BLOGS
Onze inzichten
Verken deskundige inzichten over cybersecuritytrends, bedreigingen en strategieën om uw bedrijf veilig te houden.
Security
Aug 5, 2025
Scattered Spider Arrests Bring Relief, But Copycat Hackers Sustain the Pressure
The arrests of Scattered Spider members have slowed attacks, but copycats still exploit phishing, MFA bypass, and SIM swaps to target organizations. This pause offers security teams a chance to strengthen defenses through updated incident response, tighter access controls, hypervisor monitoring, and employee training. Lasting resilience requires layered defenses that blend technology, processes, people, and continuous threat intelligence.
Security
Jul 25, 2025
Microsoft Urges Immediate Action: Critical SharePoint RCE Patch Now Available
A critical RCE flaw in Microsoft SharePoint (CVE-2025-53770) is being actively exploited, with attackers chaining it to bypass MFA and gain persistent access. Given SharePoint’s deep integration with Microsoft 365, the risk of lateral compromise is severe. Organizations must patch immediately and adopt layered defenses including identity monitoring, EDR, and incident readiness to stay protected.
Security
Jul 22, 2025
Beyond Backup: Why Cyber Resilience Demands a Rethink in the Age of Ransomware
Is your business still relying on traditional backups to safeguard against ransomware? Our latest blog, “Beyond Backup: Why Cyber Resilience Demands a Rethink in the Age of Ransomware,” highlights why backups alone aren’t enough in today’s threat landscape. Modern ransomware doesn’t just target your data—it targets your ability to recover. From immutable backups and automated recovery testing to orchestrated recovery playbooks, building true cyber resilience requires a shift in strategy.
Security
Jul 19, 2025
XORIndex Malware Spread Widens as North Korean Hackers Exploit npm Registry
XORIndex Malware: North Korean Hackers Target npm Registry in Ongoing Supply Chain Attack The open-source community faces a growing challenge: supply chain attacks are no longer rare events but persistent threats. Our latest blog unpacks how North Korean threat actors are exploiting the npm registry with a new malware loader, XORIndex, as part of their broader Contagious Interview campaign. This attack highlights how software dependencies—trusted by developers worldwide—can become backdoors for sophisticated adversaries. The evolving tactics underscore why securing the supply chain is no longer optional.
Security
Jul 15, 2025
Over 600 Laravel Apps at Risk of Remote Code Execution Due to Leaked APP_KEYs on GitHub
600+ Laravel Applications Vulnerable to Remote Code Execution Due to Leaked APP_KEYs on GitHub In today’s fast-moving development pipelines, even one leaked secret can turn a secure application into a breach waiting to happen. Security researchers recently uncovered a critical threat: over 600 Laravel applications are exposed to Remote Code Execution (RCE) attacks after sensitive APP_KEYs were found publicly leaked on GitHub. This key isn’t just a string—it’s a gateway into encrypted sessions, authentication flows, and sensitive application data. The incident serves as a stark reminder of the importance of robust secrets management and secure development practices.
Security
Jul 11, 2025
Taiwan Flags TikTok, Weibo, RedNote as Data Security Threats Due to China Links
Taiwan Flags TikTok, Weibo, RedNote as Data Security Threats Due to China Links Taiwan’s National Security Bureau has raised serious concerns over China-developed apps like TikTok, Weibo, and RedNote—citing invasive data collection and transmission practices. RedNote failed all 15 security indicators in their assessment, with TikTok and Weibo close behind. These aren’t isolated concerns. Governments across the globe—from India to Canada—are now responding to the broader risks of geopolitical influence through digital platforms.
Security
Jul 4, 2025
Escalating Iranian Cyber Threats Target U.S. Defense and Critical Infrastructure
A recent advisory from U.S. cybersecurity and intelligence agencies warns of a growing wave of cyber activity linked to Iranian state-sponsored groups—targeting defense contractors, OT systems, and critical infrastructure.The methods may seem familiar, but their impact is increasingly sophisticated—leveraging reconnaissance tools, remote access trojans, and legitimate admin utilities like PsExec and Mimikatz to quietly move through environments undetected.
Security
Jul 1, 2025
Severe Open VSX Vulnerability Opens Door to Supply Chain Attacks
A critical flaw in the Open VSX Registry—used by tools like Gitpod, Google Cloud Shell Editor, and Cursor—has revealed just how vulnerable trusted software ecosystems can be. This vulnerability allowed attackers to exploit the extension publishing workflow, potentially injecting malicious code with broad reach into millions of developer environments.
Security
Jun 27, 2025