The Axios npm supply chain incident: fake dependency, real backdoor
On March 31, 2026, two malicious Axios versions (1.14.1 and 0.30.4) were briefly published to npm via a compromised maintainer account. The only change performed was the addition of a trojanized dependency, whose postinstall script deployed a cross‑platform RAT (for macOS, Windows, and Linux). Although the Axios packages were removed within hours, multiple hits were…
Why the pentesting playbook doesn’t fit: belief, assumptions, and non-determinism
About the author Hussein Bahmad Hussein is a penetration testing manager in NVISO’s SSA team in which he manages a variety…
Ivanti EPMM ‘Sleeper Shells’ not so sleepy?
In late January 2026 an advisory covering two remote code execution vulnerabilities (CVE-2026-1281 & CVE-2026-1340) in Ivanti Endpoint Manager Mobile…
Capture the Kerberos Flag: Detecting Kerberos Anomalies
Kerberos is one of the most common protocols in organizations that utilize Windows Active Directory, and an essential part of…
An introduction to automated LLM red teaming
Introduction As large language models become increasingly embedded in production applications, from customer service chatbots to code assistants and document…
Rootless Containers with Podman
In modern digital infrastructure, containerization has become one of the most significant technologies, offering automation, portability, and resilience of services…
ConsentFix (a.k.a. AuthCodeFix): Detecting OAuth2 Authorization Code Phishing
ConsentFix (a.k.a.AuthCodeFix) is the latest variant of the fix-type phishing attacks, initially identified by Push Security. In this technique, the…
Something went wrong. Please refresh the page and/or try again.