A few months ago, I acquired several AI accelerators – Habana Labs Goya, the first...
Read MoreWhen Availability is top priority
IT and OT Cyber Security
Although IT (Information Technology) and OT (Operational Technology) originate from distinct domains, their convergence is becoming increasingly evident. As industrial environments become more connected, the boundaries between these two worlds are blurring — introducing new cybersecurity challenges. Bridging IT and OT security is essential to ensure operational continuity, data integrity, and protection against emerging threats targeting critical infrastructure.
OT Security
Advanced OT Cyber Security Solutions for Industrial Environments
In the realm of Operational Technology, where industrial processes and critical infrastructures intersect, ensuring the security and continuity of operations is paramount. Our specialized OT cybersecurity services are designed to protect your industrial systems, machinery, and processes from cyber threats, allowing you to focus on driving efficiency and innovation.
IT Security
Comprehensive IT Cyber Security Services
In today’s digital age, safeguarding sensitive data and ensuring the uninterrupted operation of your business is paramount. Our IT cybersecurity services are tailored to protect your organization from evolving cyber threats, providing robust defenses and peace of mind.
We are part of the CYB3R ALLIANCE
Our Blog
Check our latest articles about IT, OT and Cyber Security
Building the Perfect AI Cluster: A Chassis Challenge
Recently, I was diving into a project focused on building a custom AI cluster, which...
Read MoreIs Governance in OT Necessary? InfraSec 2025
📅 It’s March, and the excitement from the 9th edition of #InfraSECForum2025 🛡️ has settled,...
Read MoreIntel Xeon PHI 7220p – Forgotten Accelerator
A Journey Through Exotic Systems and Hardware It’s no secret that I enjoy exploring exotic...
Read MoreFollow the latest Cyber Security news
Stay ahead with real-time updates, expert insights, and critical threat intelligence.
- UAC-0145 Uses ClickFix CAPTCHAs to Infect Ukrainian Devices wih Malware
Russian state-sponsored threat actors have been observed leveraging the infamous ClickFix strategy to trick Ukrainian targets into infecting their own machines with data-stealing malware. According to the Computer Emergency Response Team of Ukraine (CERT-UA), the activity has been attributed to UAC-0145, a sub-cluster within Sandworm, an advanced hacking unit affiliated with GRU, Russia's
- SonicWall SMA Zero-Days Exploited Before Disclosure to Gain Root Access
A previously undocumented threat actor has been attributed to the exploitation of recently disclosed SonicWall Secure Mobile Access (SMA) 1000 series VPN appliances as zero-days prior their public disclosure since June 22, 2026. Cybersecurity company Volexity is tracking the activity under the moniker UTA0533. The discovery was made following an incident response investigation earlier this
- New wp2shell WordPress Core Flaw Lets Unauthenticated Attackers Run Code
Updated July 18, 2026: the two flaws now carry CVE IDs, the full mechanism has been published, a persistent-object-cache condition has surfaced, and a working proof-of-concept is public. The story below reflects all of it. An anonymous HTTP request can run code on a WordPress site. The bug is in core, so a bare install with zero plugins is exploitable. Every 6.9 and 7.0 site was in range until
- OpenSSL HollowByte Flaw Could Freeze Server Memory with 11-Byte TLS Requests
Eleven bytes will make an unpatched OpenSSL server set aside up to 131 KB of memory for a message that never arrives. On the glibc systems Okta tested, that memory is gone until the process restarts. OpenSSL shipped the HollowByte fix in June with no CVE, no advisory, and no changelog entry pointing at it. Okta's Red Team, which reported the denial-of-service bug and named it, published the
- Seven Malicious Vite npm Packages Use Blockchain C2 to Deliver a RAT
Cybersecurity researchers have discovered a cluster of seven malicious npm packages targeting the Vite frontend tooling ecosystem as part of a software supply chain attack. The malicious package campaign, codenamed ViteVenom by Checkmarx, marks an expansion of ChainVeil, which was observed using an "unprecedented" four-tier blockchain-based command-and-control (C2) infrastructure spanning Tron,
- New NadMesh Botnet Hunts Exposed AI Services for Cloud Keys and Kubernetes Tokens
A Go botnet called NadMesh turned up in early July hunting exposed AI services, and the operator's own dashboard claims 3,811 unique AWS keys. A Shodan harvester keeps the scan queue stocked with ComfyUI, Ollama, n8n, Open WebUI, Langflow, and Gradio: the image generators, local model runners, and workflow builders that teams stand up fast and firewall late. The intel feed behind that counter
Reduce the Cyber Risk in your Company






