Recent Posts

05/12/2025

Week 49 – Slipping In Before the Doors Close

1 – 7 Dec 2025 Critical vulnerability has been found with the CVSS score of 10 in Manager-io/Manager, which is an accounting software. CVE-2025-64180 is the vulnerability of this week. In Manager Desktop and Server versions 25.11.1.3085 and below, a critical vulnerability permits unauthorized access 

CVE of the Week
-
by White Hat IT Security
03/12/2025

MaTeCC 3rd edition in Rabat, Morocco, 4-5 Dec. 2025

MaTeCC stands for “Maroc, Terrain de Confiance pour la Cybersécurité et la Protection des Données Personnelles” (Morocco, a Trusted Ground for Cybersecurity and Personal Data Protection), and is co-organised by Ecole High Tech (Rabat, Morocco) and CyAN. Its 3rd edition takes place on 4-5 December 

CyAN News
-
by Cyan Staff
Cyber (In)Securities – Issue 181
03/12/2025

Cyber (In)Securities – Issue 181

You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles 

Recent Digests
-
by Fel Gayanilo
New Podcast – Paul Maskall: Psychology, Risk, and Cybercrime
02/12/2025

New Podcast – Paul Maskall: Psychology, Risk, and Cybercrime

Paul Maskall joins us for a discussion about psychology and how it affects how we perceive risk.

The CyAN Blog
-
by John Salomon
The Compliance Theatre: When Red Tape Meets Cybersecurity by Nick Kelly
02/12/2025

The Compliance Theatre: When Red Tape Meets Cybersecurity by Nick Kelly

The Suffocating Embrace of Accumulated Law The Government (I speak of the US Government in this article, although the principle argument is as good as a blueprint for many other governments globally) has developed a peculiar affliction over the past half-century: the inability to throw 

The CyAN Blog
-
by Cyan Staff
The Season of the Iologue:
01/12/2025

The Season of the Iologue:

How to Avoid Becoming That Person This Silly Season** There’s a particular species that emerges every December. No, not the office-party peacock or the strategic mistletoe strategist. I’m talking about the iologue. And no, that’s not a typo. An iologue is someone who doesn’t have 

The CyAN Blog
-
by Kim McDonald
Ransomware: The Rising Threat 2025 | Cybersecurity Mentorship Program by Pathan Humam
01/12/2025

Ransomware: The Rising Threat 2025 | Cybersecurity Mentorship Program by Pathan Humam

The CyAN Blog
-
by Cyan Staff
01/12/2025

Breaking Into Tech: What No One Tells You as a New Grad by Efe Zindanci

I just graduated from Isik University with a Bachelor of Computer Science and Engineering, and like many recent graduates, I am working on finding my place in the tech world. It feels exciting because it opens new possibilities, but it is also stressful at times 

The CyAN Blog
-
by Cyan Staff
28/11/2025

Week 48 – FortiWeb Pulls OS Commands Out of a Hat

14 – 30 Nov 2025 A newly disclosed and actively exploited FortiWeb vulnerability (CVE-2025-58034) allows authenticated attackers to execute arbitrary OS commands, posing a serious risk to organizations relying on the platform for critical web application protection. Despite its medium-severity vulnerability (CVSS score of 6.7), 

CVE of the Week
-
by White Hat IT Security
21/11/2025

Week 47 – Puppet Master on the Web: Chrome’s V8 Flaw Pulled by Attackers

17 – 23 Nov 2025 On Monday Google released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. Our CVE of the Week is about CVE-2025-13223 vulnerability with a CVSS score of 

CVE of the Week
-
by White Hat IT Security