Chafer used Remexi malware to spy on Iran-based foreign diplomatic entities
Executive Summary
Throughout the autumn of 2018 we analyzed a long-standing (and still active at that time) cyber-espionage campaign that was primarily targeting foreign diplomatic...
DNS Flag Day
Read more
Putting the Reins in Good Hands
After over 300 blog posts as CEO of Centrify, this will be my last Centrify blog post.
The reason is because after having co-founded Centrify...
Razy in search of cryptocurrency
Last year, we discovered malware that installs a malicious browser extension on its victim’s computer or infects an already installed extension. To do so,...
GreyEnergy’s overlap with Zebrocy
In October 2018, ESET published a report describing a set of activity they called GreyEnergy, which is believed to be a successor to BlackEnergy...
NetMRI 7.3 Topology Viewer blog
Read more
Latest article
CVE-2026-41940: cPanel & WHM Authentication Bypass
OverviewOn April 28, 2026, cPanel issued a security update to fix a critical vulnerability affecting the cPanel & WHM and WP Squared products. In...
Cursor Extension Flaw Exposes Developer API Keys
Cursor flaw lets extensions steal API keys and session tokens without user interaction, according to researchers at LayerX - Read more
CVE-2026-21246 Windows Graphics Component Elevation of Privilege Vulnerability
Acknowledgement added. This is an informational change only. - Read more
ClickUp Data Leak Exposes Enterprise Emails for Over a Year
A hardcoded ClickUp API key exposed hundreds of corporate and government emails for over a year, raising new SaaS security concerns.
The post ClickUp Data...
