Vulnerabilities & Alerts
CVE-2025-7775 – Memory Overflow Vulnerability in Citrix NetScaler
by •
Executive SummaryFollowing the actively exploited vulnerability in Citrix NetScaler (CVE-2025-7775), this summary provides an overview of the technical details and the associated risks. The flaw, a critical memory overflow, has been added by CISA to its Known Exploited Vulnerabilities (KEV) catalog due to confirmed in-the-wild exploitation. It allows unauthenticated remote code execution on vulnerable appliances,…
CTI & OSINT
APT29 — Factual Brief
by •
I use the label “APT29,” also known as Cozy Bear, The Dukes, NOBELIUM, and—under Microsoft’s taxonomy—Midnight Blizzard. Public reporting predominantly attributes this actor to Russia’s Foreign Intelligence Service (SVR), and the multiple aliases reflect vendor naming schemes. Objectives and targeting I observe a primary espionage focus on governments, diplomatic missions, think tanks, IT/Cloud providers, and…
CTI & OSINT
Secret Messengers (NSA/GCHQ, 2025)
by •
I had long wanted to examine the intelligence employed during the Second World War. Drawing on the training I received at the École de Guerre Économique (EGE), I present here a neutral, factual synthesis, accompanied by full references as well as the original document that served as my source. This article synthesizes the report Secret…
CTI & OSINT
ShinyHunters, Scattered Spider and sp1d3rhunters Malware
by •
I am sharing an analysis of two groups making headlines in the cybersecurity landscape, along with the sp1d3rhunters malware.All information comes from open sources, so you can verify every detail presented in this article. I wish you an excellent read. 1. General overview and history: ShinyHunters is a financially motivated hacking group that emerged in…
Open Source & Tools
Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments
by •
On August 6, 2025, Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) sounded the alarm on a newly disclosed high-severity vulnerability affecting Microsoft Exchange Server in hybrid deployment scenarios. Tracked as CVE-2025-53786, the flaw allows a threat actor with administrative access to an on-premises Exchange server to escalate privileges in the organization’s Exchange…
