Deconstructing the Cashout Attack Kill Chain: Five Overlooked Indicators Statistically speaking, the vast majority of malicious bot attacks across the web are driven by credential stuffing attacks, as threat actors use breached credentials to take over accounts of credential-recycling users. Arik Atar |November 24, 2025
Belgium in the Crosshairs: Russia’s Hybrid Pressure Campaign Over NATO’s Capital Belgium – host to NATO HQ, SHAPE, the EU Commission, and one of Europe’s densest intelligence ecosystems – sits at the geopolitical center of Western defense and policymaking. Pascal Geenens |November 06, 2025
MCP and the Supply-Chain Problem As LLMs become the glue between humans and external systems, the way we integrate third-party services matters more than ever. Model Context Protocol (MCP) and ChatGPT connectors expose new kinds of vulnerability, where tools and manifests can carry the attack. Ori Meidan |October 23, 2025
Weaponizing Images: Prompt Injection Meets Dark AI Imagine this – you use your favorite AI assistant, and you send it a seemingly innocent image, when, all of a sudden, emails with sensitive information scraped from your computer are sent to an unknown email address. Ori Meidan |October 14, 2025
ShadowLeak: A Zero-Click, Service-Side Attack Exfiltrating Sensitive Data Using ChatGPT’s Deep Research Agent We found a zero-click flaw in ChatGPT’s Deep Research agent when connected to Gmail and browsing: A single crafted email quietly makes the agent leak sensitive inbox data to an attacker with no user action or visible UI. Co-Lead Researchers: Zvika Babo, Gabi Nakibly; Contributor: Maor Uziel |September 18, 2025
CVE is the new PoC In a previous blog, I wrote about proof of concept (PoC) exploits and the risks involved in publishing them before a patch is available. Ori Meidan |September 10, 2025
Mr Hamza’s Abyssal DDoS Mr Hamza is a prominent hacktivist group that has claimed over 250 DDoS attacks within the past three months alone. Ori Meidan |September 03, 2025
The Price of Transparency: PoCs, Disclosure and Unsecured Hardware A proof of concept (PoC) is a piece of code or a process designed to demonstrate that a vulnerability is real and exploitable. Ori Meidan |August 19, 2025
Radware’s H1 Global Threat Analysis: The Rising Tide of Cyberthreats in 2025 The first half of 2025 marked a decisive escalation in the sophistication, scale, and persistence of digital threats. Across nearly every attack vector monitored by Radware, cyberthreat activity intensified, led by surges in Web DDoS attacks, application-layer exploitation, hacktivist campaigns, and the aggressive proliferation of bad bots. Pascal Geenens |August 11, 2025
Advanced Business Logic Attack Techniques : Fail-open Bot Attacks In this blog, I’ll uncover ways bot operators disguise their bot attacks as a system bug to bypass your bot detections--and how you can identify this scenario when it happens to you. Arik Atar |August 07, 2025
The Double-Edged Sword of HTTPS Encryption In recent years, the internet has seen a significant shift towards HTTPS, a protocol that encrypts data between the user's browser and the server. Eva Abergel |July 22, 2025
Threat Intelligence Is Now the Center of Cyber Defense The industry has crossed a threshold. The volume, velocity, and sophistication of cyberattacks—fueled by generative AI, political conflict, and automated botnets—have pushed traditional, siloed security architectures past their breaking point. Vladislav Bukin |July 08, 2025