Introduction CVE-2025-1137 is a high-severity command injection vulnerability discovered in IBM Storage Scale (formerly known as IBM Spectrum Scale). This vulnerability affects versions 5.2.2.0 and 5.2.2.1 and was officially disclosed in May 2025. It allows authenticated users to execute commands with elevated privileges in specific configurations. This blog post will take a deep dive into … Read more
Stay informed with our weekly roundup of top 10 key happenings in tech, cyber and geopolitics. Discover the most significant developments, trends and breakthroughs shaping the industry, all in one concise update. The card image tiles are designed for easy recognition of the category to which the news belongs. 💡 The links provided in this … Read more
Introduction: Ghosts in the Machine “In 2025, hackers aren’t just breaking in—they’re living inside your systems undetected.” Cybersecurity in 2025 isn’t just about firewalls and antivirus anymore. Today’s biggest threats come in the form of Advanced Persistent Threats, or APTs—long-term, stealthy intrusions carried out by highly skilled adversaries. These aren’t your average smash-and-grab attacks. APTs … Read more
Next.js Middleware Authentication Bypass (CVE-2025-29927) Classic XML External Entity (XXE) injection This combination ultimately allowed me to read system files and retrieve the flag from the server. 🔍 Recon – The Starting Point We were given the URL: Visiting the site showed a clean interface with a mysterious Admin section. Clicking it led to a … Read more
The Rise of CPU-Level Ransomware: A New Era of Undetectable Threats Before diving into CPU-level ransomware, let’s first understand what ransomware actually is. Ransomware is a type of malicious software (malware) that locks or encrypts your files and demands a ransom to unlock them. The victim loses access to their data unless they pay the … Read more
Introduction In today’s fast-evolving digital landscape, Artificial Intelligence (AI) has emerged as a game-changer in cybersecurity. From automating threat detection to analyzing vast codebases for hidden vulnerabilities, AI technologies are reaching their peak capability, empowering security researchers like never before. Advanced language models and machine learning algorithms can simulate complex attack scenarios, reason about concurrent … Read more
In today’s world, we are surrounded by smart devices. From Alexa and Google Home to smart TVs, door cameras, and even internet-connected cars — all of these are part of the Internet of Things or IoT. They make our lives easier and more connected, but they also come with a hidden danger, they can be … Read more
Introduction “In 2025, cyber attackers don’t break down your door—they quietly slip in, take a seat at your desk, and wait for the perfect moment. The scariest part? You may never know they were there.” Today’s cyber threats are no longer brute-force hacks or noisy ransomware attacks. Instead, attackers use stealth tactics—blending into legitimate activity, … Read more
Introduction “In 2025, cyber attackers don’t break down your door—they quietly slip in, take a seat at your desk, and wait for the perfect moment. The scariest part? You may never know they were there.” Today’s cyber threats are no longer brute-force hacks or noisy ransomware attacks. Instead, attackers use stealth tactics—blending into legitimate activity, … Read more