Organizations Fix Less Than Half of All Exploitable Vulnerabilities, With Just 21% of GenAI App Flaws Resolved

Blog

Byadmblake April 18, 2025

Post Content

Blog

Toxic Combinations: When Cross-App Permissions Stack into Risk

On January 31, 2026, researchers disclosed that Moltbook, a social network built for AI agents, had left its database wide open, exposing 35,000 email addresses and 1.5 million agent API tokens across 770,000 active agents. The more worrying part sat inside the private messages. Some of those conversations held plaintext third-party credentials, including OpenAI API…

Read More Toxic Combinations: When Cross-App Permissions Stack into Risk
Blog

RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment

The Russian-speaking hacking group called RedCurl has been linked to a ransomware campaign for the first time, marking a departure in the threat actor’s tradecraft. The activity, observed by Romanian cybersecurity company Bitdefender, involves the deployment of a never-before-seen ransomware strain dubbed QWCrypt. RedCurl, also called Earth Kapre and Red Wolf, has a history of…

Read More RedCurl Shifts from Espionage to Ransomware with First-Ever QWCrypt Deployment
Blog

Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor

Russian aerospace and defense industries have become the target of a cyber espionage campaign that delivers a backdoor called EAGLET to facilitate data exfiltration. The activity, dubbed Operation CargoTalon, has been assigned to a threat cluster tracked as UNG0901 (short for Unknown Group 901). “The campaign is aimed at targeting employees of Voronezh Aircraft Production…

Read More Cyber Espionage Campaign Hits Russian Aerospace Sector Using EAGLET Backdoor
Blog

Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor

Microsoft said it has revamped the Internet Explorer (IE) mode in its Edge browser after receiving “credible reports” in August 2025 that unknown threat actors were abusing the backward compatibility feature to gain unauthorized access to users’ devices. “Threat actors were leveraging basic social engineering techniques alongside unpatched (0-day) exploits in Internet Explorer’s JavaScript

Read More Microsoft Locks Down IE Mode After Hackers Turned Legacy Feature Into Backdoor
Blog

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating system. The vulnerability, tracked as CVE-2026-22709, carries a CVSS score of 9.8 out of 10.0 on the CVSS scoring system. “In vm2 for version 3.10.0, Promise.prototype.then…

Read More Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution
Blog

Bridging the Secure Access Gap in Third-Party, Unmanaged Devices

ESG research suggests security teams are using enterprise browsers to complement existing security tools and address network access issues.

Read More Bridging the Secure Access Gap in Third-Party, Unmanaged Devices

Related