by Jonathan R. Brennan, CISSP | May 14, 2025 | Bulletins, Uncategorized
Stay Ahead of Cyber Threats Critical Security Updates. Time to Panic Less, Patch More. Microsoft’s May 2025 Patch Tuesday isn’t just another update cycle—it’s a five-alarm situation for IT and security teams. This month’s release includes fixes for 72 vulnerabilities,...
by Jonathan R. Brennan, CISSP | May 12, 2025 | Bulletins
Unmasking the Invisible Threat Understanding HTML Smuggling: A New Era of Phishing Yes, The name is absurd. We agree. Let’s also agree to move past that because this is a serious threat. Blob URI phishing is a stealthy, modern twist on HTML Smuggling that allows...
by Jonathan R. Brennan, CISSP | May 11, 2025 | Bulletins
Attackers spiked the deprecated but widely downloaded rand-user-agent npm package with a stealthy Remote Access Trojan (RAT). Now dubbed “RATatouille,” the malware gives adversaries remote access to systems via poisoned developer tools. Here’s how it happened—and how...
by Jonathan R. Brennan, CISSP | May 9, 2025 | Bulletins
Understanding the Risks Embedded Wireless Controller Vulnerabilities A Hard-Coded Catastrophe Cisco has dropped a patch for a nasty flaw in IOS XE Wireless LAN Controllers—CVE-2025-20188. The culprit? A hard-coded JSON Web Token (JWT) in the ‘Out-of-Band AP Image...
by Jonathan R. Brennan, CISSP | May 8, 2025 | Bulletins
The BYOI Vulnerability: A New Threat to EDR Security SentinelOne Hacked by Its Own Installer? The BYOI Technique That Lets Attackers Disable EDR Mid-Upgrade Critical Security Advisory Understanding the BYOI Vulnerability A newly discovered SentinelOne bypass known as...
by Jonathan R. Brennan, CISSP | May 6, 2025 | Bulletins, NEWS
Network Instability and Performance Issues Brace for Impact: Navigating the Windows 11 24H2 Update Windows 11 24H2 has moved into broad deployment, bringing system tweaks, new features—and a host of real-world problems. Early adopters of the Windows 11 24H2 update are...
