Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Breaking the Swivel Chair Cycle: Why Security Teams Struggle with Asset Visibility-and How to Fix It
For many security professionals, managing asset visibility feels like an endless game of whack-a-mole. They are stuck in what experts call the “swivel chair approach”—constantly pivoting between multiple dashboards, spreadsheets, and security tools to manually stitch together an understanding of their risk landscape.
Generating Code with ChatGPT...
Snyk helps you find and fix vulnerabilities in your code, open-source dependencies, containers, infrastructure-as-code, software pipelines, IDEs, and more! Move fast, stay secure.
Exploited! PANOS Authentication Bypass Vulnerability (CVE20250108)
Recently, Palo Alto Networks disclosed CVE‑2025‑0108—a high-severity authentication bypass in the PAN‑OS management web interface. Although the flaw does not enable remote code execution, it compromises the confidentiality and integrity of management functions. In this post, we’ll break down the technical details, discuss the exploitation methodology, illustrate configuration and code examples, and outline effective mitigation strategies.
CISA Reports a Massive Spike in API Security Risks #CISAReport #ProtectAPIs APIExploit
In 2024, API-related vulnerabilities on CISA’s Known Exploited List jumped from 20% to 50%, making APIs a prime target for attackers. This sharp increase highlights the critical need for a dedicated API security strategy in 2025. Don’t wait—invest in API security today.
Arctic Wolf Observes Authentication Bypass Exploitation Attempts Targeting SonicWall Firewalls (CVE-2024-53704)
On February 10, 2025, Bishop Fox published technical details and proof-of-concept (PoC) exploit code for CVE-2024-53704, a high-severity authentication bypass vulnerability caused by a flaw in the SSLVPN authentication mechanism in SonicOS, the operating system used by SonicWall firewalls. Shortly after the PoC was made public, Arctic Wolf began observing exploitation attempts of this vulnerability in the threat landscape.
What is a Buffer Overflow?
A buffer overflow occurs when a program writes more data than a buffer can hold, causing crashes or security vulnerabilities. In this video, we break down how buffer overflows happen, their risks, and how attackers exploit them.
Belsen Group: Analyzing a new and ambitious threat group
On January 14th, 2025, Belsen Group emerged in the underground forum Breach Forums publishing a list of sensitive data extracted from vulnerable Fortinet FortiGate devices. Since then, they have expanded their malicious activities into acting as initial access brokers. Who are they and what do we know about them? In this blog we’ll give you the lowdown on an ambitious new threat group to be aware of.
How to reduce false positives when pen testing web apps
In the context of penetration (pen) testing, false positives are where the testing tools or methods identify a security vulnerability or issue that doesn’t actually exist. Essentially, a false alarm. This can happen for a few reasons, such as misconfigurations in the testing tools, incorrect assumptions, or environmental factors.
Vulnerability Scanning for SMBs
A small entrepreneur-led digital marketing agency was having a regular morning with client calls, design presentations, and ad discussions. Suddenly, every team member was locked out of their accounts and couldn’t access their e-mails, cloud folders, or even the company bank account – their data had been taken hostage digitally. This isn’t just a cautionary tale.