Secure AI Use Without the Blind Spots

Blog

Byadmblake August 19, 2025

Why every company needs a clear, enforceable AI policy — now.

Blog

Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials

Cloud security company Wiz has revealed that it uncovered in-the-wild exploitation of a security flaw in a Linux utility called Pandoc as part of attacks designed to infiltrate Amazon Web Services (AWS) Instance Metadata Service (IMDS). The vulnerability in question is CVE-2025-51591 (CVSS score: 6.5), which refers to a case of Server-Side Request Forgery (SSRF)…

Read More Hackers Exploit Pandoc CVE-2025-51591 to Target AWS IMDS and Steal EC2 IAM Credentials
Blog

MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers

Cybersecurity researchers are calling attention to a sophisticated social engineering campaign that’s targeting supply chain-critical manufacturing companies with an in-memory malware dubbed MixShell. The activity has been codenamed ZipLine by Check Point Research. “Instead of sending unsolicited phishing emails, attackers initiate contact through a company’s public ‘Contact Us’ form, tricking

Read More MixShell Malware Delivered via Contact Forms Targets U.S. Supply Chain Manufacturers
Blog

Akira Ransomware

FortiGuard Labs continue to observe detections in the wild related to the Akira ransomware group. According to the new report by CISA it has targeted over 250 organizations since the past year, affecting numerous businesses and critical infrastructure entities across North America, Europe, and Australia. The gang has made over $42 million from the attacks…

Read More Akira Ransomware
Blog

5 Ways Identity-based Attacks Are Breaching Retail

From overprivileged admin roles to long-forgotten vendor tokens, these attackers are slipping through the cracks of trust and access. Here’s how five retail breaches unfolded, and what they reveal about… In recent months, major retailers like Adidas, The North Face, Dior, Victoria’s Secret, Cartier, Marks & Spencer, and Co‑op have all been breached. These attacks weren’t sophisticated

Read More 5 Ways Identity-based Attacks Are Breaching Retail
Blog

CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks

A high-severity security flaw impacting the Craft content management system (CMS) has been added by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-23209 (CVSS score: 8.1), which impacts Craft CMS versions 4 and 5. It was…

Read More CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active Attacks
Blog

North Korea Attacks South Koreans With Ransomware

DPRK hackers are throwing every kind of malware at the wall and seeing what sticks, deploying stealers, backdoors, and ransomware all at once.

Read More North Korea Attacks South Koreans With Ransomware

Related