Unpatchable Vulnerabilities of Kubernetes: CVE-2021-25740
A look at how Kubernetes CVE-2021-25740 allows users with EndpointSlice access to redirect traffic via shared ingress and load balancer services. - Read...
The data platform bet: Why financial AI initiatives stall and how the winners scale
Discover why 40% of financial AI initiatives fail, and learn how a unified data platform enables secure, real-time AI scaling in regulated environments. -...
Why Policy in Amazon Bedrock AgentCore chose Cedar for securing agentic workflows
Agents have agency: they adapt and find multiple ways to solve problems. This autonomy creates a fundamental security challenge: the large language model (LLM)...
CISA Adds Seven Known Exploited Vulnerabilities to Catalog
CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CVE-2008-4250 Microsoft Windows Buffer Overflow Vulnerability
CVE-2009-1537...
Surecart – SQL Injection
Surecart - SQL Injection SureCart version prior to 4.2.1 are vulnerable to authenticated SQL injection via multiple parameters ('model_name', 'model_id', 'integration_id', 'provider') on the...
Steganography Secrets: Malware Hidden in Plain Sight
By: Jacob Malimban, Intelligence TeamThreat actors are abusing image file hosting websites and file sharing services to deliver malware while evading enterprise security controls....
Microsoft Exchange ProxyShell Scanning Doubles in April 2026 as Two Distinct Campaign Clusters Emerge
Sensor Intel Series: April 2026 CVE Trends - Read more
macOS Malware Installs Fake Google Software Update LaunchAgent for Persistence
macOS users are facing a new and sophisticated threat as a variant of the SHub infostealer malware, dubbed “Reaper,” has been observed deploying a...
CIRT insights: How to help prevent unauthorized account removals from AWS Organizations
The AWS Customer Incident Response Team works with customers to help them recover from active security incidents. As part of this work, the team...
Latest article
Unpatched ChromaDB flaw leaves servers open to remote code execution
Researchers have published details about a critical vulnerability in ChromaDB that could allow unauthenticated attackers to execute arbitrary code and...
[R1] Sensor Proxy Version 1.4.0 Fixes Multiple Vulnerabilities
Sensor Proxy Version 1.4.0 Fixes Multiple Vulnerabilities Jason Schavel Thu, 05/21/2026 - 16:00
Sensor Proxy leverages third-party software to help provide underlying functionality....
AWS KY3P report now available for third-party supplier due diligence
We’re excited to announce that Amazon Web Services (AWS) has completed the S&P Global Know Your Third Party (KY3P) assessment of its security posture....
Hackers Use Fake Microsoft Teams Downloads to Deploy ValleyRAT Malware
Hackers have been caught running a deceptive campaign that uses fake Microsoft Teams download websites to trick users into installing ValleyRAT, a remote access...
