Blog Posts | Joshua Berkowitz

37 Articles

cybersecurity ×

How a Single Weak Password Brought Down a 158-Year-Old Company

You have a thriving company with over a century of history, one that had weathered wars, economic downturns, and industry disruptions. Yet, everything collapsed in a matter of days because of a single...

business risk cybersecurity data breach IT compliance multi-factor authentication password security ransomware

Sep 25, 2025

0 1463

News

How Attackers Exploited ViewState Deserialization to Breach Sitecore Deployments

A sophisticated cyber campaign has targeted organizations running Sitecore products, exploiting a critical zero-day flaw ( CVE-2025-53690 ). Attackers gained remote code execution by abusing exposed A...

cybersecurity deserialization incident response malware remote code execution Sitecore ViewState zero-day

Sep 21, 2025

0 1221

News

Phoenix Attack Exposes Ongoing DDR5 Memory Security Risks

Just when it seemed modern DDR5 memory was secure, researchers have demonstrated that Rowhammer-style vulnerabilities are still very much alive. The newly revealed Phoenix attack, developed by the Com...

cybersecurity DDR5 hardware vulnerabilities memory security Phoenix attack PRAC standard privilege escalation Rowhammer

Sep 18, 2025

0 1694

News

Microsoft's Project Ire: Autonomous Malware Detection with AI

Security professionals have long struggled with the overwhelming volume of malware and the manual work needed to analyze and classify threats. Project Ire, Microsoft’s advanced security AI agent, is t...

AI automation cybersecurity machine learning malware detection Microsoft Defender reverse engineering security research threat analysis

Sep 14, 2025

0 1419

News

Samsung Rushes Critical Zero-Day Patch to Protect Galaxy Devices

Samsung Galaxy owners are facing a pressing security issue after the discovery of a serious zero-day vulnerability currently being exploited. Samsung’s latest September 2025 security update is designe...

Android security cybersecurity mobile devices patch management remote code execution Samsung vulnerability zero-day

Sep 13, 2025

0 11319

News

AI-Powered Brute-Force Automation: Inside BruteForceAI

BruteForceAI is an open-source penetration testing utility that applies large language models to the long-standing problem of web login testing , automating selector discovery and accelerating both re...

AI brute-force bug bounty cybersecurity LLM penetration testing Playwright security tools

Sep 12, 2025

0 4444

Github Repos

Columbia University Data Breach: Lessons for Higher Education Security

More than 860,000 individuals have been impacted by a sweeping data breach at Columbia University, making it one of the largest cybersecurity incidents in higher education this year. The event has spa...

Columbia University cybersecurity data breach higher education identity theft incident response personal data ransomware

Sep 10, 2025

0 2211

News

Microsoft's Project Ire Is Reshaping Autonomous Malware Detection at Scale

We may be entering a cybersecurity landscape where intelligent AI agents autonomously detect and classify software threats with no human intervention required. This is quickly becoming reality with Pr...

AI security autonomous systems cybersecurity machine learning malware detection Microsoft Defender reverse engineering

Sep 6, 2025

0 3036

News

RIFT: Empowering Analysts to Tackle the Next Generation of Rust-Based Malware

Cybercriminals and nation-state actors are rapidly embracing Rust as a platform for malware, complicating life for defenders. Rust’s efficiency, type safety, and robust memory management, which make i...

cybersecurity FLIRT signatures malware analysis open source tools pattern matching reverse engineering Rust threat intelligence

Sep 3, 2025

0 1815

News

Zero-Day SharePoint Vulnerabilities: How to Protect Your Organization Now

Security teams are racing to address two newly discovered zero-day vulnerabilities in on-premises Microsoft SharePoint Server, CVE-2025-53770 and CVE-2025-53771. Dubbed the “ToolShell” exploit chain, ...

cybersecurity incident response patching remote code execution SharePoint vulnerabilities zero-day

Sep 3, 2025

0 1067

News

GitHub Copilot Vulnerability: How Prompt Injection Opened the Door to RCE Attacks

A critical vulnerability in GitHub Copilot , identified as CVE-2025-53773 exposed developers to remote code execution (RCE) and full system compromise, all triggered by malicious prompt injection with...

AI security cybersecurity developer tools GitHub Copilot Microsoft prompt injection remote code execution vulnerability

Aug 31, 2025

0 11099

News

How CBOMs and Open Collaboration Are Transforming Cryptographic Security

With digital systems woven into every aspect of business and everyday life, maintaining trust and robust security is more crucial than ever. Cryptography forms the backbone of digital trust, but as th...

CBOM cryptography cybersecurity Linux Foundation open source post-quantum security tools transparency

Aug 29, 2025

0 1903

News

1
2
3
4

Get All The Latest Research & News!

Subscribe

Our latest content

Check out what's new !

See all

Ads

Prompt Maker Image Generator

Struggling with the perfect AI image prompt? My free app helps you generate brilliant ideas and instantly creates an image to match. Go from concept to creation in two clicks!

Most Popular Articles

Check out what the hot topics are!

See all

Every shirt tells a story—and every story

#ClothingForACause