Technologies, threats, and strategies focused on protecting systems, networks, and data from unauthorized access, breaches, or attacks. Includes articles on malware, encryption, vulnerabilities, incident response, and digital risk management.
Introduction In late July 2025 Wiz Research disclosed a critical security flaw in Base44, an AI powered application development platform recently acquired by Wix for eighty million dollars. The vulnerability allowed unauthorized access to private applications built via Base44 simply by knowing a publicly visible application ID. Attackers could bypass authentication controls including Single Sign‑On. … Read more
Introduction In April 2025, the Co-operative Group (Co-op) became one of the largest UK retailers to experience a significant cyber-attack. In a BBC interview, Co-op CEO Shirine Khoury-Haq confirmed that the personal data of all 6.5 million members was stolen during the breach. While financial and transaction data were not compromised, the stolen information includes … Read more
Introduction A major milestone in quantum computing has emerged from China. On June 24, 2025, Earth.com reported that researchers at Shanghai University, led by Wang Chao, used a D‑Wave Advantage quantum annealer to factor a 22-bit RSA key—marking the most advanced quantum factorization in this domain to date . While this result does not immediately … Read more
Introduction The digital convenience promised by mobile apps comes with a concealed cost. As users entrust their smartphones with increasing volumes of sensitive data, threat actors have adapted their methods, embedding malicious payloads within applications masquerading as trusted tools. In a recent wave of phishing campaigns uncovered by the cybersecurity firm Cyble, a new breed … Read more
Introduction On June 3, 2025, the Transportation Security Administration (TSA) issued a cybersecurity advisory warning travelers against the use of USB charging ports in public spaces, specifically in airport terminals. The warning focuses on the threat known as “juice jacking,” a form of cyberattack in which adversaries leverage physical USB connections to deploy malware, exfiltrate … Read more
Introduction In one of the most significant data security incidents of the year, AT&T is confronting a massive breach that has exposed the personal data of more than 86 million individuals. The data, which surfaced on a Russian-language cybercrime forum in mid-May and reappeared again in early June 2025, includes sensitive information such as full … Read more
Introduction In a decisive move to protect the integrity of the web, Google has announced that its Chrome browser will no longer trust certificates issued by two specific Certificate Authorities (CAs). This action follows a pattern of questionable behavior and transparency violations by these authorities, leading to a loss of confidence in their ability to … Read more
Overview A sophisticated cyberattack has compromised over 9,000 ASUS routers worldwide, establishing persistent backdoors that survive both firmware updates and device reboots. This campaign, uncovered by cybersecurity firm GreyNoise, leverages a combination of known and previously undisclosed vulnerabilities to gain unauthorized access, potentially laying the groundwork for a large-scale botnet.(infosecurity-magazine.com, esecurityplanet.com) How the Attack Works … Read more
