Vibe Coding Changed the Development Process

Blog

Byadmblake May 30, 2025

AI tools shook up development. Now, product security must change too.

Blog

CrowdStrike to Buy Seraphic Security In Bid to Boost Browser Security

The browser protection and detection technology will be integrated into Falcon platform to protect endpoints, browser sessions, and cloud applications.

Read More CrowdStrike to Buy Seraphic Security In Bid to Boost Browser Security
Blog

Critical Infrastructure Security Is a Critical Concern

To be truly resilient in the ever-growing threat landscape, organizations need to balance protection with preparation.

Read More Critical Infrastructure Security Is a Critical Concern
Blog

CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Adobe Experience Manager to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2025-54253 (CVSS score: 10.0), a maximum-severity misconfiguration bug that could result in arbitrary code execution.

Read More CISA Flags Adobe AEM Flaw with Perfect 10.0 Score — Already Under Active Attack
Blog

Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives

A malware campaign distributing the XLoader malware has been observed using the DLL side-loading technique by making use of a legitimate application associated with the Eclipse Foundation. “The legitimate application used in the attack, jarsigner, is a file created during the installation of the IDE package distributed by the Eclipse Foundation,” the AhnLab SEcurity Intelligence…

Read More Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives
Blog

SAP Netweaver Zero-Day Attack

What is the Attack?A zero-day SAP vulnerability, CVE-2025-31324, with CVSS score of 10.0 is being actively exploited in the wild. This vulnerability affects SAP Visual Composer, allowing unauthenticated threat actors to upload arbitrary files, resulting in full compromise of the targeted system that could significantly affect the confidentiality, integrity, and availability of the targeted system.The…

Read More SAP Netweaver Zero-Day Attack
Blog

Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

A 39-year-old Australian national who was previously employed at U.S. defense contractor L3Harris has been sentenced to a little over seven years in prison for selling eight zero-day exploits to Russian exploit broker Operation Zero in exchange for millions of dollars. Peter Williams pleaded guilty to two counts of theft of trade secrets in October…

Read More Defense Contractor Employee Jailed for Selling 8 Zero-Days to Russian Broker

Related