Agentic Browser Security: 2025 Year-End Review

Are agentic browsers the new Flash? A 2025 review of new attacks, vendor security layers, and a roadmap for navigating AI browser risks...

Generative AI-Empowered Secure Communications in Space-Air-Ground Integrated Networks: a Survey and Tutorial

Space-air-ground integrated networks SAGINs face unprecedented security challenges due to their inherent characteristics, such as multidimensional heterogeneity and dynamic topologies. These characteristics fundamentally undermine conventional security methods and traditional artificial...

Information disclosure

Parse Server is an open source backend server. In affected versions the Parse Cloud trigger beforeFind is not invoked in certain conditions of Parse.Query. This can pose a vulnerability for deployments where the beforeFind trigger is used as a security layer to modify the incoming query. The...

Trigger `beforeFind` not invoked in internal query pipeline when fetching pointer

Impact A Parse Pointer can be used to access internal Parse Server classes. It can also be used to circumvent the beforeFind query trigger which can be an additional vulnerability for deployments where the beforeFind trigger is used as a security layer to modify an incoming query. Patches The...

CVE-2023-41058 Trigger `beforeFind` not invoked in internal query pipeline in parse-server

Parse Server is an open source backend server. In affected versions the Parse Cloud trigger beforeFind is not invoked in certain conditions of Parse.Query. This can pose a vulnerability for deployments where the beforeFind trigger is used as a security layer to modify the incoming query. The...

Cybercriminals Increasingly Using EvilProxy Phishing Kit to Target Executives

Threat actors are increasingly using a phishing-as-a-service PhaaS toolkit dubbed EvilProxy to pull off account takeover attacks aimed at high-ranking executives at prominent companies. According to Proofpoint, an ongoing hybrid campaign has leveraged the service to target thousands of Microsoft...

Forrester names Microsoft a Leader in 2023 Infrastructure-as-a-Service Platform Native Security report

As we continue to drive toward making the world safer and more productive for all, it is vital we empower our customers to secure every aspect of their organization. Each day we are seeing more advanced security threats as bad actors develop new tactics that aim to take advantage of businesses as...

Internet Bug Bounty: CVE-2022-32213 - HTTP Request Smuggling Due to Flawed Parsing of Transfer-Encoding

Original Report: https://hackerone.com/reports/1524555 Impact Depending on the specific web application, HRS can lead to cache poisoning, bypassing of security layers, stealing of credentials and so on...

Internet Bug Bounty: CVE-2022-32215 - HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding

Original Report: https://hackerone.com/reports/1501679 Impact Depending on the specific web application, HRS can lead to cache poisoning, bypassing of security layers, stealing of credentials and so on...

Node.js: HTTP Request Smuggling Due to Flawed Parsing of Transfer-Encoding

Summary: The llhttp parser in the http module in Node v17.8.0 does not correctly parse and validate Transfer-Encoding headers. This can lead to HTTP Request Smuggling HRS. Description: After 1501679, I did a bit more digging into the issue, and found that there were more flaws in the parsing of...

Why I Love (Breaking Into) Your Security Appliances

Amid the Colonial Pipeline and JBS ransomware attacks that sparked shockwaves among media worldwide, news broke that attackers were able to compromise Colonial Pipeline through a legacy VPN account. The account lacked multifactor authentication MFA and wasn’t in active use within the business, a...

Principles of a Cloud Migration – Security, The W5H – Episode WHAT?

Teaching you to be a Natural Born Pillar! Last week, we took you through the “WHO” of securing a cloud migration here, detailing each of the roles involved with implementing a successful security practice during a cloud migration. Read: everyone. This week, I will be touching on the “WHAT” of...

ObliqueRAT: New RAT hits victims' endpoints via malicious documents

By Asheer Malhotra. Cisco Talos has observed a malware campaign that utilizes malicious Microsoft Office documents maldocs to spread a remote access trojan RAT we're calling "ObliqueRAT." These maldocs use malicious macros to deliver the second stage RAT payload. This campaign appears to target...

Microsoft Windows Remote Desktop Protocol CVE-2020-0609 Remote Code Execution Vulnerability

Description Microsoft Windows Remote Desktop Protocol is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely cause a denial-of-service condition. Technologies...

Microsoft Office CVE-2020-0652 Memory Corruption Vulnerability

Description Microsoft Office is prone to a memory-corruption vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected Microsoft...

Microsoft Internet Explorer CVE-2020-0640 Memory Corruption Vulnerability

Description Microsoft Internet Explorer is prone to a memory-corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Internet Explor...

Microsoft .NET Framework CVE-2020-0646 Remote Code Execution Vulnerability

Description Microsoft .NET Framework is prone to a remote code-execution vulnerability. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions. Technologies Affected...

Adobe Illustrator APSB20-03 Multiple Memory Corruption Vulnerabilities

Description Adobe Illustrator is prone to multiple memory-corruption vulnerabilities. An attacker can exploit these issues to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. Adobe...

Google Android Kernel Component CVE-2020-0009 Local Privilege Escalation Vulnerability

Description Google Android is prone to a local privilege escalation vulnerability. Attackers can exploit this issue to execute arbitrary code within the context of a privileged process. This issue is being tracked by Android Bug ID A-142938932. Technologies Affected Google Android Recommendations...

Microsoft Windows '.Group' File Handling Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions. Technologies Affected Microsoft Windows Recommendatio...