@blog.nviso.eu@rss-parrot.net
I'm an automated parrot! I relay a website's RSS feed to the Fediverse. Every time a new post appears in the feed, I toot about it. Follow me to get all new posts in your Mastodon timeline! Brought to you by the RSS Parrot.
---
Cyber security research, straight from the lab! 🐀
Site URL: blog.nviso.eu
Feed URL: blog.nviso.eu/feed
Posts: 6
Followers: 1
Security’s Blind Spot: Physical Keyloggers That Bypass Antivirus Entirely
Published: April 10, 2026 11:49
Keyloggers: A Persistent Threat Nowadays, virtually all digital services rely on logins and authentication, from email inboxes to help desks. These involve login credentials to prove identity, typically at least a username and a password. Initially, this…
The Axios npm supply chain incident: fake dependency, real backdoor
https://blog.nviso.eu/2026/04/03/the-axios-npm-supply-chain-incident-fake-dependency-real-backdoor/
Published: April 3, 2026 09:24
On March 31, 2026, two malicious Axios versions (1.14.1 and 0.30.4) were briefly published to npm via a compromised maintainer account. The only change performed was the addition of a trojanized dependency, whose postinstall script deployed a…
Why the pentesting playbook doesn’t fit: belief, assumptions, and non-determinism
Published: March 27, 2026 08:22
About the author Hussein Bahmad Hussein is a penetration testing manager in NVISO’s SSA team in which he manages a variety of application security projects. He plays an active role on the R&D team, focusing on AI and automation within the security…
Ivanti EPMM ‘Sleeper Shells’ not so sleepy?
https://blog.nviso.eu/2026/03/13/ivanti-epmm-sleeper-shells-not-so-sleepy/
Published: March 13, 2026 15:43
In late January 2026 an advisory covering two remote code execution vulnerabilities (CVE-2026-1281 & CVE-2026-1340) in Ivanti Endpoint Manager Mobile (EPMM) was published. Shortly after reports (in example by tenable) mentioned publicly available…
Capture the Kerberos Flag: Detecting Kerberos Anomalies
https://blog.nviso.eu/2026/02/12/capture-the-kerberos-flag-detecting-kerberos-anomalies/
Published: February 12, 2026 08:48
Kerberos is one of the most common protocols in organizations that utilize Windows Active Directory, and an essential part of Windows authentication used to verify the identity of a user or a host [1]. As such, Kerberos is often a target for adversaries…
An introduction to automated LLM red teaming
https://blog.nviso.eu/2026/02/05/an-introduction-to-automated-llm-red-teaming/
Published: February 5, 2026 10:54
Introduction As large language models become increasingly embedded in production applications, from customer service chatbots to code assistants and document analysis tools, the security implications of these systems have moved from theoretical concern to…