Security Bulletin

As the region continues with its ambitious road map, cybersecurity must be woven into every step of the process.

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.

Walking my dog earlier, I came across the sign on the right. Having just looked at yet another middleware/HTTP header issue (the Next.js problem that became public this weekend) [1], I figured I should write something about HTTP headers. We all know...

"Research Center 227" reportedly focused on using AI for cyberattacks.

DOGE is making wild moves at CISA, including bringing back fired probationary employees only to put them on paid leave, and reportedly gutting the agency's red teams.

The attackers are taking an indirect approach to targeting SEO professionals and their Google credentials, using a fake digital marketing website.

Law enforcement entities in democratic states have been deploying top-of-the-line messaging app spyware against journalists and aid workers.

Cato Networks researchers create jailbreak method where hacking is normal in an alternate reality.

Most severe of the newly added flaws is the Edimax IC-7100 IP camera OS command injection vulnerability, tracked as CVE-2025-1316.