Cyber Defense Advisors

News

Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication

A set of five critical security shortcomings have been disclosed in the Ingress NGINX Controller for Kubernetes that could result in unauthenticated remote code execution, putting over 6,500 clusters at immediate risk by exposing the component to the public internet. The vulnerabilities (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and CVE-2025-1974 ), assigned a CVSS score of 9.8, […]

Cyber News

Microsoft Adds Inline Data Protection to Edge for Business to Block GenAI Data Leaks

Microsoft on Monday announced a new feature called inline data protection for its enterprise-focused Edge for Business web browser. The native data security control is designed to prevent employees from sharing sensitive company-related data into consumer generative artificial intelligence (GenAI) apps like OpenAI ChatGPT, Google Gemini, and DeepSeek. The list will be expanded over time […]

Cyber News

VanHelsing RaaS Launch: 3 Victims, $5K Entry Fee, Multi-OS, and Double Extortion Tactics

A ransomware-as-a-service (RaaS) operation called VanHelsing has already claimed three victims since it launched on March 7, 2025, demanding ransoms as high as $500,000. “The RaaS model allows a wide range of participants, from experienced hackers to newcomers, to get involved with a $5,000 deposit. Affiliates keep 80% of the ransom payments, while the core […]

Cyber News

⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More

A quiet tweak in a popular open-source tool opened the door to a supply chain breach—what started as a targeted attack quickly spiraled, exposing secrets across countless projects. That wasn’t the only stealth move. A new all-in-one malware is silently stealing passwords, crypto, and control—while hiding in plain sight. And over 300 Android apps joined […]

Cyber News

VSCode Marketplace Removes Two Extensions Deploying Early-Stage Ransomware

Cybersecurity researchers have uncovered two malicious extensions in the Visual Studio Code (VSCode) Marketplace that are designed to deploy ransomware that’s under development to its users. The extensions, named “ahban.shiba” and “ahban.cychelloworld,” have since been taken down by the marketplace maintainers. Both the extensions, per ReversingLabs, incorporate code that’s designed to invoke a PowerShell command, […]

Cyber News

How to Balance Password Security Against User Experience

If given the choice, most users are likely to favor a seamless experience over complex security measures, as they don’t prioritize strong password security. However, balancing security and usability doesn’t have to be a zero-sum game. By implementing the right best practices and tools, you can strike a balance between robust password security and a […]

Cyber News

More Countries are Demanding Backdoors to Encrypted Apps

Last month, I wrote about the UK forcing Apple to break its Advanced Data Protection encryption in iCloud. More recently, both Sweden and France are contemplating mandating backdoors. Both initiatives are attempting to scare people into supporting backdoors, which are—of course—are terrible idea. Also: “A Feminist Argument Against Weakening Encryption.”  

Cyber News

Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks

A critical security flaw has been disclosed in the Next.js React framework that could be potentially exploited to bypass authorization checks under certain conditions. The vulnerability, tracked as CVE-2025-29927, carries a CVSS score of 9.1 out of 10.0. “Next.js uses an internal header x-middleware-subrequest to prevent recursive requests from triggering infinite loops,” Next.js said in […]

Cyber News

Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories’ CI/CD Secrets Exposed

The supply chain attack involving the GitHub Action “tj-actions/changed-files” started as a highly-targeted attack against one of Coinbase’s open-source projects, before evolving into something more widespread in scope. “The payload was focused on exploiting the public CI/CD flow of one of their open source projects – agentkit, probably with the purpose of leveraging it for […]

Cyber News