Posts

May 27, 2026 11 min read ✎ Blog

Auditing a Cisco ISE Deployment Without Touching It

Read-only Cisco ISE audit tool — 52 ERS / OpenAPI endpoints, 9 findings, 21 recommendations, HTML + PDF report in 30 seconds. Open source on GitHub.

cisco-ise ise-audit consulting

May 27, 2026 11 min read ✎ Blog

Cisco ISE Profiling: Device Fingerprinting Configuration Guide

How Cisco ISE Profiling classifies every endpoint automatically — probes, policy hierarchy, Certainty Factor, configuration walkthrough, and the gotchas.

cisco-ise ise-profiling device-fingerprinting

May 27, 2026 7 min read 📰 Newsletter

FBI Warns Silent Ransom Group Walking Into Law Firms

FBI flash alert on Silent Ransom Group USB attacks at law firms. LA Metro attributed to Iranian APT. SymJack weaponizes AI coding agents. CVE-2026-45659.

cybersecurity daily-brief newsletter

May 26, 2026 9 min read 📰 Newsletter

CISA Mandates 48-Hour Drupal Patch — Active SQLi

CISA orders 48-hour Drupal patching for active SQLi exploitation, Dutch police seize 800 bulletproof hosting servers, Iran APT hits aviation sector.

cybersecurity daily-brief newsletter

May 25, 2026 8 min read 📰 Newsletter

Megalodon Poisons 5,500+ GitHub Repos

Megalodon injects malicious workflows into 5,500+ GitHub repos, CVE-2026-26980 Ghost CMS zero-day exploited, TrapDoor plants 34 packages on npm and PyPI.

cybersecurity daily-brief newsletter

May 22, 2026 9 min read 📰 Newsletter

Three CVSS 10.0 UniFi OS RCEs Patched by Ubiquiti

Ubiquiti patches three CVSS 10.0 UniFi OS RCEs, nation-state actors weaponize ROADtools for Azure AD recon, Apex One zero-day CVE-2026-34926 hits KEV.

cybersecurity daily-brief newsletter

May 21, 2026 2 min read 🎧 Podcast

Non-Human Identity Security Explained — The 45:1 NHI Crisis in 2026

45 to 1. In the average enterprise, for every human user there are 45 machine identities. Every API key. Every service account. Every agent token. Every secret

podcast techupdates

May 21, 2026 10 min read 📰 Newsletter

PAN-OS DNS RCE CVE-2026-0264 — Cisco CVSS 10

CVE-2026-0264 PAN-OS DNS heap overflow RCE patched, Cisco Secure Workload CVSS 10 API auth bypass, GitHub confirms 3,800-repo VS Code extension breach.

cybersecurity daily-brief newsletter

May 20, 2026 10 min read 📰 Newsletter

GitHub Breached via Malicious VS Code Extension

GitHub confirms 3,800 internal repos breached via trojanized VS Code extension, Verizon DBIR 2026 marks exploits top vector, CVE-2026-0264 PAN-OS DNS RCE.

cybersecurity daily-brief newsletter

May 20, 2026 5 min read 🎧 Podcast

OT/ICS Security: Defending Critical Infrastructure from Volt Typhoon

$140K. When you mess up, the lights go out for real. Final episode of TechUpdates Special Series. The most consequential security job almost nobody talks about

podcast techupdates