research/ • Check Point Research (CPR) continuously tracks threats, following the clues that lead to major players and incidents in the threat landscape. • Whether it’s high-end financially- https://cluster-site.onrender.com/posts/password-managers-keep-your-passwords-safe-unless.../ Mon, 23 Feb 2026 12:45:21 +0000 https://cluster-site.onrender.com/posts/password-managers-keep-your-passwords-safe-unless.../ • Password managers keep your passwords safe, unless… I’m a big advocate of password managers. • Granted, there are better alternatives for passwords likepasskeys, but if a provi https://cluster-site.onrender.com/posts/fake-huorong-security-site-infects-users-with-valleyrat/ Mon, 23 Feb 2026 12:18:50 +0000 https://cluster-site.onrender.com/posts/fake-huorong-security-site-infects-users-with-valleyrat/ • A convincing lookalike of the popular Huorong Security antivirus has been used to deliver ValleyRAT, a sophisticated Remote Access Trojan (RAT) built on the Winos4.0 framework, t https://cluster-site.onrender.com/posts/a-week-in-security-february-16-%238211-february-22/ Mon, 23 Feb 2026 08:02:35 +0000 https://cluster-site.onrender.com/posts/a-week-in-security-february-16-%238211-february-22/ • A week in security (February 16 - February 22) Last week on Malwarebytes Labs: Age verification vendor Persona left frontend exposed, researchers say Facebook ads spread fake Win https://cluster-site.onrender.com/posts/zdi-26-123-docker-desktop-mcp-server-cleartext-storage-of-sensitive-information-vulnerability/ Mon, 23 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-123-docker-desktop-mcp-server-cleartext-storage-of-sensitive-information-vulnerability/ • Advisory Details Docker Desktop MCP Server Cleartext Storage of Sensitive Information Vulnerability ZDI-26-123ZDI-CAN-27562 This vulnerability allows local attackers to disclose https://cluster-site.onrender.com/posts/what-can%238217t-you-say-on-tiktok/ Sun, 22 Feb 2026 23:08:27 +0000 https://cluster-site.onrender.com/posts/what-can%238217t-you-say-on-tiktok/ • What can’t you say on TikTok? • This week on the Lock and Code podcast… A funny thing happened on TikTok last month, and it has brought allegations of censorship, manipulation, https://cluster-site.onrender.com/posts/february-2026-patch-tuesday-six-zero-days-among-59-cves-patched/ Sun, 22 Feb 2026 07:32:03 +0000 https://cluster-site.onrender.com/posts/february-2026-patch-tuesday-six-zero-days-among-59-cves-patched/ • Actively Exploited Zero-Day Vulnerability in Windows Remote Desktop CVE-2026-21533 is an Important elevation of privilege vulnerability affecting Windows Remote Desktop Services https://cluster-site.onrender.com/posts/introducing-quotai-unlocked-decoding-prompt-injectionquot-a-new-interactive-challenge/ Sat, 21 Feb 2026 18:32:12 +0000 https://cluster-site.onrender.com/posts/introducing-quotai-unlocked-decoding-prompt-injectionquot-a-new-interactive-challenge/ • FeaturedIntroducing ‘AI Unlocked: Decoding Prompt Injection,’ a New Interactive ChallengeFeb 18, 2026Exposing Insider Threats through Data Protection, Identity, and HR ContextFeb https://cluster-site.onrender.com/posts/using-threat-modeling-and-prompt-injection-to-audit-comet/ Fri, 20 Feb 2026 16:00:00 +0000 https://cluster-site.onrender.com/posts/using-threat-modeling-and-prompt-injection-to-audit-comet/ • Using threat modeling and prompt injection to audit Comet Before launching their Comet browser, Perplexity hired us to test the security of their AI-powered browsing features. • https://cluster-site.onrender.com/posts/age-verification-vendor-persona-left-frontend-exposed/ Fri, 20 Feb 2026 14:08:39 +0000 https://cluster-site.onrender.com/posts/age-verification-vendor-persona-left-frontend-exposed/ • Discord partners with Persona for age verification, requiring facial scans before full platform access. • Researchers uncovered a publicly exposed Persona frontend on a US govern https://cluster-site.onrender.com/posts/age-verification-vendor-persona-left-frontend-exposed-researchers-say/ Fri, 20 Feb 2026 14:08:39 +0000 https://cluster-site.onrender.com/posts/age-verification-vendor-persona-left-frontend-exposed-researchers-say/ • Age verification vendor Persona left frontend exposed, researchers say Researchers investigating Discord’s age-verification checkssay they discoveredan exposed frontend belonging https://cluster-site.onrender.com/posts/facebook-ads-spread-fake-windows-11-downloads-that-steal-passwords-and-crypto-wallets/ Fri, 20 Feb 2026 10:00:30 +0000 https://cluster-site.onrender.com/posts/facebook-ads-spread-fake-windows-11-downloads-that-steal-passwords-and-crypto-wallets/ • Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets Attackers are running paid Facebook ads that look like official Microsoft promotions, then d https://cluster-site.onrender.com/posts/cve-2026-20841-arbitrary-code-execution-in-the-windows-notepad/ Thu, 19 Feb 2026 21:24:50 +0000 https://cluster-site.onrender.com/posts/cve-2026-20841-arbitrary-code-execution-in-the-windows-notepad/ • CVE-2026-20841: Arbitrary Code Execution in the Windows Notepad In this excerpt of a TrendAI Research Services vulnerability report, Nikolai Skliarenko and Yazhi Wang of the Tren https://cluster-site.onrender.com/posts/using-ai-to-defeat-ai/ Thu, 19 Feb 2026 19:00:07 +0000 https://cluster-site.onrender.com/posts/using-ai-to-defeat-ai/ • Using AI to defeat AI Welcome to this week’s edition of the Threat Source newsletter. • Generative AI and agentic AI are here to stay. • Although I believe that the advantages th https://cluster-site.onrender.com/posts/ai-generated-passwords-are-a-security-risk/ Thu, 19 Feb 2026 14:46:58 +0000 https://cluster-site.onrender.com/posts/ai-generated-passwords-are-a-security-risk/ • AI-generated passwords are a security risk Using Artificial Intelligence (AI) to generate your passwords is a bad idea. • It’s likely to give that password to a criminal who can https://cluster-site.onrender.com/posts/intimate-products-maker-tenga-spilled-customer-data/ Thu, 19 Feb 2026 11:48:35 +0000 https://cluster-site.onrender.com/posts/intimate-products-maker-tenga-spilled-customer-data/ • Intimate products maker Tenga spilled customer data Tenga confirmed reports published by several outlets that the company notified customers of a data breach. • The Japanese manu https://cluster-site.onrender.com/posts/intimate-products-producer-tenga-spilled-customer-data/ Thu, 19 Feb 2026 11:48:35 +0000 https://cluster-site.onrender.com/posts/intimate-products-producer-tenga-spilled-customer-data/ • Intimate products producer Tenga spilled customer data Tenga confirmed reports published by several outlets that the company notified customers of a data breach. • The Japanese m https://cluster-site.onrender.com/posts/meta-patents-ai-that-could-keep-you-posting-from-beyond-the-grave/ Thu, 19 Feb 2026 11:16:32 +0000 https://cluster-site.onrender.com/posts/meta-patents-ai-that-could-keep-you-posting-from-beyond-the-grave/ • Meta patents AI that could keep you posting from beyond the grave Tech bros have beenwanting to become immortalfor years. • Until they get there, their fallback might be continui https://cluster-site.onrender.com/posts/zdi-26-110-bosch-rexroth-indraworks-print-settings-file-parsing-deserialization-of-untrusted-data-remote-code-execution-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-110-bosch-rexroth-indraworks-print-settings-file-parsing-deserialization-of-untrusted-data-remote-code-execution-vulnerability/ • Advisory Details Bosch Rexroth IndraWorks Print Settings File Parsing Deserialization Of Untrusted Data Remote Code Execution Vulnerability ZDI-26-110ZDI-CAN-28112 This vulnerabi https://cluster-site.onrender.com/posts/zdi-26-111-mlflow-use-of-default-password-authentication-bypass-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-111-mlflow-use-of-default-password-authentication-bypass-vulnerability/ • Advisory Details MLflow Use of Default Password Authentication Bypass Vulnerability ZDI-26-111ZDI-CAN-28256 This vulnerability allows remote attackers to bypass authentication on https://cluster-site.onrender.com/posts/zdi-26-112-dassault-syst%C3%A8mes-edrawings-viewer-eprt-file-parsing-uninitialized-variable-remote-code-execution-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-112-dassault-syst%C3%A8mes-edrawings-viewer-eprt-file-parsing-uninitialized-variable-remote-code-execution-vulnerability/ • Advisory Details Dassault Systèmes eDrawings Viewer EPRT File Parsing Uninitialized Variable Remote Code Execution Vulnerability ZDI-26-112ZDI-CAN-28315 This vulnerability allows https://cluster-site.onrender.com/posts/zdi-26-113-dassault-syst%C3%A8mes-edrawings-viewer-eprt-file-parsing-memory-corruption-remote-code-execution-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-113-dassault-syst%C3%A8mes-edrawings-viewer-eprt-file-parsing-memory-corruption-remote-code-execution-vulnerability/ • Advisory Details Dassault Systèmes eDrawings Viewer EPRT File Parsing Memory Corruption Remote Code Execution Vulnerability ZDI-26-113ZDI-CAN-28378 This vulnerability allows remo https://cluster-site.onrender.com/posts/zdi-26-115-fortinet-forticlient-vpn-fcconfig-utility-link-following-local-privilege-escalation-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-115-fortinet-forticlient-vpn-fcconfig-utility-link-following-local-privilege-escalation-vulnerability/ • Advisory Details Fortinet FortiClient VPN FCConfig Utility Link Following Local Privilege Escalation Vulnerability ZDI-26-115ZDI-CAN-25710 This vulnerability allows local attacke https://cluster-site.onrender.com/posts/zdi-26-116-tensorflow-hdf5-library-uncontrolled-search-path-element-local-privilege-escalation-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-116-tensorflow-hdf5-library-uncontrolled-search-path-element-local-privilege-escalation-vulnerability/ • TensorFlow HDF5 library flaw lets local attackers load plugins from unsecured paths. • Exploit requires low‑privilege code execution before escalating to higher privileges. • Vul https://cluster-site.onrender.com/posts/zdi-26-117-rustdesk-client-for-windows-transfer-file-link-following-information-disclosure-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-117-rustdesk-client-for-windows-transfer-file-link-following-information-disclosure-vulnerability/ • Advisory Details RustDesk Client for Windows Transfer File Link Following Information Disclosure Vulnerability ZDI-26-117ZDI-CAN-27909 This vulnerability allows local attackers t https://cluster-site.onrender.com/posts/zdi-26-118-gimp-pgm-file-parsing-uninitialized-memory-remote-code-execution-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-118-gimp-pgm-file-parsing-uninitialized-memory-remote-code-execution-vulnerability/ • Advisory Details GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulnerability ZDI-26-118ZDI-CAN-28158 This vulnerability allows remote attackers to execute arbi https://cluster-site.onrender.com/posts/zdi-26-120-gimp-icns-file-parsing-heap-based-buffer-overflow-remote-code-execution-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-120-gimp-icns-file-parsing-heap-based-buffer-overflow-remote-code-execution-vulnerability/ • Remote attackers can execute arbitrary code via GIMP ICNS file parsing. • Exploit requires user interaction: opening malicious file or visiting malicious page. • Vulnerability du https://cluster-site.onrender.com/posts/zdi-26-121-gimp-xwd-file-parsing-out-of-bounds-write-remote-code-execution-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-121-gimp-xwd-file-parsing-out-of-bounds-write-remote-code-execution-vulnerability/ • Advisory Details GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability ZDI-26-121ZDI-CAN-28591 This vulnerability allows remote attackers to execute arbit https://cluster-site.onrender.com/posts/zdi-26-122-pdf-xchange-editor-trackerupdate-uncontrolled-search-path-element-local-privilege-escalation-vulnerability/ Thu, 19 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-122-pdf-xchange-editor-trackerupdate-uncontrolled-search-path-element-local-privilege-escalation-vulnerability/ • Advisory Details PDF-XChange Editor TrackerUpdate Uncontrolled Search Path Element Local Privilege Escalation Vulnerability ZDI-26-122ZDI-CAN-27788 This vulnerability allows loca https://cluster-site.onrender.com/posts/betterment-data-breach-might-be-worse-than-we-thought/ Wed, 18 Feb 2026 17:09:02 +0000 https://cluster-site.onrender.com/posts/betterment-data-breach-might-be-worse-than-we-thought/ • Betterment data breach might be worse than we thought Betterment LLC is an investment advisor registered with US Securities and Exchange Commission (SEC). • The companydiscloseda https://cluster-site.onrender.com/posts/job-scam-uses-fake-google-forms-site-to-harvest-google-logins/ Wed, 18 Feb 2026 12:22:22 +0000 https://cluster-site.onrender.com/posts/job-scam-uses-fake-google-forms-site-to-harvest-google-logins/ • Job scam uses fake Google Forms site to harvest Google logins As part of our investigation into a job-themed phishing campaign, we came across several suspicious URLs that all lo https://cluster-site.onrender.com/posts/carelessness-versus-craftsmanship-in-cryptography/ Wed, 18 Feb 2026 12:00:00 +0000 https://cluster-site.onrender.com/posts/carelessness-versus-craftsmanship-in-cryptography/ • Carelessness versus craftsmanship in cryptography Two popular AES libraries, aes-js and pyaes, ‘helpfully’ provide a default IV in their AES-CTR API, leading to a large number of https://cluster-site.onrender.com/posts/good-enough-emulation-fuzzing-a-single-thread-to-uncover-vulnerabilities/ Wed, 18 Feb 2026 11:00:31 +0000 https://cluster-site.onrender.com/posts/good-enough-emulation-fuzzing-a-single-thread-to-uncover-vulnerabilities/ • - A Cisco Talos researcher worked around the limitations of hardware-level Code Read-out Protection (RDP) on the Socomec DIRIS M-70 gateway by pivoting from physical debugging to https://cluster-site.onrender.com/posts/scammers-use-fake-gemini-ai-chatbot-to-sell-fake-google-coin/ Wed, 18 Feb 2026 10:10:49 +0000 https://cluster-site.onrender.com/posts/scammers-use-fake-gemini-ai-chatbot-to-sell-fake-google-coin/ • Scammers use fake ‘Gemini’ AI chatbot to sell fake ‘Google Coin’ Scammers have found a new use for AI: creating custom chatbots posing as real AI assistants to pressure victims i https://cluster-site.onrender.com/posts/zdi-26-106-autodesk-autocad-catpart-file-parsing-out-of-bounds-write-remote-code-execution-vulnerability/ Wed, 18 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-106-autodesk-autocad-catpart-file-parsing-out-of-bounds-write-remote-code-execution-vulnerability/ • Advisory Details Autodesk AutoCAD CATPART File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability ZDI-26-106ZDI-CAN-28417 This vulnerability allows remote attackers https://cluster-site.onrender.com/posts/zdi-26-107-autodesk-autocad-model-file-out-of-bounds-write-remote-code-execution-vulnerability/ Wed, 18 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-107-autodesk-autocad-model-file-out-of-bounds-write-remote-code-execution-vulnerability/ • Remote code execution via out-of-bounds write in AutoCAD MODEL file parsing. • Requires user to open malicious file or visit malicious page. • Exploit writes past allocated buffe https://cluster-site.onrender.com/posts/chrome-%238220preloading%238221-could-be-leaking-your-data-and-causing-problems-in-browser-guard/ Tue, 17 Feb 2026 18:25:47 +0000 https://cluster-site.onrender.com/posts/chrome-%238220preloading%238221-could-be-leaking-your-data-and-causing-problems-in-browser-guard/ • Chrome ‘preloading’ could be leaking your data and causing problems in Browser Guard This article explains why Chrome’s ‘preloading’ feature can cause scary-looking blocks in Mal https://cluster-site.onrender.com/posts/ai-in-the-middle-turning-web-based-ai-services-into-c2-proxies-the-future-of-ai-driven-attacks/ Tue, 17 Feb 2026 14:12:49 +0000 https://cluster-site.onrender.com/posts/ai-in-the-middle-turning-web-based-ai-services-into-c2-proxies-the-future-of-ai-driven-attacks/ • AI is rapidly becoming embedded in day-to-day enterprise workflows, inside browsers, collaboration suites, and developer tooling. • As a result, AI service domains increasingly b https://cluster-site.onrender.com/posts/scam-guard-for-desktop-a-second-set-of-eyes-for-suspicious-moments/ Tue, 17 Feb 2026 13:50:00 +0000 https://cluster-site.onrender.com/posts/scam-guard-for-desktop-a-second-set-of-eyes-for-suspicious-moments/ • Scam Guard for desktop: A second set of eyes for suspicious moments Scams aren’t so obvious anymore. • They’re well-written, have working grammar, and can lead victims to very co https://cluster-site.onrender.com/posts/update-chrome-now-zero-day-bug-allows-code-execution-via-malicious-webpages/ Tue, 17 Feb 2026 12:33:13 +0000 https://cluster-site.onrender.com/posts/update-chrome-now-zero-day-bug-allows-code-execution-via-malicious-webpages/ • Update Chrome now: Zero-day bug allows code execution via malicious webpages Google hasissueda patch for a high‑severity Chrome zero‑day, tracked asCVE‑2026‑2441, a memory bug in https://cluster-site.onrender.com/posts/hobby-coder-accidentally-creates-vacuum-robot-army/ Tue, 17 Feb 2026 10:20:49 +0000 https://cluster-site.onrender.com/posts/hobby-coder-accidentally-creates-vacuum-robot-army/ • Hobby coder accidentally creates vacuum robot army Sammy Azdoufal wanted to steer his robot vacuum with a PS5 controller. • Like any good maker, he thought it would be fun to dri https://cluster-site.onrender.com/posts/16th-february-threat-intelligence-report/ Mon, 16 Feb 2026 17:57:42 +0000 https://cluster-site.onrender.com/posts/16th-february-threat-intelligence-report/ • FILTER BY YEAR 2026 2025 2024 2023 2022 2021 2020 2019 2018 2017 2016 16th February - Threat Intelligence Report For the latest discoveries in cyber research for the week of 16th https://cluster-site.onrender.com/posts/clickfix-added-nslookup-commands-to-its-arsenal-for-downloading-rats/ Mon, 16 Feb 2026 13:09:37 +0000 https://cluster-site.onrender.com/posts/clickfix-added-nslookup-commands-to-its-arsenal-for-downloading-rats/ • ClickFix uses fake CAPTCHAs and bogus updates to trick users into executing malicious commands. • Traditional mshta and PowerShell vectors are blocked, so attackers shifted to ns https://cluster-site.onrender.com/posts/a-week-in-security-february-9-%238211-february-15/ Mon, 16 Feb 2026 08:02:00 +0000 https://cluster-site.onrender.com/posts/a-week-in-security-february-9-%238211-february-15/ • Credential‑stealing Chrome extensions discovered; Malwarebytes Labs offers detection and removal guide. • Fake online shops target Winter Olympics 2026 fans, phishing for payment https://cluster-site.onrender.com/posts/how-to-find-and-remove-credential-stealing-chrome-extensions/ Fri, 13 Feb 2026 13:27:34 +0000 https://cluster-site.onrender.com/posts/how-to-find-and-remove-credential-stealing-chrome-extensions/ • Researchers have found yet another family of malicious extensions in the Chrome Web Store. • This time, 30 different Chrome extensions were found stealing credentials from more t https://cluster-site.onrender.com/posts/fake-shops-target-winter-olympics-2026-fans/ Fri, 13 Feb 2026 09:00:02 +0000 https://cluster-site.onrender.com/posts/fake-shops-target-winter-olympics-2026-fans/ • Fake shops target Winter Olympics 2026 fans If you’ve seen the two stoat siblings serving as official mascots of the Milano Cortina 2026 Winter Olympics, you already know Tina an https://cluster-site.onrender.com/posts/zdi-26-099-oracle-virtualbox-vmsvga-race-condition-local-privilege-escalation-vulnerability/ Fri, 13 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-099-oracle-virtualbox-vmsvga-race-condition-local-privilege-escalation-vulnerability/ • Oracle VirtualBox VMSVGA race condition allows local attackers to elevate privileges to hypervisor level. • Exploit requires initial high‑privileged code execution on the guest O https://cluster-site.onrender.com/posts/zdi-26-101-oracle-virtualbox-buslogic-uninitialized-memory-information-disclosure-vulnerability/ Fri, 13 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-101-oracle-virtualbox-buslogic-uninitialized-memory-information-disclosure-vulnerability/ • Advisory Details Oracle VirtualBox BusLogic Uninitialized Memory Information Disclosure Vulnerability ZDI-26-101ZDI-CAN-28080 This vulnerability allows local attackers to disclos https://cluster-site.onrender.com/posts/zdi-26-103-oracle-virtualbox-vmsvga-out-of-bounds-access-local-privilege-escalation-vulnerability/ Fri, 13 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-103-oracle-virtualbox-vmsvga-out-of-bounds-access-local-privilege-escalation-vulnerability/ • Advisory Details Oracle VirtualBox VMSVGA Out-Of-Bounds Access Local Privilege Escalation Vulnerability ZDI-26-103ZDI-CAN-27923 This vulnerability allows local attackers to escal https://cluster-site.onrender.com/posts/zdi-26-104-sante-dicom-viewer-pro-dcm-file-parsing-buffer-overflow-remote-code-execution-vulnerability/ Fri, 13 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-104-sante-dicom-viewer-pro-dcm-file-parsing-buffer-overflow-remote-code-execution-vulnerability/ • Advisory Details Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability ZDI-26-104ZDI-CAN-28129 This vulnerability allows remote attackers to https://cluster-site.onrender.com/posts/zdi-26-105-mlflow-tracking-server-artifact-handler-directory-traversal-remote-code-execution-vulnerability/ Fri, 13 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-105-mlflow-tracking-server-artifact-handler-directory-traversal-remote-code-execution-vulnerability/ • Advisory Details MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability ZDI-26-105ZDI-CAN-26649 This vulnerability allows remote attacker https://cluster-site.onrender.com/posts/hand-over-the-keys-for-shannons-shenanigans/ Thu, 12 Feb 2026 19:00:22 +0000 https://cluster-site.onrender.com/posts/hand-over-the-keys-for-shannons-shenanigans/ • Hand over the keys for Shannon’s shenanigans Welcome to this week’s edition of the Threat Source newsletter. • Last week, yet another security AI tool made the rounds on social m https://cluster-site.onrender.com/posts/outlook-add-in-goes-rogue-and-steals-4000-credentials-and-payment-data/ Thu, 12 Feb 2026 14:35:13 +0000 https://cluster-site.onrender.com/posts/outlook-add-in-goes-rogue-and-steals-4000-credentials-and-payment-data/ • Outlook add-in goes rogue and steals 4,000 credentials and payment data Researchersfound a malicious Microsoft Outlook add-in which was able to steal 4,000 stolen Microsoft accou https://cluster-site.onrender.com/posts/gtig-ai-threat-tracker-distillation-experimentation-and-continued-integration-of-ai-for-adversarial-use/ Thu, 12 Feb 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/gtig-ai-threat-tracker-distillation-experimentation-and-continued-integration-of-ai-for-adversarial-use/ • GTIG AI Threat Tracker: Distillation, Experimentation, and (Continued) Integration of AI for Adversarial Use Google Threat Intelligence Group Google Threat Intelligence Visibilit https://cluster-site.onrender.com/posts/child-exploitation-grooming-and-social-media-addiction-claims-put-meta-on-trial/ Thu, 12 Feb 2026 12:35:26 +0000 https://cluster-site.onrender.com/posts/child-exploitation-grooming-and-social-media-addiction-claims-put-meta-on-trial/ • Child exploitation, grooming, and social media addiction claims put Meta on trial Meta is facing two trials over child safety allegations in California and New Mexico. • The laws https://cluster-site.onrender.com/posts/ryan-liles-master-of-technical-diplomacy/ Thu, 12 Feb 2026 11:00:39 +0000 https://cluster-site.onrender.com/posts/ryan-liles-master-of-technical-diplomacy/ • Ryan Liles, master of technical diplomacy Cisco Talos is back with another inside look at the people who keep the internet safe. • This time, Amy chats with Ryan Liles, who bridg https://cluster-site.onrender.com/posts/criminals-are-using-ai-website-builders-to-clone-major-brands/ Thu, 12 Feb 2026 08:03:00 +0000 https://cluster-site.onrender.com/posts/criminals-are-using-ai-website-builders-to-clone-major-brands/ • Cybercriminals use AI website builders like Vercel to clone trusted brands in minutes. • Cheap, fast domain registration lets attackers register plausible brand‑lookalike names w https://cluster-site.onrender.com/posts/bypassing-administrator-protection-by-abusing-ui-access/ Thu, 12 Feb 2026 08:00:00 +0000 https://cluster-site.onrender.com/posts/bypassing-administrator-protection-by-abusing-ui-access/ • In my last blog post I introduced the new Windows feature, Administrator Protection and how it aimed to create a secure boundary for UAC where one didnât exist. • I described one https://cluster-site.onrender.com/posts/zdi-26-094-schneider-electric-ecostruxure-power-build-ssd-file-parsing-use-after-free-remote-code-execution-vulnerability/ Thu, 12 Feb 2026 06:00:00 +0000 https://cluster-site.onrender.com/posts/zdi-26-094-schneider-electric-ecostruxure-power-build-ssd-file-parsing-use-after-free-remote-code-execution-vulnerability/ • Advisory Details Schneider Electric EcoStruxure Power Build SSD File Parsing Use-After-Free Remote Code Execution Vulnerability ZDI-26-094ZDI-CAN-27478 This vulnerability allows https://cluster-site.onrender.com/posts/malwarebytes-earns-pcmag-best-tech-brand-spot-scores-100-with-mrg-effitas/ Wed, 11 Feb 2026 10:09:52 +0000 https://cluster-site.onrender.com/posts/malwarebytes-earns-pcmag-best-tech-brand-spot-scores-100-with-mrg-effitas/ • Malwarebytes earns PCMag Best Tech Brand spot, scores 100% with MRG Effitas Malwarebytes is on a roll. • Recently named one of PCMag’s ‘Best Tech Brands for 2026,’ Malwarebytes a https://cluster-site.onrender.com/posts/new-threat-actor-uat-9921-leverages-voidlink-framework-in-campaigns/ Wed, 11 Feb 2026 00:00:07 +0000 https://cluster-site.onrender.com/posts/new-threat-actor-uat-9921-leverages-voidlink-framework-in-campaigns/ • - Cisco Talos recently discovered a new threat actor, UAT-9921, leveraging VoidLink in campaigns. • Their activities may go as far back as 2019, even without VoidLink. • - The Vo https://cluster-site.onrender.com/posts/the-february-2026-security-update-review/ Tue, 10 Feb 2026 18:30:28 +0000 https://cluster-site.onrender.com/posts/the-february-2026-security-update-review/ • I have survived the biggest Pwn2Own ever, but I’m back in Tokyo for the second Patch Tuesday of 2026. • My location never stops Patch Tuesday from coming, so let’s take a look at https://cluster-site.onrender.com/posts/discord-will-limit-profiles-to-teen-appropriate-mode-until-you-verify-your-age/ Tue, 10 Feb 2026 15:29:52 +0000 https://cluster-site.onrender.com/posts/discord-will-limit-profiles-to-teen-appropriate-mode-until-you-verify-your-age/ • Discord will limit profiles to teen-appropriate mode until you verify your age Discordannouncedit will put all existing and new profiles in teen-appropriate mode by default in ea https://cluster-site.onrender.com/posts/beyond-the-battlefield-threats-to-the-defense-industrial-base/ Tue, 10 Feb 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/beyond-the-battlefield-threats-to-the-defense-industrial-base/ • Beyond the Battlefield: Threats to the Defense Industrial Base Google Threat Intelligence Group Google Threat Intelligence Visibility and context on the threats that matter most. https://cluster-site.onrender.com/posts/how-safe-are-kids-using-social-media-we-did-the-groundwork/ Tue, 10 Feb 2026 13:50:00 +0000 https://cluster-site.onrender.com/posts/how-safe-are-kids-using-social-media-we-did-the-groundwork/ • When researchers created an account for a child under 13 on Roblox, they expected heavy guardrails. • Instead, they found that the platform’s search features still allowed kids t https://cluster-site.onrender.com/posts/man-tricked-hundreds-of-women-into-handing-over-snapchat-security-codes/ Tue, 10 Feb 2026 13:28:45 +0000 https://cluster-site.onrender.com/posts/man-tricked-hundreds-of-women-into-handing-over-snapchat-security-codes/ • Man tricked hundreds of women into handing over Snapchat security codes Fresh off a breathless Super Bowl Sunday, we’re less thrilled to bring you this week’s Weirdo Wednesday. • https://cluster-site.onrender.com/posts/unc1069-targets-cryptocurrency-sector-with-new-tooling-and-ai-enabled-social-engineering/ Mon, 09 Feb 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/unc1069-targets-cryptocurrency-sector-with-new-tooling-and-ai-enabled-social-engineering/ • UNC1069 Targets Cryptocurrency Sector with New Tooling and AI-Enabled Social Engineering Mandiant Written by: Ross Inman, Adrian Hernandez Introduction North Korean threat actors https://cluster-site.onrender.com/posts/9th-february-threat-intelligence-report/ Mon, 09 Feb 2026 12:50:16 +0000 https://cluster-site.onrender.com/posts/9th-february-threat-intelligence-report/ • Conpet pipeline attack disrupted IT but not operations. • Qilin ransomware group claimed responsibility. • Check Point Harmony protects against this threat. • Report covers recen https://cluster-site.onrender.com/posts/all-gas-no-brakes-time-to-come-to-ai-church/ Thu, 05 Feb 2026 19:00:39 +0000 https://cluster-site.onrender.com/posts/all-gas-no-brakes-time-to-come-to-ai-church/ • All gas, no brakes: Time to come to AI church Welcome to this week’s edition of the Threat Source newsletter. • Brothers and sisters, gather close for a moment. • We are all secu https://cluster-site.onrender.com/posts/cve-2025-6978-arbitrary-code-execution-in-the-arista-ng-firewall/ Thu, 05 Feb 2026 16:45:49 +0000 https://cluster-site.onrender.com/posts/cve-2025-6978-arbitrary-code-execution-in-the-arista-ng-firewall/ • CVE-2025-6978 exposes command injection in Arista NG Firewall’s diagnostics component. • Remote authenticated attackers can craft HTTP requests to execute arbitrary commands as r https://cluster-site.onrender.com/posts/knife-cutting-the-edge-disclosing-a-china-nexus-gateway-monitoring-aitm-framework/ Thu, 05 Feb 2026 11:00:55 +0000 https://cluster-site.onrender.com/posts/knife-cutting-the-edge-disclosing-a-china-nexus-gateway-monitoring-aitm-framework/ • - Cisco Talos uncovered ‘DKnife,’ a fully featured gateway-monitoring and adversary-in-the-middle (AitM) framework comprising seven Linux-based implants that perform deep-packet https://cluster-site.onrender.com/posts/amaranth-dragon-weaponizing-cve-2025-8088-for-targeted-espionage-in-the-southeast-asia/ Wed, 04 Feb 2026 13:57:37 +0000 https://cluster-site.onrender.com/posts/amaranth-dragon-weaponizing-cve-2025-8088-for-targeted-espionage-in-the-southeast-asia/ • Check Point Research has identified several campaigns targeting multiple countries in the Southeast Asian region. • These related activities have been collectively categorized un https://cluster-site.onrender.com/posts/2nd-february-threat-intelligence-report/ Mon, 02 Feb 2026 13:35:05 +0000 https://cluster-site.onrender.com/posts/2nd-february-threat-intelligence-report/ • FILTER BY YEAR 2026 2025 2024 2023 2022 2021 2020 2019 2018 2017 2016 2nd February - Threat Intelligence Report For the latest discoveries in cyber research for the week of 2nd F https://cluster-site.onrender.com/posts/guidance-from-the-frontlines-proactive-defense-against-shinyhunters-branded-data-theft-targeting-saas/ Fri, 30 Jan 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/guidance-from-the-frontlines-proactive-defense-against-shinyhunters-branded-data-theft-targeting-saas/ • Guidance from the Frontlines: Proactive Defense Against ShinyHunters-Branded Data Theft Targeting SaaS Mandiant Introduction Mandiant is tracking a significant expansion and esca https://cluster-site.onrender.com/posts/vishing-for-access-tracking-the-expansion-of-shinyhunters-branded-saas-data-theft/ Fri, 30 Jan 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/vishing-for-access-tracking-the-expansion-of-shinyhunters-branded-saas-data-theft/ • Vishing for Access: Tracking the Expansion of ShinyHunters-Branded SaaS Data Theft Mandiant Google Threat Intelligence Visibility and context on the threats that matter most. • C https://cluster-site.onrender.com/posts/celebrating-our-2025-open-source-contributions/ Fri, 30 Jan 2026 12:00:00 +0000 https://cluster-site.onrender.com/posts/celebrating-our-2025-open-source-contributions/ • Celebrating our 2025 open-source contributions Last year, our engineers submitted over 375 pull requests that were merged into non-Trail of Bits repositories, touching more than https://cluster-site.onrender.com/posts/breaking-the-sound-barrier-part-ii-exploiting-cve-2024-54529/ Fri, 30 Jan 2026 08:00:00 +0000 https://cluster-site.onrender.com/posts/breaking-the-sound-barrier-part-ii-exploiting-cve-2024-54529/ • CVE-2024-54529: type confusion in CoreAudio’s com.apple.audio.audiohald Mach service, causing crashes. • Exploitation involved manipulating Mach messages to fetch wrong HALS_Obje https://cluster-site.onrender.com/posts/im-locked-in/ Thu, 29 Jan 2026 19:00:34 +0000 https://cluster-site.onrender.com/posts/im-locked-in/ • Welcome to this week’s edition of the Threat Source newsletter. • I’ve struggled a lot over the last few years with balance. • I want to follow the news closely, but at the same https://cluster-site.onrender.com/posts/microsoft-releases-update-to-address-zero-day-vulnerability-in-microsoft-office/ Thu, 29 Jan 2026 14:43:54 +0000 https://cluster-site.onrender.com/posts/microsoft-releases-update-to-address-zero-day-vulnerability-in-microsoft-office/ • Microsoft releases update to address zero-day vulnerability in Microsoft Office Microsoft has published three out-of-band (OOB) updates so far in January 2026. • One of these upd https://cluster-site.onrender.com/posts/building-cryptographic-agility-into-sigstore/ Thu, 29 Jan 2026 12:00:00 +0000 https://cluster-site.onrender.com/posts/building-cryptographic-agility-into-sigstore/ • Sigstore’s original hard-coded ECDSA P-256 + SHA-256 limited future cryptographic flexibility. • Trail of Bits collaborated to create centralized algorithm registry in Protobuf s https://cluster-site.onrender.com/posts/dissecting-uat-8099-new-persistence-mechanisms-and-regional-focus/ Thu, 29 Jan 2026 11:00:11 +0000 https://cluster-site.onrender.com/posts/dissecting-uat-8099-new-persistence-mechanisms-and-regional-focus/ • - Cisco Talos has identified a new campaign by UAT-8099, active from late 2025 to early 2026, that is targeting vulnerable Internet Information Services (IIS) servers across Asia https://cluster-site.onrender.com/posts/ir-trends-q4-2025-exploitation-remains-dominant-phishing-campaign-targets-native-american-tribal-organizations/ Thu, 29 Jan 2026 11:00:07 +0000 https://cluster-site.onrender.com/posts/ir-trends-q4-2025-exploitation-remains-dominant-phishing-campaign-targets-native-american-tribal-organizations/ • Threat actors predominately exploited public-facing applications for the second quarter in a row, with this tactic appearing in nearly 40 percent of Cisco Talos Incident Response https://cluster-site.onrender.com/posts/cyber-security-report-2026/ Wed, 28 Jan 2026 16:34:22 +0000 https://cluster-site.onrender.com/posts/cyber-security-report-2026/ • CATEGORIES Android Malware23 Artificial Intelligence4 ChatGPT3 Check Point Research Publications443 Cloud Security1 CPRadio44 Crypto2 Data & Threat Intelligence1 Data Analysis0 D https://cluster-site.onrender.com/posts/no-place-like-home-network-disrupting-the-worlds-largest-residential-proxy-network/ Wed, 28 Jan 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/no-place-like-home-network-disrupting-the-worlds-largest-residential-proxy-network/ • No Place Like Home Network: Disrupting the World’s Largest Residential Proxy Network Google Threat Intelligence Group Google Threat Intelligence Visibility and context on the thr https://cluster-site.onrender.com/posts/diverse-threat-actors-exploiting-critical-winrar-vulnerability-cve-2025-8088/ Tue, 27 Jan 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/diverse-threat-actors-exploiting-critical-winrar-vulnerability-cve-2025-8088/ • CVE-2025-8088: critical path traversal flaw in WinRAR allows arbitrary file writes via ADS. • Exploited by state-backed actors from Russia, China and financially motivated groups https://cluster-site.onrender.com/posts/26th-january-threat-intelligence-report/ Mon, 26 Jan 2026 13:35:35 +0000 https://cluster-site.onrender.com/posts/26th-january-threat-intelligence-report/ • Article inaccessible; requires JavaScript to load content. • Unable to verify authenticity of threat intel data. • No actionable insights provided due to technical barrier. • Sug https://cluster-site.onrender.com/posts/bypassing-windows-administrator-protection/ Mon, 26 Jan 2026 08:00:00 +0000 https://cluster-site.onrender.com/posts/bypassing-windows-administrator-protection/ • Windows 11 25H2 introduces Administrator Protection, replacing UAC with a stricter privilege model. • Feature grants admin rights only when necessary, isolating limited and admin https://cluster-site.onrender.com/posts/i-scan-you-scan-we-all-scan-for...-knowledge/ Thu, 22 Jan 2026 19:00:11 +0000 https://cluster-site.onrender.com/posts/i-scan-you-scan-we-all-scan-for...-knowledge/ • Reconnaissance is often ignored, yet it’s essential for protecting networks. • Know your environment: attackers excel at mapping assets, from Windows 7 machines to smart fridges. https://cluster-site.onrender.com/posts/foxit-epic-games-store-meddreams-vulnerabilities/ Thu, 22 Jan 2026 13:54:57 +0000 https://cluster-site.onrender.com/posts/foxit-epic-games-store-meddreams-vulnerabilities/ • Cisco Talos uncovered 25 critical vulnerabilities across Foxit PDF Editor, Epic Games Store, and MedDreams PACS. • Foxit PDF Editor had privilege escalation via Microsoft Store i https://cluster-site.onrender.com/posts/konni-adopts-ai-to-generate-powershell-backdoors/ Thu, 22 Jan 2026 13:54:08 +0000 https://cluster-site.onrender.com/posts/konni-adopts-ai-to-generate-powershell-backdoors/ • KONNI leverages AI to auto-generate PowerShell backdoor scripts, streamlining malware development. • AI models produce obfuscated code, enhancing stealth against signature-based https://cluster-site.onrender.com/posts/pwn2own-automotive-2026-day-one-results/ Wed, 21 Jan 2026 04:03:33 +0000 https://cluster-site.onrender.com/posts/pwn2own-automotive-2026-day-one-results/ • 76 unique 0‑day vulnerabilities discovered across three days, totaling $1,047,000 in rewards. • Fuzzware.io clinched Master of Pwn with 28 points, outperforming rivals like Team https://cluster-site.onrender.com/posts/pwn2own-automotive-2026-the-full-schedule/ Tue, 20 Jan 2026 10:25:51 +0000 https://cluster-site.onrender.com/posts/pwn2own-automotive-2026-the-full-schedule/ • Pwn2Own Automotive 2026 returns to Tokyo, featuring record 73 entries. • Competition spans real‑world automotive components, testing IVI and Level‑2 EV chargers. • Random draw se https://cluster-site.onrender.com/posts/voidlink-evidence-that-the-era-of-advanced-ai-generated-malware-has-begun/ Tue, 20 Jan 2026 09:27:54 +0000 https://cluster-site.onrender.com/posts/voidlink-evidence-that-the-era-of-advanced-ai-generated-malware-has-begun/ • VoidLink showcases AI-generated malware capable of crafting polymorphic code. • The malware leverages generative models to evade traditional signature-based detection. • Checkpoi https://cluster-site.onrender.com/posts/19th-january-threat-intelligence-report/ Mon, 19 Jan 2026 08:55:27 +0000 https://cluster-site.onrender.com/posts/19th-january-threat-intelligence-report/ • Unable to access threat intel report due to JavaScript requirement, preventing data retrieval. • Checkpoint Research site blocked without JavaScript, limiting threat intelligence https://cluster-site.onrender.com/posts/predicting-2026/ Thu, 15 Jan 2026 19:00:15 +0000 https://cluster-site.onrender.com/posts/predicting-2026/ • Predicting 2026 Welcome to this week’s edition of the Threat Source newsletter. • It’s become traditional at this time of year to make predictions about cybersecurity for the com https://cluster-site.onrender.com/posts/closing-the-door-on-net-ntlmv1-releasing-rainbow-tables-to-accelerate-protocol-deprecation/ Thu, 15 Jan 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/closing-the-door-on-net-ntlmv1-releasing-rainbow-tables-to-accelerate-protocol-deprecation/ • Closing the Door on Net-NTLMv1: Releasing Rainbow Tables to Accelerate Protocol Deprecation Stop attacks, reduce risk, and advance your security. • Written by: Nic Losby Introduc https://cluster-site.onrender.com/posts/uat-8837-targets-critical-infrastructure-sectors-in-north-america/ Thu, 15 Jan 2026 11:00:47 +0000 https://cluster-site.onrender.com/posts/uat-8837-targets-critical-infrastructure-sectors-in-north-america/ • - Cisco Talos is closely tracking UAT-8837, a threat actor we assess with medium confidence is a China-nexus advanced persistent threat (APT) actor based on overlaps in tactics, https://cluster-site.onrender.com/posts/a-0-click-exploit-chain-for-the-pixel-9-part-2-cracking-the-sandbox-with-a-big-wave/ Wed, 14 Jan 2026 18:00:00 +0000 https://cluster-site.onrender.com/posts/a-0-click-exploit-chain-for-the-pixel-9-part-2-cracking-the-sandbox-with-a-big-wave/ • With the advent of a potential Dolby Unified Decoder RCE exploit, it seemed prudent to see what kind of Linux kernel drivers might be accessible from the resulting userland conte https://cluster-site.onrender.com/posts/a-0-click-exploit-chain-for-the-pixel-9-part-1-decoding-dolby/ Wed, 14 Jan 2026 17:59:00 +0000 https://cluster-site.onrender.com/posts/a-0-click-exploit-chain-for-the-pixel-9-part-1-decoding-dolby/ • Over the past few years, several AI-powered features have been added to mobile phones that allow users to better search and understand their messages. • One effect of this change https://cluster-site.onrender.com/posts/sicarii-ransomware-truth-vs-myth/ Wed, 14 Jan 2026 14:24:07 +0000 https://cluster-site.onrender.com/posts/sicarii-ransomware-truth-vs-myth/ • JavaScript is disabled In order to continue, we need to verify that you’re not a robot. • This requires JavaScript. • Enable JavaScript and then reload the page. https://cluster-site.onrender.com/posts/the-january-2026-security-update-review/ Tue, 13 Jan 2026 19:01:16 +0000 https://cluster-site.onrender.com/posts/the-january-2026-security-update-review/ • I may be in Tokyo preparing for Pwn2Own Automotive, but that doesn’t stop patch Tuesday from coming. • Put aside your broken New Year’s resolutions for just a moment as we review https://cluster-site.onrender.com/posts/lack-of-isolation-in-agentic-browsers-resurfaces-old-vulnerabilities/ Tue, 13 Jan 2026 12:00:00 +0000 https://cluster-site.onrender.com/posts/lack-of-isolation-in-agentic-browsers-resurfaces-old-vulnerabilities/ • Lack of isolation in agentic browsers resurfaces old vulnerabilities With browser-embedded AI agents, we’re essentially starting the security journey over again. • We exploited a https://cluster-site.onrender.com/posts/unveiling-voidlink-a-stealthy-cloud-native-linux-malware-framework/ Tue, 13 Jan 2026 06:31:51 +0000 https://cluster-site.onrender.com/posts/unveiling-voidlink-a-stealthy-cloud-native-linux-malware-framework/ • JavaScript is disabled In order to continue, we need to verify that you’re not a robot. • This requires JavaScript. • Enable JavaScript and then reload the page. https://cluster-site.onrender.com/posts/aurainspector-auditing-salesforce-aura-for-data-exposure/ Mon, 12 Jan 2026 14:00:00 +0000 https://cluster-site.onrender.com/posts/aurainspector-auditing-salesforce-aura-for-data-exposure/ • AuraInspector: Auditing Salesforce Aura for Data Exposure Mandiant Written by: Amine Ismail, Anirudha Kanodia Introduction Mandiant is releasing AuraInspector, a new open-source https://cluster-site.onrender.com/posts/12th-january-threat-intelligence-report/ Mon, 12 Jan 2026 10:07:05 +0000 https://cluster-site.onrender.com/posts/12th-january-threat-intelligence-report/ • JavaScript is disabled In order to continue, we need to verify that you’re not a robot. • This requires JavaScript. • Enable JavaScript and then reload the page. https://cluster-site.onrender.com/posts/breaking-down-the-attack-surface-of-the-kenwood-dnr1007xr-part-one/ Wed, 07 Jan 2026 19:09:53 +0000 https://cluster-site.onrender.com/posts/breaking-down-the-attack-surface-of-the-kenwood-dnr1007xr-part-one/ • Breaking Down the Attack Surface of the Kenwood DNR1007XR - Part One For the upcoming Pwn2Own Automotive contest, a total of 3 head units have been selected. • One of these is th https://cluster-site.onrender.com/posts/inside-gobruteforcer-ai-generated-server-defaults-weak-passwords-and-crypto-focused-campaigns/ Wed, 07 Jan 2026 13:07:34 +0000 https://cluster-site.onrender.com/posts/inside-gobruteforcer-ai-generated-server-defaults-weak-passwords-and-crypto-focused-campaigns/ • JavaScript is disabled In order to continue, we need to verify that you’re not a robot. • This requires JavaScript. • Enable JavaScript and then reload the page. https://cluster-site.onrender.com/posts/5th-january-threat-intelligence-report/ Mon, 05 Jan 2026 12:34:39 +0000 https://cluster-site.onrender.com/posts/5th-january-threat-intelligence-report/ • JavaScript is disabled In order to continue, we need to verify that you’re not a robot. • This requires JavaScript. • Enable JavaScript and then reload the page. https://cluster-site.onrender.com/posts/detect-gos-silent-arithmetic-bugs-with-go-panikint/ Wed, 31 Dec 2025 12:00:00 +0000 https://cluster-site.onrender.com/posts/detect-gos-silent-arithmetic-bugs-with-go-panikint/ • Go’s arithmetic operations on standard integer types are silent by default, meaning overflows ‘wrap around’ without panicking. • This behavior has hidden an entire class of secur https://cluster-site.onrender.com/posts/can-chatbots-craft-correct-code/ Fri, 19 Dec 2025 12:00:00 +0000 https://cluster-site.onrender.com/posts/can-chatbots-craft-correct-code/ • Can chatbots craft correct code? • I recently attended the AI Engineer Code Summit in New York, an invite-only gathering of AI leaders and engineers. • One theme emerged repeated https://cluster-site.onrender.com/posts/use-gwp-asan-to-detect-exploits-in-production-environments/ Tue, 16 Dec 2025 12:00:00 +0000 https://cluster-site.onrender.com/posts/use-gwp-asan-to-detect-exploits-in-production-environments/ • Use GWP-ASan to detect exploits in production environments Memory safety bugs like use-after-free and buffer overflows remain among the most exploited vulnerability classes in pr https://cluster-site.onrender.com/posts/welcome-to-the-new-project-zero-blog/ Tue, 16 Dec 2025 10:00:00 +0000 https://cluster-site.onrender.com/posts/welcome-to-the-new-project-zero-blog/ • While on Project Zero, we aim for our research to be leading-edge, our blog design was ⦠not so much. • We welcome readers to our shiny new blog! • For the occasion, we asked me https://cluster-site.onrender.com/posts/thinking-outside-the-box-dusted-off-draft-from-2017/ Tue, 16 Dec 2025 09:00:00 +0000 https://cluster-site.onrender.com/posts/thinking-outside-the-box-dusted-off-draft-from-2017/ • Preface Hello from the future! • This is a blogpost I originally drafted in early 2017. • I wrote what I intended to be the first half of this post (about escaping from the VM to https://cluster-site.onrender.com/posts/windows-exploitation-techniques-winning-race-conditions-with-path-lookups/ Tue, 16 Dec 2025 08:00:00 +0000 https://cluster-site.onrender.com/posts/windows-exploitation-techniques-winning-race-conditions-with-path-lookups/ • This post was originally written in 2016 for the Project Zero blog. • However, in the end it was published separately in the journal PoC||GTFO issue #13 as well as in the second https://cluster-site.onrender.com/posts/multiple-threat-actors-exploit-react2shell-cve-2025-55182/ Fri, 12 Dec 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/multiple-threat-actors-exploit-react2shell-cve-2025-55182/ • Multiple Threat Actors Exploit React2Shell (CVE-2025-55182) Google Threat Intelligence Group Google Threat Intelligence Visibility and context on the threats that matter most. • https://cluster-site.onrender.com/posts/catching-malicious-package-releases-using-a-transparency-log/ Fri, 12 Dec 2025 12:00:00 +0000 https://cluster-site.onrender.com/posts/catching-malicious-package-releases-using-a-transparency-log/ • Catching malicious package releases using a transparency log We’re getting Sigstore’s rekor-monitor ready for production use, making it easier for developers to detect tampering https://cluster-site.onrender.com/posts/a-look-at-an-android-itw-dng-exploit/ Fri, 12 Dec 2025 10:00:00 +0000 https://cluster-site.onrender.com/posts/a-look-at-an-android-itw-dng-exploit/ • Introduction Between July 2024 and February 2025, 6 suspicious image files were uploaded to VirusTotal. • Thanks to a lead from Meta, these samples came to the attention of Googl https://cluster-site.onrender.com/posts/introducing-mrva-a-terminal-first-approach-to-codeql-multi-repo-variant-analysis/ Thu, 11 Dec 2025 12:00:00 +0000 https://cluster-site.onrender.com/posts/introducing-mrva-a-terminal-first-approach-to-codeql-multi-repo-variant-analysis/ • Introducing mrva, a terminal-first approach to CodeQL multi-repo variant analysis In 2023 GitHub introduced CodeQL multi-repository variant analysis (MRVA). • This functionality https://cluster-site.onrender.com/posts/the-december-2025-security-update-review/ Tue, 09 Dec 2025 18:29:16 +0000 https://cluster-site.onrender.com/posts/the-december-2025-security-update-review/ • It’s the final patch Tuesday of 2025, but that doesn’t make it any less exciting. • Put aside your holiday planning for just a moment as we review the latest security offering fr https://cluster-site.onrender.com/posts/a-method-to-assess-forgivable-vs-unforgivable-vulnerabilities/ Mon, 08 Dec 2025 09:58:58 +0000 https://cluster-site.onrender.com/posts/a-method-to-assess-forgivable-vs-unforgivable-vulnerabilities/ • You need to enable JavaScript to run this app. https://cluster-site.onrender.com/posts/sanctioned-but-still-spying-intellexas-prolific-zero-day-exploits-continue/ Wed, 03 Dec 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/sanctioned-but-still-spying-intellexas-prolific-zero-day-exploits-continue/ • Sanctioned but Still Spying: Intellexa’s Prolific Zero-Day Exploits Continue Google Threat Intelligence Group Google Threat Intelligence Visibility and context on the threats tha https://cluster-site.onrender.com/posts/introducing-constant-time-support-for-llvm-to-protect-cryptographic-code/ Tue, 02 Dec 2025 12:00:00 +0000 https://cluster-site.onrender.com/posts/introducing-constant-time-support-for-llvm-to-protect-cryptographic-code/ • Introducing constant-time support for LLVM to protect cryptographic code Trail of Bits has developed constant-time coding support for LLVM, providing developers with compiler-lev https://cluster-site.onrender.com/posts/beyond-the-watering-hole-apt24s-pivot-to-multi-vector-attacks/ Thu, 20 Nov 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/beyond-the-watering-hole-apt24s-pivot-to-multi-vector-attacks/ • Beyond the Watering Hole: APT24’s Pivot to Multi-Vector Attacks Google Threat Intelligence Group Google Threat Intelligence Visibility and context on the threats that matter most https://cluster-site.onrender.com/posts/we-found-cryptography-bugs-in-the-elliptic-library-using-wycheproof/ Tue, 18 Nov 2025 12:00:00 +0000 https://cluster-site.onrender.com/posts/we-found-cryptography-bugs-in-the-elliptic-library-using-wycheproof/ • We found cryptography bugs in the elliptic library using Wycheproof Trail of Bits is publicly disclosing two vulnerabilities in elliptic, a widely used JavaScript library for ell https://cluster-site.onrender.com/posts/frontline-intelligence-analysis-of-unc1549-ttps-custom-tools-and-malware-targeting-the-aerospace-and-defense-ecosystem/ Mon, 17 Nov 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/frontline-intelligence-analysis-of-unc1549-ttps-custom-tools-and-malware-targeting-the-aerospace-and-defense-ecosystem/ • Frontline Intelligence: Analysis of UNC1549 TTPs, Custom Tools, and Malware Targeting the Aerospace and Defense Ecosystem Mandiant Written by: Mohamed El-Banna, Daniel Lee, Mike https://cluster-site.onrender.com/posts/level-up-your-solidity-llm-tooling-with-slither-mcp/ Sat, 15 Nov 2025 12:00:00 +0000 https://cluster-site.onrender.com/posts/level-up-your-solidity-llm-tooling-with-slither-mcp/ • We’re releasingSlither-MCP, a new tool that augments LLMs with Slither’s unmatched static analysis engine. • Slither-MCP benefits virtually every use case for LLMs by exposing Sl https://cluster-site.onrender.com/posts/how-we-avoided-side-channels-in-our-new-post-quantum-go-cryptography-libraries/ Fri, 14 Nov 2025 12:00:00 +0000 https://cluster-site.onrender.com/posts/how-we-avoided-side-channels-in-our-new-post-quantum-go-cryptography-libraries/ • How we avoided side-channels in our new post-quantum Go cryptography libraries The Trail of Bits cryptography team is releasing our open-source pure Go implementations of ML-DSA https://cluster-site.onrender.com/posts/time-travel-triage-an-introduction-to-time-travel-debugging-using-a-.net-process-hollowing-case-study/ Thu, 13 Nov 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/time-travel-triage-an-introduction-to-time-travel-debugging-using-a-.net-process-hollowing-case-study/ • Time Travel Triage: An Introduction to Time Travel Debugging using a .NET Process Hollowing Case Study Mandiant Google Threat Intelligence Visibility and context on the threats t https://cluster-site.onrender.com/posts/building-checksec-without-boundaries-with-checksec-anywhere/ Thu, 13 Nov 2025 12:00:00 +0000 https://cluster-site.onrender.com/posts/building-checksec-without-boundaries-with-checksec-anywhere/ • Since its original release in 2009,checksechas become widely used in the software security community, proving useful in CTF challenges, security posturing, and general binary ana https://cluster-site.onrender.com/posts/the-november-2025-security-update-review/ Tue, 11 Nov 2025 18:30:42 +0000 https://cluster-site.onrender.com/posts/the-november-2025-security-update-review/ • I’ve made it through Pwn2Own Ireland, and while many are celebrated those who served their country in the armed services, patch Tuesday stops for no one. • So affix your poppy ac https://cluster-site.onrender.com/posts/no-place-like-localhost-unauthenticated-remote-access-via-triofox-vulnerability-cve-2025-12480/ Mon, 10 Nov 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/no-place-like-localhost-unauthenticated-remote-access-via-triofox-vulnerability-cve-2025-12480/ • No Place Like Localhost: Unauthenticated Remote Access via Triofox Vulnerability CVE-2025-12480 Mandiant Written by: Stallone D’Souza, Praveeth DSouza, Bill Glynn, Kevin O’Flynn, https://cluster-site.onrender.com/posts/balancer-hack-analysis-and-guidance-for-the-defi-ecosystem/ Fri, 07 Nov 2025 23:00:00 +0000 https://cluster-site.onrender.com/posts/balancer-hack-analysis-and-guidance-for-the-defi-ecosystem/ • Balancer hack analysis and guidance for the DeFi ecosystem TL;DR - The root cause of the hack was a rounding direction issue that had been present in the code for many years. • - https://cluster-site.onrender.com/posts/gtig-ai-threat-tracker-advances-in-threat-actor-usage-of-ai-tools/ Wed, 05 Nov 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/gtig-ai-threat-tracker-advances-in-threat-actor-usage-of-ai-tools/ • GTIG AI Threat Tracker: Advances in Threat Actor Usage of AI Tools Google Threat Intelligence Group Google Threat Intelligence Visibility and context on the threats that matter m https://cluster-site.onrender.com/posts/preparing-for-threats-to-come-cybersecurity-forecast-2026/ Tue, 04 Nov 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/preparing-for-threats-to-come-cybersecurity-forecast-2026/ • Preparing for Threats to Come: Cybersecurity Forecast 2026 Blog and Content Manager Visibility and context on the threats that matter most. • Every November, we make it our missi https://cluster-site.onrender.com/posts/the-cryptography-behind-electronic-passports/ Fri, 31 Oct 2025 11:00:00 +0000 https://cluster-site.onrender.com/posts/the-cryptography-behind-electronic-passports/ • The cryptography behind electronic passports Did you know that most modern passports are actually embedded devices containing an entire filesystem, access controls, and support f https://cluster-site.onrender.com/posts/vulnerabilities-in-luks2-disk-encryption-for-confidential-vms/ Thu, 30 Oct 2025 11:00:00 +0000 https://cluster-site.onrender.com/posts/vulnerabilities-in-luks2-disk-encryption-for-confidential-vms/ • Trail of Bits is disclosing vulnerabilities in eight different confidential computing systems that use Linux Unified Key Setup version 2 (LUKS2) for disk encryption. • Using thes https://cluster-site.onrender.com/posts/keys-to-the-kingdom-a-defenders-guide-to-privileged-account-monitoring/ Tue, 28 Oct 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/keys-to-the-kingdom-a-defenders-guide-to-privileged-account-monitoring/ • Keys to the Kingdom: A Defender’s Guide to Privileged Account Monitoring Mandiant Written by: Bhavesh Dhake, Will Silverstone, Matthew Hitchcock, Aaron Fletcher The Criticality o https://cluster-site.onrender.com/posts/help-wanted-vietnamese-actors-using-fake-job-posting-campaigns-to-deliver-malware-and-steal-credentials/ Thu, 23 Oct 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/help-wanted-vietnamese-actors-using-fake-job-posting-campaigns-to-deliver-malware-and-steal-credentials/ • Help Wanted: Vietnamese Actors Using Fake Job Posting Campaigns to Deliver Malware and Steal Credentials Visibility and context on the threats that matter most. • Google Threat I https://cluster-site.onrender.com/posts/pwn2own-ireland-2025-day-three-and-master-of-pwn/ Thu, 23 Oct 2025 09:41:33 +0000 https://cluster-site.onrender.com/posts/pwn2own-ireland-2025-day-three-and-master-of-pwn/ • Pwn2Own Ireland 2025: Day Three and Master of Pwn Welcome to the third and final day of Pwn2Own Ireland 2025. • So far, we’ve awarded $792,750 for 56 unique 0-day bugs, and we st https://cluster-site.onrender.com/posts/prompt-injection-to-rce-in-ai-agents/ Wed, 22 Oct 2025 11:00:00 +0000 https://cluster-site.onrender.com/posts/prompt-injection-to-rce-in-ai-agents/ • Prompt injection to RCE in AI agents Modern AI agents increasingly execute system commands to automate filesystem operations, code analysis, and development workflows. • While so https://cluster-site.onrender.com/posts/pwn2own-ireland-2025-day-one-results/ Tue, 21 Oct 2025 09:26:57 +0000 https://cluster-site.onrender.com/posts/pwn2own-ireland-2025-day-one-results/ • Pwn2Own Ireland 2025: Day One Results Welcome to Day One of Pwn2Own Ireland 2025! • We have 17 attempts today with some exciting research on display. • We’ll be posting results h https://cluster-site.onrender.com/posts/pwn2own-ireland-2025-the-full-schedule/ Mon, 20 Oct 2025 17:01:58 +0000 https://cluster-site.onrender.com/posts/pwn2own-ireland-2025-the-full-schedule/ • Pwn2Own Ireland 2025: The Full Schedule Welcome to Pwn2Own Ireland 2025! • We have some amazing spooky entries for this year’s contest, and a potential of up to $2,000,000 - incl https://cluster-site.onrender.com/posts/pwn2own-automotive-returns-to-tokyo-with-expanded-chargers-and-more/ Thu, 16 Oct 2025 15:00:42 +0000 https://cluster-site.onrender.com/posts/pwn2own-automotive-returns-to-tokyo-with-expanded-chargers-and-more/ • If you just want to read the rules, click here. • Updated as of November 21 to expand the Alpitronic target scope and to clarify the model of the ChargePointHome Flex model numbe https://cluster-site.onrender.com/posts/the-october-2025-security-update-review/ Tue, 14 Oct 2025 18:38:44 +0000 https://cluster-site.onrender.com/posts/the-october-2025-security-update-review/ • I’m currently in Cork, Ireland as we prepare for Pwn2Own Ireland, but that doesn’t stop patch Tuesday from coming. • Take a break from your scheduled activities and let’s take a https://cluster-site.onrender.com/posts/crafting-a-full-exploit-rce-from-a-crash-in-autodesk-revit-rfa-file-parsing/ Wed, 08 Oct 2025 14:00:00 +0000 https://cluster-site.onrender.com/posts/crafting-a-full-exploit-rce-from-a-crash-in-autodesk-revit-rfa-file-parsing/ • In April of 2025, my colleague Mat Powell was hunting for vulnerabilities in Autodesk Revit 2025. • While fuzzing RFA files, he found the following crash (CVE-2025-5037 / ZDI-CAN https://cluster-site.onrender.com/posts/taming-2500-compiler-warnings-with-codeql-an-openvpn2-case-study/ Thu, 25 Sep 2025 11:00:00 +0000 https://cluster-site.onrender.com/posts/taming-2500-compiler-warnings-with-codeql-an-openvpn2-case-study/ • Taming 2,500 compiler warnings with CodeQL, an OpenVPN2 case study Why are implicit integer conversions a problem in C? • During our security review of OpenVPN2, we faced a daunt https://cluster-site.onrender.com/posts/cve-2025-23298-getting-remote-code-execution-in-nvidia-merlin/ Wed, 24 Sep 2025 16:41:25 +0000 https://cluster-site.onrender.com/posts/cve-2025-23298-getting-remote-code-execution-in-nvidia-merlin/ • CVE-2025-23298: Getting Remote Code Execution in NVIDIA Merlin While investigating the security posture of various machine learning (ML) and artificial intelligence (AI) framewor https://cluster-site.onrender.com/posts/supply-chain-attacks-are-exploiting-our-assumptions/ Wed, 24 Sep 2025 11:00:00 +0000 https://cluster-site.onrender.com/posts/supply-chain-attacks-are-exploiting-our-assumptions/ • Supply chain attacks are exploiting our assumptions Every time you run cargo add or pip install , you are taking a leap of faith. • You trust that the code you are downloading co https://cluster-site.onrender.com/posts/the-september-2025-security-update-review/ Tue, 09 Sep 2025 19:06:15 +0000 https://cluster-site.onrender.com/posts/the-september-2025-security-update-review/ • There’s a crispness in the air - at least here in North America - and with it comes the latest security patches from Adobe and Microsoft. • Take a break from your scheduled activ https://cluster-site.onrender.com/posts/active-cyber-defence-acd-the-third-year/ Mon, 04 Aug 2025 14:24:25 +0000 https://cluster-site.onrender.com/posts/active-cyber-defence-acd-the-third-year/ • You need to enable JavaScript to run this app. • You need to enable JavaScript to run this app. https://cluster-site.onrender.com/posts/impact-of-ai-on-cyber-threat-from-now-to-2027/ Fri, 16 May 2025 20:03:59 +0000 https://cluster-site.onrender.com/posts/impact-of-ai-on-cyber-threat-from-now-to-2027/ • AI is accelerating threat sophistication, enabling attackers to craft more convincing phishing campaigns. • Machine‑learning models are used to generate polymorphic malware that https://cluster-site.onrender.com/posts/vendor-security-assessment/ Wed, 12 Mar 2025 11:21:29 +0000 https://cluster-site.onrender.com/posts/vendor-security-assessment/ • Identify vendor security posture through comprehensive risk assessment. • Evaluate compliance with industry standards and regulatory requirements. • Assess data protection, acces https://cluster-site.onrender.com/posts/threat-report-on-application-stores/ Wed, 12 Mar 2025 11:20:59 +0000 https://cluster-site.onrender.com/posts/threat-report-on-application-stores/ • Malware increasingly hides in legitimate app store listings, exploiting user trust for widespread infection. • Supply‑chain attacks target third‑party libraries, enabling attacke https://cluster-site.onrender.com/posts/the-threat-from-commercial-cyber-proliferation/ Wed, 12 Mar 2025 11:20:26 +0000 https://cluster-site.onrender.com/posts/the-threat-from-commercial-cyber-proliferation/ • Commercial software proliferation expands attack surface, increasing vulnerability exposure across enterprises. • Open-source components in commercial stacks introduce hidden bac https://cluster-site.onrender.com/posts/the-near-term-impact-of-ai-on-the-cyber-threat/ Wed, 12 Mar 2025 11:20:01 +0000 https://cluster-site.onrender.com/posts/the-near-term-impact-of-ai-on-the-cyber-threat/ • AI accelerates threat detection, enabling faster identification of malicious activity. • Adversarial AI allows attackers to craft evasive malware that bypasses traditional defens https://cluster-site.onrender.com/posts/the-cyber-threat-to-universities/ Wed, 12 Mar 2025 11:19:33 +0000 https://cluster-site.onrender.com/posts/the-cyber-threat-to-universities/ • Universities face rising ransomware attacks targeting research data and student records. • Phishing campaigns exploit faculty credentials to gain network access. • Supply‑chain v https://cluster-site.onrender.com/posts/the-cyber-threat-to-uk-business/ Wed, 12 Mar 2025 11:19:11 +0000 https://cluster-site.onrender.com/posts/the-cyber-threat-to-uk-business/ • Ransomware remains the top threat, targeting critical UK business data. • Phishing campaigns exploit remote working, increasing credential theft. • Supply‑chain attacks grow, com https://cluster-site.onrender.com/posts/the-cyber-threat-to-sports-organisations/ Wed, 12 Mar 2025 11:18:10 +0000 https://cluster-site.onrender.com/posts/the-cyber-threat-to-sports-organisations/ • Sports organisations increasingly targeted by ransomware, phishing, and credential‑stealing attacks. • High‑profile events like the Olympics and World Cup attract sophisticated t https://cluster-site.onrender.com/posts/summary-of-the-ncsc-analysis-of-may-2020-us-sanction/ Wed, 12 Mar 2025 11:17:43 +0000 https://cluster-site.onrender.com/posts/summary-of-the-ncsc-analysis-of-may-2020-us-sanction/ • US sanctions in May 2020 targeted Russian cyber actors and infrastructure. • NCSC identified increased threat actor activity following sanction announcements. • Sanctions disrupt https://cluster-site.onrender.com/posts/summary-of-ncscs-security-analysis-for-the-uk-telecoms-sector/ Wed, 12 Mar 2025 11:16:51 +0000 https://cluster-site.onrender.com/posts/summary-of-ncscs-security-analysis-for-the-uk-telecoms-sector/ • UK telecoms face rising cyber threats, including ransomware targeting network infrastructure. • NCSC highlights supply chain risks from overseas vendors in 5G equipment. • Vulner https://cluster-site.onrender.com/posts/technical-report-responsible-use-of-the-border-gateway-protocol-bgp-for-isp-interworking/ Wed, 12 Mar 2025 11:12:10 +0000 https://cluster-site.onrender.com/posts/technical-report-responsible-use-of-the-border-gateway-protocol-bgp-for-isp-interworking/ • BGP is critical for inter-ISP routing, requiring strict policy enforcement to prevent leaks and hijacks. • Implement prefix filtering and route origin validation to ensure only l https://cluster-site.onrender.com/posts/organisational-use-of-enterprise-connected-devices/ Wed, 12 Mar 2025 11:11:45 +0000 https://cluster-site.onrender.com/posts/organisational-use-of-enterprise-connected-devices/ • Enterprise connected devices expand attack surface, enabling lateral movement across corporate networks. • Insider threats amplified as employees use personal devices for work, b https://cluster-site.onrender.com/posts/joint-report-on-publicly-available-hacking-tools/ Wed, 12 Mar 2025 11:11:20 +0000 https://cluster-site.onrender.com/posts/joint-report-on-publicly-available-hacking-tools/ • Joint report reveals surge in publicly available hacking toolkits targeting critical infrastructure. • Analysts highlight increased ease of access via dark web marketplaces and o https://cluster-site.onrender.com/posts/incident-trends-report-october-2018-april-2019/ Wed, 12 Mar 2025 11:10:04 +0000 https://cluster-site.onrender.com/posts/incident-trends-report-october-2018-april-2019/ • Over 1,200 cyber incidents reported across 30 countries, highlighting rising ransomware activity. • Ransomware attacks surged 35%, with CryptoLocker variants targeting healthcare https://cluster-site.onrender.com/posts/high-level-privacy-and-security-design-for-nhs-covid-19-contact-tracing-app/ Wed, 12 Mar 2025 11:09:09 +0000 https://cluster-site.onrender.com/posts/high-level-privacy-and-security-design-for-nhs-covid-19-contact-tracing-app/ • Decentralized architecture keeps contact data on device, reducing central data exposure. • Uses Bluetooth Low Energy (BLE) for proximity detection, no GPS or location tracking. • https://cluster-site.onrender.com/posts/decrypting-diversity-diversity-and-inclusion-in-cyber-security-report-2021/ Wed, 12 Mar 2025 11:07:13 +0000 https://cluster-site.onrender.com/posts/decrypting-diversity-diversity-and-inclusion-in-cyber-security-report-2021/ • Cybersecurity workforce remains 70% male, with women under 20% in technical roles. • Minority representation below 15%, limiting diverse threat perspective. • 2021 report links d