by Jonathan R. Brennan, CISSP | May 14, 2025 | Bulletins
Unveiling the Critical SAP Vulnerabilities SAP NetWeaver Composes Nighmares. The Impact of CVE-2025-31324 and CVE-2025-42999 Discover the latest insights into the severe vulnerabilities impacting SAP systems worldwide. Learn how to protect your business-critical...
by Jonathan R. Brennan, CISSP | May 14, 2025 | Bulletins, Uncategorized
Stay Ahead of Cyber Threats Critical Security Updates. Time to Panic Less, Patch More. Microsoft’s May 2025 Patch Tuesday isn’t just another update cycle—it’s a five-alarm situation for IT and security teams. This month’s release includes fixes for 72 vulnerabilities,...
by Jonathan R. Brennan, CISSP | May 12, 2025 | Bulletins
Unmasking the Invisible Threat Understanding HTML Smuggling: A New Era of Phishing Yes, The name is absurd. We agree. Let’s also agree to move past that because this is a serious threat. Blob URI phishing is a stealthy, modern twist on HTML Smuggling that allows...
by Jonathan R. Brennan, CISSP | May 11, 2025 | Bulletins
Attackers spiked the deprecated but widely downloaded rand-user-agent npm package with a stealthy Remote Access Trojan (RAT). Now dubbed “RATatouille,” the malware gives adversaries remote access to systems via poisoned developer tools. Here’s how it happened—and how...
by Jonathan R. Brennan, CISSP | May 9, 2025 | Bulletins
Understanding the Risks Embedded Wireless Controller Vulnerabilities A Hard-Coded Catastrophe Cisco has dropped a patch for a nasty flaw in IOS XE Wireless LAN Controllers—CVE-2025-20188. The culprit? A hard-coded JSON Web Token (JWT) in the ‘Out-of-Band AP Image...
