Cybersecurity Insights
& Security Research

Awareness

Exploiting Game APIs: How Backends Get Abused

The majority of gamers assume that cheaters utilize either "cracked" programs or shady mods, whereas in fact most of the cheating occurs on the back end, i...

• Eng. Donya Bino
• Dec 21, 2025

Read Article

Hacking

LongNosedGoblin: China‑Aligned Espionage via Group Policy Abuse

The cyber espionage group "LongNosedGoblin" has been linked by ESET to a significant and growing number of targeted attacks on government entities located...

• Eng. Donya Bino
• Dec 19, 2025

Read Article

Awareness

Broken Authorization in APIs: How to Secure Your Company’s Data

APIs form a core component to the design of modern applications. However, by only focusing on authentication ("Who Are You?"), you could be overlooking a m...

• Eng. Donya Bino
• Dec 19, 2025

Read Article

Exploits

Pluck CMS Upload Bug Allows PHP Execution via .htaccess

Vulnerability exists in Pluck CMS's facility for uploading files to execute PHP on its server. The primary source of the vulnerability results from the pro...

• Eng. Donya Bino
• Dec 19, 2025

Read Article

Exploits

Cisco AsyncOS Zero‑Day Actively Exploited in Real‑World APT Attacks

Cisco has confirmed active exploitation of a maximum severity zero day vulnerability affecting Cisco AsyncOS, the operating system behind Cisco Secure Emai...

• Eng. Donya Bino
• Dec 18, 2025

Read Article

Exploits

phpMyFAQ CSRF Vulnerability Explained (CVE-2017-15808)

Cross-Site Request Forgery (CSRF) attacks are one of the most underrated web attacks, and this is even more common in legacy applications, particularly in...

• Eng. Donya Bino
• Dec 18, 2025

Read Article