If you’re using the @adonisjs/bodyparser npm package, you should update to the latest version. A newly disclosed high-severity vulnerability could allow a remote attacker to write arbitrary files on your server if they can reach a file upload endpoint. The…
I want to draw attention to a new malware campaign security researchers are tracking under the name PHALT#BLYX, which is actively targeting organizations in the European hospitality sector. According to findings from Securonix, the campaign relies on ClickFix-style social engineering…
Attack Surface Management (ASM) is often sold as a way to reduce risk. In reality, what many organizations get is more data. Security teams roll out ASM tools, asset inventories expand, alerts start firing, and dashboards fill up quickly. There…
Transparent Tribe Expands Espionage Campaigns Using Advanced RAT Techniques A long-running cyber espionage group known as Transparent Tribe has been linked to a new wave of targeted attacks aimed at Indian government bodies, academic institutions, and other strategically sensitive organizations.…
Managed security services were built around people. Analysts investigated phishing clicks, suspicious logins, and endpoint misuse after alerts were triggered. That model is starting to crack. By 2026, much of what happens inside customer environments will no longer be driven…
