We bet you thought you’d be allowed to sit there, breathe, and savour the few moments of peace you’d earned after a painful week in cyber security.

Obviously, you were horribly wrong, and you need to wake up now - we’re back, it’s all on fire,

TLDR
I have recieved a legit Zoom doc email from HR “while on job hunt” . It redirected to a site with a fake “bot protection” gate and then to a Gmail credential phish. The attackers exfiltrate creds live over WebSocket and even validate them in the backend.…

LLMs can speed up security tasks like code comprehension and proof of concept creation. But, over-reliance risks missing subtle vulnerabilities and weakening core skills. How do we use LLMs optimally?

This is the last of our posts about ksmbd. For the previous posts, see part1 and part2.

Drawing parallels between niche concepts to the point it seems crazy (And maybe is) is one of the few perks of having impeccable pattern recognition

The post walks through the usage and the security considerations of domain join accounts used in Active Directory

It all started with my good colleague @schniggie who’s got my attention with an X post earlier that year. Until then I rarely heared of Supabase, but let us start from the scratch.
Firebase changed the way developers think about backend infrastructure: auth…

Discover how Varonis' advanced threat response ensured zero downtime and complete remediation when stopping a ransomware attack.

Note: This post is complemented by a presentation I gave at KazHackStan 2025. The slides (which were prepared fewer than 24 hours before the actual presentation) for that talk can be found here, or in pptx format here.

CISA emergency alert: AI phishing attacks surge 300% targeting US businesses. Expert defense strategies for AI-powered cyber threats in 2025.

Supply chain cyber attacks surge 250%. CISA emergency directive: 15+ Fortune 500 companies compromised. Massachusetts affected. October 2025.

Swap out compiled Node.js addons with your own code and force a legitimate Electron application load your code

Welcome back. We’re excited to yet again publish memes under the guise of research and inevitably receive hate mail. But today, we’ll be doing something slightly different to normal.

“Wow, watchTowr, will you actually be publishing useful information instead…

1 Prologue
A while ago, I took a flight from Canada back to Hong Kong - about 12 hours in total with Air Canada.
Interestingly, the plane actually had WiFi:














However, the WiFi had restrictions. For Aeroplan…

IAmAntimalware employs new red team techniques by cloning services of Antivirus. Allow inject code into processes whitelisted, protected by Antivirus

When you're handed an SDK with no documentation and told "the backend is secure because it's proprietary," grpc-scan helps prove otherwise

AI deception platform: Deceive, Detect, Respond. “You can’t defend. You can’t prevent. The only thing you can do is detect and respond.” Bruce Schneier. We turn that hard truth into your tactical advantage. Our AI-based decoys, built using our open-source…