Explore our categories

Throughout our investigation, we identified hard-coded C2 IP addresses embedded in Open Source Projects through multiple methods: 1. Exploits and Proof-of-Concept (PoC) code Several public PoCs included "hidden callbacks pointing to external servers, often without any...

We are excited to announce the launch of the Cyber Jungle Intelligence Series, a new line of investigative threat-intelligence reports designed to navigate the dense, unpredictable, and often hostile terrain of the cyber landscape. Much like a real jungle, today's...

We are pleased to announce the development of a Security Operations Center (SOC) in Dubai, United Arab Emirates, to offer SOC-as-a-Service (SOCaaS) solutions. This initiative aims to enhance cybersecurity capabilities in the region by providing advanced threat...

In this article, we will take a look over some of the security tools that you can implement within the CI/CD pipelines testing, in order to early detect flaws or issues before deploying to production. All the tools listed are open-source or free to use. Why is it...

In this blog post, we will see how attackers can take leverage of your exposed Swagger UI file in order to launch Credentials Harvesting attacks, and how you can protect against them. Attack Requirements Your organization exposes documentation for API services using...