MCP and the Supply-Chain Problem As LLMs become the glue between humans and external systems, the way we integrate third-party services matters more than ever. Model Context Protocol (MCP) and ChatGPT connectors expose new kinds of vulnerability, where tools and manifests can carry the attack. Ori Meidan |October 23, 2025
Weaponizing Images: Prompt Injection Meets Dark AI Imagine this – you use your favorite AI assistant, and you send it a seemingly innocent image, when, all of a sudden, emails with sensitive information scraped from your computer are sent to an unknown email address. Ori Meidan |October 14, 2025
ShadowLeak: A Zero-Click, Service-Side Attack Exfiltrating Sensitive Data Using ChatGPT’s Deep Research Agent We found a zero-click flaw in ChatGPT’s Deep Research agent when connected to Gmail and browsing: A single crafted email quietly makes the agent leak sensitive inbox data to an attacker with no user action or visible UI. Co-Lead Researchers: Zvika Babo, Gabi Nakibly; Contributor: Maor Uziel |September 18, 2025
CVE is the new PoC In a previous blog, I wrote about proof of concept (PoC) exploits and the risks involved in publishing them before a patch is available. Ori Meidan |September 10, 2025
Mr Hamza’s Abyssal DDoS Mr Hamza is a prominent hacktivist group that has claimed over 250 DDoS attacks within the past three months alone. Ori Meidan |September 03, 2025
The Price of Transparency: PoCs, Disclosure and Unsecured Hardware A proof of concept (PoC) is a piece of code or a process designed to demonstrate that a vulnerability is real and exploitable. Ori Meidan |August 19, 2025
Radware’s H1 Global Threat Analysis: The Rising Tide of Cyberthreats in 2025 The first half of 2025 marked a decisive escalation in the sophistication, scale, and persistence of digital threats. Across nearly every attack vector monitored by Radware, cyberthreat activity intensified, led by surges in Web DDoS attacks, application-layer exploitation, hacktivist campaigns, and the aggressive proliferation of bad bots. Pascal Geenens |August 11, 2025
Advanced Business Logic Attack Techniques : Fail-open Bot Attacks In this blog, I’ll uncover ways bot operators disguise their bot attacks as a system bug to bypass your bot detections--and how you can identify this scenario when it happens to you. Arik Atar |August 07, 2025
The Double-Edged Sword of HTTPS Encryption In recent years, the internet has seen a significant shift towards HTTPS, a protocol that encrypts data between the user's browser and the server. Eva Abergel |July 22, 2025
Threat Intelligence Is Now the Center of Cyber Defense The industry has crossed a threshold. The volume, velocity, and sophistication of cyberattacks—fueled by generative AI, political conflict, and automated botnets—have pushed traditional, siloed security architectures past their breaking point. Vladislav Bukin |July 08, 2025
Keymous+: A New Hacktivist Collective or a DDoS-as-a-Service Brand in Disguise? Since late 2023, a group calling itself "Keymous+" has been steadily ramping up its activity online, claiming responsibility for a wave of DDoS attacks across Europe, North Africa, the Middle East, and parts of Asia. Ori Meidan |July 02, 2025
Threat Intelligence 2025: The CISO’s Playbook for AI Fueled DDoS and Bot Defense AI-powered threat campaigns are now routine. Web DDoS volumes remain at record highs, and bot traffic still accounts for more than 70% of all internet activity, with many bots now capable of mimicking legitimate human behavior in real-time. Vladislav Bukin |June 12, 2025