Your blog category
Cybersecurity researchers have demonstrated an “end-to-end privilege escalation chain” in Amazon Elastic Container Service (ECS) that could be exploited by an attacker to conduct lateral movement, access sensitive data, and… Read More »Researchers Uncover ECScape Flaw in Amazon ECS Enabling Cross-Task Credential Theft
The malicious ad tech purveyor known as VexTrio Viper has been observed developing several malicious apps that have been published on Apple and Google’s official app storefronts under the guise… Read More »Fake VPN and Spam Blocker Apps Tied to VexTrio Used in Ad Fraud, Subscription Scams
Trend Micro has released mitigations to address critical security flaws in on-premise versions of Apex One Management Console that it said have been exploited in the wild. The vulnerabilities (CVE-2025-54948… Read More »Trend Micro Confirms Active Exploitation of Critical Apex One Flaws in On-Premise Systems
Microsoft on Tuesday announced an autonomous artificial intelligence (AI) agent that can analyze and classify software without assistance in an effort to advance malware detection efforts. The large language model… Read More »Microsoft Launches Project Ire to Autonomously Classify Malware Using AI Tools
As the volume and sophistication of cyber threats and risks grow, cybersecurity has become mission-critical for businesses of all sizes. To address this shift, SMBs have been urgently turning to… Read More »AI Slashes Workloads for vCISOs by 68% as SMBs Demand More – New Report Reveals
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks carried out by a threat actor called UAC-0099 targeting government agencies, the defense forces, and enterprises of… Read More »CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three old security flaws impacting D-Link routers to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active… Read More »CISA Adds 3 D-Link Router Flaws to KEV Catalog After Active Exploitation Reports
When Technology Resets the Playing Field In 2015 I founded a cybersecurity testing software company with the belief that automated penetration testing was not only possible, but necessary. At the… Read More »AI Is Transforming Cybersecurity Adversarial Testing – Pentera Founder’s Vision
A combination of propagation methods, narrative sophistication, and evasion techniques enabled the social engineering tactic known as ClickFix to take off the way it did over the past year, according… Read More »ClickFix Malware Campaign Exploits CAPTCHAs to Spread Cross-Platform Infections
Cybersecurity researchers have disclosed a high-severity security flaw in the artificial intelligence (AI)-powered code editor Cursor that could result in remote code execution. The vulnerability, tracked as CVE-2025-54136 (CVSS score:… Read More »Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval