Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover
Ravie LakshmananMar 20, 2026Web Security / Vulnerability Sansec is warning of a critical security flaw in Magento's REST API that...
AndyC
Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.
RSAC 2026 Innovation Sandbox | Humanix: People-Oriented Social Engineering Attack Detection and Response
Company Profile Humanix (see Figure 1) is a cybersecurity company focusing on human-centric threat detection and response, dedicated to...
What to Do When Your Website Is Under a DDoS Attack
The post What to Do When Your Website Is Under a DDoS Attack first appeared on StrongBox IT. ***...
DoJ Disrupts 3 Million-Device IoT Botnets Behind Record 31.4 Tbps Global DDoS Attacks
Ravie LakshmananMar 20, 2026Botnet / Network Security The U.S. Department of Justice (DoJ) on Thursday announced the disruption of command-and-control...
Apple Warns Older iPhones Vulnerable to Coruna, DarkSword Exploit Kit Attacks
Ravie LakshmananMar 20, 2026Mobile Security / Malware Apple is urging users who are still running an outdated version of iOS...
EDR killers explained: Beyond the drivers
In recent years, EDR killers have become one of the most commonly seen tools in modern ransomware intrusions: an attacker...
Key Aspects of EASA Certification and Compliance
Key Takeaways EASA certification is a structured approval process covering aircraft, parts, and organizations. Compliance is continuous and tied...
Announcing langchain-textual: PII redaction and synthesis for LangChain on Tonic Textual
Organizations building with AI are operating inside a growing paradox: the unstructured data that makes models effective—support tickets, clinical...
Automated Threat Detection for Quantum-Enabled Adversarial Attacks on AI Context
The scary reality of quantum threats to ai context Ever wonder if the data you're feeding your ai right...
Automated Threat Detection for Quantum-Enabled Adversarial Attacks on AI Context
The scary reality of quantum threats to ai context Ever wonder if the data you're feeding your ai right...
How to Secure Tax Documents Before Sending to Your Accountant
Filing your taxes may not feel risky. You download a W-2. Upload a PDF. Email a document. Move on. But...
French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure
French aircraft carrier Charles de Gaulle tracked via Strava activity in OPSEC failure Pierluigi Paganini March 20, 2026 A French...
Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking
Critical Ubiquiti UniFi UniFi security flaw allows potential account hijacking Pierluigi Paganini March 19, 2026 Ubiquiti fixed two UniFi vulnerabilities,...
Feds Disrupt IoT Botnets Behind Huge DDoS Attacks
The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets...
Sonatype Discovers Two Malicious npm Packages
Sonatype Security Research has identified a potential compromise of a trusted npm maintainer account that has now published two...
