Offensive Security

Fri, 10 Apr 2026

Analysis of one billion CISA KEV remediation records exposes limits of human-scale security

Critical vulnerabilities remain open longer despite increased patching efforts; the defense architecture must fundamentally change to address rapid AI-driven threats.

Read Article

Fri, 10 Apr 2026

Juniper Networks Patches Dozens of Junos OS Vulnerabilities

Juniper Networks patched nearly 36 vulnerabilities including a critical default password flaw in Junos OS. The issue allows remote attackers to gain full access to devices.

Read Article

Fri, 10 Apr 2026

ClickFix campaign delivers Mac malware via fake Apple page

Security researchers at Jamf have uncovered a new ClickFix-style attack targeting Mac users via a fake Apple-themed webpage offering instructions on how to “reclaim disk space on your Mac”. The malici

Read Article

Fri, 10 Apr 2026

Microsoft: Canadian employees targeted in payroll pirate attacks

Storm-2755 steals Canadian employees' salary payments using AiTM attacks on Microsoft 365. Attackers bypass MFA by hijacking authentication tokens via fake sign-in pages.

Read Article

Fri, 10 Apr 2026

Poisoned “Office 365” search results lead to stolen paychecks

Storm-2755 targets Canadian employees to redirect salary payments via phishing and SEO poisoning. They use fake Microsoft 365 login pages to steal credentials and session tokens.

Read Article

Fri, 10 Apr 2026

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

AI browser extensions pose a significant, overlooked security risk with high vulnerability rates and extensive access within user browsers.

Read Article