Articles

News 2 min read

European Commission hacked via AWS: when public cloud becomes an attack vector

The European Commission's AWS account was compromised, highlighting cloud security risks for government institutions and the shared responsibility model.

March 28, 2026

Tools 2 min read

LangChain: 3 flaws expose your data, secrets, and AI conversations

Three vulnerabilities discovered in LangChain and LangGraph expose filesystem data, environment secrets, and conversation history. 52 million weekly downloads.

March 28, 2026

Compliance 2 min read

Trump's 2026 Cyber Strategy: what changes for international businesses

The new US cyber strategy published March 6, 2026 reforms regulations, deploys offensive capabilities, and impacts European businesses operating in the US.

March 28, 2026

News 2 min read

Foster City declares state of emergency after ransomware: when a city shuts down

Foster City, California declared a state of emergency after a ransomware attack paralyzed municipal services for over a week.

March 26, 2026

Threat Intelligence 2 min read

GlassWorm: supply chain attack via 72 VSCode extensions

The GlassWorm campaign compromised 72 Open VSX extensions to target developers. Attack analysis and protection measures for development teams.

March 26, 2026

News 2 min read

Malaysia Airlines hit by Qilin: passenger data and internal documents compromised

Ransomware group Qilin claims an attack on Malaysia Airlines. Passenger bookings, HR files, vendor contracts, and internal communications compromised.

March 26, 2026

Vulnerabilities 2 min read

PolyShell (Magento/Adobe Commerce): unauthenticated RCE, mass exploitation

PolyShell, a critical vulnerability in Magento and Adobe Commerce, allows unauthenticated file upload and execution. 50+ IPs actively scanning.

March 26, 2026

Tutorials 2 min read

WebRTC skimmer: understanding and detecting next-gen payment theft

Payment skimmers now use WebRTC data channels to exfiltrate card data, bypassing WAFs and traditional security controls. Detection guide.

March 26, 2026

News 2 min read

Citrix NetScaler CVE-2026-3055: memory leak via SAML, what to do

Citrix patches CVE-2026-3055 (CVSS 9.3), a NetScaler ADC/Gateway flaw allowing sensitive memory reads via SAML. Analysis and remediation.

March 25, 2026

Vulnerabilities 2 min read

CVE-2026-20131 (Cisco FMC): CVSS 10.0, exploited as zero-day by Interlock

Analysis of CVE-2026-20131, a deserialization flaw in Cisco Secure Firewall Management Center. Maximum CVSS score, exploited by Interlock group since January 2026.

March 25, 2026

Compliance 3 min read

EU AI Act: what cyber teams must prepare before August 2026

The EU AI regulation enters full application on August 2, 2026. Cybersecurity requirements, timeline, penalties, and preparation guide for CISOs.

March 25, 2026

Tutorials 2 min read

Hardening Ubiquiti UniFi: guide after CVE-2026-22557 (CVSS 10.0)

CVE-2026-22557 in Ubiquiti UniFi Network Application allows full system takeover. Hardening guide and exposure verification.

March 25, 2026