Tag: cybersecurity

The Compliance Theatre: When Red Tape Meets Cybersecurity by Nick Kelly
02/12/2025

The Compliance Theatre: When Red Tape Meets Cybersecurity by Nick Kelly

The Suffocating Embrace of Accumulated Law The Government (I speak of the US Government in this article, although the principle argument is as good as a blueprint for many other governments globally) has developed a peculiar affliction over the past half-century: the inability to throw 

The CyAN Blog
-
by Cyan Staff
Ransomware: The Rising Threat 2025 | Cybersecurity Mentorship Program by Pathan Humam
01/12/2025

Ransomware: The Rising Threat 2025 | Cybersecurity Mentorship Program by Pathan Humam

The CyAN Blog
-
by Cyan Staff
01/12/2025

Breaking Into Tech: What No One Tells You as a New Grad by Efe Zindanci

I just graduated from Isik University with a Bachelor of Computer Science and Engineering, and like many recent graduates, I am working on finding my place in the tech world. It feels exciting because it opens new possibilities, but it is also stressful at times 

The CyAN Blog
-
by Cyan Staff
28/11/2025

Week 48 – FortiWeb Pulls OS Commands Out of a Hat

14 – 30 Nov 2025 A newly disclosed and actively exploited FortiWeb vulnerability (CVE-2025-58034) allows authenticated attackers to execute arbitrary OS commands, posing a serious risk to organizations relying on the platform for critical web application protection. Despite its medium-severity vulnerability (CVSS score of 6.7), 

CVE of the Week
-
by White Hat IT Security
21/11/2025

Week 47 – Puppet Master on the Web: Chrome’s V8 Flaw Pulled by Attackers

17 – 23 Nov 2025 On Monday Google released security updates for its Chrome browser to address two security flaws, including one that has come under active exploitation in the wild. Our CVE of the Week is about CVE-2025-13223 vulnerability with a CVSS score of 

CVE of the Week
-
by White Hat IT Security
Cyber (In)Securities – Issue 180
20/11/2025

Cyber (In)Securities – Issue 180

You can download this edition by clicking the three dots icon on the far right and selecting Download PDF File. For the best reading experience, we recommend enlarging it by clicking the fullscreen icon, which is the third icon from the right. All article titles 

Recent Digests
-
by Fel Gayanilo
Please welcome our newest member from the United States, Prasad Shinde
20/11/2025

Please welcome our newest member from the United States, Prasad Shinde

Director, Automation and Cybersecurity OT Practitioner With over sixteen years of experience in industrial automation and cybersecurity, Prasad specialises in architecting secure and resilient systems across Oil and Gas, Cement, and Power sectors. As a PMP certified project leader and Agile practitioner, he brings extensive 

CyAN News
-
by Fel Gayanilo
CyAN Webinar: Malicious Packages – the Danger’s Already in the Build
19/11/2025

CyAN Webinar: Malicious Packages – the Danger’s Already in the Build

Join us for a presentation by CyAN member Karthyikeyan Ramdass about the 2025 npm supply chain attack

CyAN News
-
by John Salomon
CyAN Webinar: Malicious Packages – the Danger’s Already in the Build
19/11/2025

CyAN Webinar: Malicious Packages – the Danger’s Already in the Build

On Tuesday December 9, CyAN member Karthikeyan Ramdass will present an analysis of the massive 2025 npm supply chain attack (CISA.gov) that used compromised packages to attack numerous online services. We will learn topics such as how and why did it happen? How could it have been prevented? What 

-
by John Salomon
14/11/2025

Week 46 – The Antivirus That Opened the Door: Triofox Under Active Attack

10 – 16 Nov 2025 Mandiant has confirmed that threat actors are actively exploiting a critical flaw (CVE-2025-12480) in Triofox by Gladinet — a remote access and file-sharing platform.The vulnerability allows authentication bypass, letting attackers create admin accounts and execute arbitrary code by abusing the 

CVE of the Week
-
by White Hat IT Security