We need secure products as much as we need security products

Blog

Byadmblake October 22, 2025

Buyers need to demand better.

Blog

Erlang/OTP RCE (CVE-2025-32433)

What is the Vulnerability? A critical SSH vulnerability has recently been identified in the Erlang/Open Telecom Platform (OTP). The vulnerability, tracked as CVE-2025-32433, has been assigned a CVSS score of 10.0. It is unauthenticated, remotely exploitable, and requires low complexity to execute.Erlang/OTP is commonly found in IoT devices and telecommunications platforms, and is prominently used…

Read More Erlang/OTP RCE (CVE-2025-32433)
Blog

How the Browser Became the Main Cyber Battleground

Until recently, the cyber attacker methodology behind the biggest breaches of the last decade or so has been pretty consistent: Compromise an endpoint via software exploit, or social engineering a user to run malware on their device; Find ways to move laterally inside the network and compromise privileged identities; Repeat as needed until you can…

Read More How the Browser Became the Main Cyber Battleground
Blog

Marine Transportation Final Cyber Rule Goes Into Effect

The cybersecurity rule has several requirements that must be met and will follow an extended timeline over the next two years.

Read More Marine Transportation Final Cyber Rule Goes Into Effect
Blog

Dell RecoverPoint for Virtual Machines Zero Day Attack

What is the Attack? The attack involves the threat cluster UNC6201 (a suspected China-nexus Advanced Persistent Threat (APT)) actively exploiting a critical zero-day vulnerability in Dell’s RecoverPoint for Virtual Machines platform. The flaw (CVE-2026-22769) stems from hard-coded credentials embedded within the appliance, allowing unauthenticated remote attackers to gain administrative access. Because RecoverPoint is a disaster…

Read More Dell RecoverPoint for Virtual Machines Zero Day Attack
Blog

Sophos announces UAE data center

Strengthening cybersecurity, data sovereignty, and regional performance.

Read More Sophos announces UAE data center
Blog

Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers

Two known threat activity clusters codenamed Head Mare and Twelve have likely joined forces to target Russian entities, new findings from Kaspersky reveal. “Head Mare relied heavily on tools previously associated with Twelve. Additionally, Head Mare attacks utilized command-and-control (C2) servers exclusively linked to Twelve prior to these incidents,” the company said. “This suggests

Read More Kaspersky Links Head Mare to Twelve, Targeting Russian Entities via Shared C2 Servers

Related