BLOGS
Onze inzichten
Verken deskundige inzichten over cybersecuritytrends, bedreigingen en strategieën om uw bedrijf veilig te houden.
Security
Sep 21, 2025
The Collins Aerospace Cyberattack: A Wake-Up Call for Aviation Cybersecurity
The recent cyberattack on Collins Aerospace disrupted major European airports, exposing critical vulnerabilities in aviation’s reliance on centralized technology providers. This incident underscores the growing threat landscape, with aviation cyberattacks surging by 600% in the past year. The blog explores lessons in vendor risk, resilience, and pragmatic cybersecurity planning to safeguard global air travel.
Security
Sep 19, 2025
Entra ID Actor Token: Risk, Impact, and Immediate Mitigations
A critical flaw in Microsoft Entra ID’s Actor tokens exposed tenants worldwide to silent Global Admin compromise. Our blog explains how the vulnerability worked, its risks, and the key mitigations organizations need to adopt.
Security
Sep 11, 2025
npm Debug & Chalk Breach: Lessons from a Supply-Chain Attack
A supply-chain compromise of popular npm packages like `debug` and `chalk` injected stealthy crypto-stealing malware, underscoring urgent risks in open-source dependencies and the need for stronger defenses.
Security
Sep 8, 2025
CVE-2025-42957: Critical SAP S/4HANA Vulnerability Now Exploited in the Wild
A critical flaw in SAP S/4HANA (CVE-2025-42957, CVSS 9.9) is under active exploitation, allowing attackers to gain near-total control over enterprise SAP systems. This blog breaks down how the vulnerability works, the risks it poses, and the immediate steps organizations must take to protect their mission-critical operations.
Security
Sep 4, 2025
Jaguar Land Rover Cyberattack: Managing Risk in a Connected Automotive World
Jaguar Land Rover’s recent cyberattack highlights how digital threats now disrupt not just IT, but entire manufacturing and supply chain operations. This blog explores key lessons in resilience, supply chain security, and OT protection for today’s connected industries.
Security
Sep 4, 2025
Palo Alto Networks Breach: Lessons from the Salesloft Drift Supply-Chain Attack
Discover how the Palo Alto Networks breach, linked to the Salesloft Drift supply-chain attack, exposed the risks of OAuth token misuse. This blog unpacks the attack process, what went wrong, industry breach statistics, and practical steps organizations can take to strengthen SaaS and supply-chain security.
Security
Aug 29, 2025
ShadowCaptcha Attack Turns WordPress Sites into Malware Delivery Platforms
ShadowCaptcha is a new campaign exploiting vulnerable WordPress sites to spread ransomware, info-stealers, and crypto miners. By luring victims with fake CAPTCHA pages, it combines technical exploits with social engineering to bypass defenses and cause severe damage.
Security
Aug 27, 2025
Beyond Botnets: The Rise of GeoServer Exploits, PolarEdge, and Gayfemboy in Cybercrime
Cybercrime is shifting from noisy botnets to stealthy, profit-driven campaigns exploiting internet-facing services (e.g., GeoServer, Redis) and IoT devices. Advanced threats like PolarEdge’s ORB botnets and Gayfemboy malware focus on persistence, covert operations, and monetization (cryptojacking, DDoS). Organizations must adopt proactive patching, anomaly detection, segmentation, and stronger security awareness to stay resilient.
Security
Aug 8, 2025