Proactive Defense: Eclipse Foundation Mandates Pre-Publish Security Checks for Open VSX Extensions
Home / DONATE · SUPPORT We keep threat intelligence free. No paywalls, no ads. Your donation directly funds server infrastructure, research, and tools. Every contribution – no matter the size – makes this platform sustainable. 100% of your support goes to the platform. No corporate sponsors, just the community. ROOT::DONATE Previous Post Donate Now
CISA Flags Critical SolarWinds Web Help Desk RCE Bug Under Active Attack
CISA has added a critical SolarWinds Web Help Desk RCE vulnerability (CVE-2025-40551) to the KEV catalog due to active exploitation. This post breaks down the deserialization flaw, MITRE ATT&CK mapping, and provides a step-by-step mitigation guide for defenders.
DockerDash Vulnerability: Critical AI Flaw in Docker Desktop Enables Code Execution via Image Metadata
A deep dive into the DockerDash vulnerability affecting Docker Desktop’s Ask Gordon AI assistant. Understand the meta-context injection attack, impact, and mitigation steps.
When the Cloud Fails: Protecting Identity Systems from Widespread Outages
Cloud outages can paralyze identity systems, blocking access to critical applications. This article explores the hidden dependencies, real-world impacts, and practical steps to ensure your identity infrastructure survives when the cloud fails.
Metro4Shell Under Fire: How Attackers Exploit CVE-2025-11953 in React Native Tooling
Threat actors are actively exploiting CVE-2025-11953 (Metro4Shell), a critical RCE in the React Native CLI’s Metro development server. This post breaks down the attack chain, maps it to MITRE ATT&CK, and provides actionable defense steps for developers and security teams.
APT28 Weaponizes Microsoft Office CVE-2026-21509: A Deep Dive into Operation Neusploit
APT28 (Fancy Bear) is exploiting a newly disclosed Microsoft Office vulnerability (CVE-2026-21509) to target government entities in Eastern Europe. This post breaks down the technical attack chain, from malicious RTF files to the deployment of MiniDoor and COVENANT Grunt implants, and provides actionable defense guidance.
Firefox’s One-Click AI Kill Switch: Master Your Generative AI Privacy
Mozilla introduces a one-click option in Firefox 148 to disable all generative AI features. This guide explains the new privacy control, step-by-step activation, potential risks of AI features, and how this setting reduces your attack surface. Perfect for beginners and pros who value privacy.
Lotus Blossom’s Notepad++ Supply Chain Attack: A Deep Dive into the Chrysalis Backdoor
In mid-2025, the Lotus Blossom hacking group breached Notepad++’s hosting provider, hijacking update traffic to deliver the Chrysalis backdoor. This beginner-friendly post breaks down the attack flow, maps MITRE ATT&CK techniques, and provides red/blue team insights to help you defend against similar supply chain threats.
341 Malicious ClawHub Skills Exposed in OpenClaw Supply Chain Attack
Security researchers uncovered 341 malicious skills on ClawHub, an OpenClaw marketplace, distributing Atomic Stealer malware via fake prerequisites. This post explains the attack, its impact, and how to defend.
Critical OpenClaw Remote Code Execution: One-Click Exploit Puts AI Assistants at Risk
A critical OpenClaw vulnerability (CVE-2026-25253) allows one-click remote code execution via malicious links. This post explains the exploit, its impact, and how to secure your AI assistant.