Recent Posts

30/04/2026

Week 18 – Behind the Mask: SharePoint Spoofing in the Wild

27 Apr – 03 May 2026 In this week’s CVE of the Week we’ll be looking CVE-2025-32201, a spoofing vulnerability in Microsoft SharePoint Server caused by improper input validation, with a CVSS score of 6.5 It allows a remote, unauthenticated attacker to impersonate trusted users 

CVE of the Week
-
by White Hat IT Security
Repost: Cloud Security in the Age of Assumptions: Where Responsibility Really Lies
29/04/2026

Repost: Cloud Security in the Age of Assumptions: Where Responsibility Really Lies

A couple of thoughts on Cloud Security risks and controls, via safetydetectives.com

The CyAN Blog
-
by John Salomon
Cyber (In)Securities – Issue 199
29/04/2026

Cyber (In)Securities – Issue 199

You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles 

Recent Digests
-
by Fel Gayanilo
Cybersecurity Jobs – Why Bother?
27/04/2026

Cybersecurity Jobs – Why Bother?

Cybersecurity practitioners suffers from many challenges, and often, demotivation – why?

The CyAN Blog
-
by John Salomon
24/04/2026

Week 17 – ActiveMQ Bug Hidden for 13 Years

20 -26 Apr 2026 Our CVE of the Week series continues as we reveal an Apache ActiveMQ Classic vulnerability that went undetected for 13 years before being discovered with the help of the Claude AI assistant. Tracked as CVE-2026-34197 (CVSS score: 8.8), this high-severity security 

CVE of the Week
-
by White Hat IT Security
Please welcome our newest member from Spain, Rubén Cortés Domingo
24/04/2026

Please welcome our newest member from Spain, Rubén Cortés Domingo

Rubén Cortés Domingo is a senior Technology and Cybersecurity Executive with more than 25 years of experience modernizing public -sector digital services and strengtheningcybersecurity resilience in highly regulated government environments. As Technology and Cybersecurity Director at the Open Government of Catalonia (AOC), he leads one 

CyAN News
-
by Fel Gayanilo
Cyber (In)Securities – Issue 198
22/04/2026

Cyber (In)Securities – Issue 198

You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles 

Recent Digests
-
by Fel Gayanilo
Most People Think They Understand Their Rights. They Don’t.
21/04/2026

Most People Think They Understand Their Rights. They Don’t.

Recent conversations around intelligence powers and surveillance frameworks in Australia, particularly proposed changes to ASIO’s compulsory questioning powers, have sparked predictable reactions. Some are alarmed, others are dismissive, and most fall somewhere in between, unsure what is real, what is exaggerated, and what it all 

The CyAN Blog
-
by Kim McDonald
17/04/2026

Week 16 – Trusted Format, Hidden Threat: Exploiting Adobe Reader via PDF

13 -19 Apr 2026 In this week’s CVE of the Week, we’re looking at a critical, actively exploited vulnerability in Adobe Acrobat and Adobe Reader that allows attackers to execute arbitrary code by simply getting a user to open a malicious PDF file. CVE‑2026‑34621 is 

CVE of the Week
-
by White Hat IT Security
Partnership signed with ESP’ Info, Brazzaville, Republic of the Congo
16/04/2026

Partnership signed with ESP’ Info, Brazzaville, Republic of the Congo

Cybersecurity Advisors Network (CyAN) signed on 02 April 2026 a Memorandum of Understanding with ESP’ Info, a training institute on cybersecurity Brazzaville, Republic of the Congo. The signature took place in Lille, at InCyber Forum. This partnership marks the second collaboration between a training institute 

The CyAN Blog
-
by Cyan Staff