We're leveling your security
Through a cybersecurity intelligence and learning platform delivering in-depth coverage of data breaches, cyberattacks, vulnerabilities, and offensive/defensive security insights.
Latest Updates
BridgePay and the Anatomy of a Ransomware Incident
An analysis of the BridgePay ransomware attack using the CyberLeveling Breach Anatomy Model, exploring how the incident became possible and what it reveals about risks in financial infrastructure.
Understanding Microsoft’s February 10, 2026 Security Update: What You Need to Know
A breakdown of Microsoft's February 2026 security update, focusing on the most critical RCE and security bypass vulnerabilities across Windows, Office, and Azure.
CVE Review: CVE-2026-1486 and CVE-2026-1529 in Keycloak
An analysis of two logic flaws in Keycloak (CVE-2026-1486 and CVE-2026-1529) that could allow authorization bypass and unauthorized access.
CVE-2026-25848: A Critical Authentication Bypass in JetBrains Hub
An analysis of CVE-2026-25848, a critical authentication bypass in JetBrains Hub that allows unauthenticated administrative actions, and why it poses a serious risk.
CVE-2026-25892 Explained: When a Small Bug Turns Into a Big Denial of Service
An analysis of CVE-2026-25892, a denial of service vulnerability in Adminer caused by improper input validation, and how it can impact service availability.
Analyzing Phishing Emails: A Practical SOC Analyst Guide to URLs, Attachments, and Threat Intelligence
A step-by-step guide for SOC analysts on how to safely analyze phishing emails, extract indicators, and use threat intelligence to determine impact.
A Guide to Europe’s Big Cybersecurity Conferences in 2026
A curated overview of some of the most well-known cybersecurity conferences taking place across Europe in 2026.
Guide to threat hunting Hunting LOLBins/GTFOBins
A field manual for threat hunters on how to hunt for Living Off the Land Binaries (LOLBins) on both Windows and Linux systems.
When a University Goes Dark: Lessons from the La Sapienza Cyberattack
An analysis of the cyberattack on La Sapienza University, applying a seven-level framework to understand the incident's causes, impact, and lessons for other large institutions.
Why Unauthenticated Admin Takeovers Keep Happening in WordPress Plugins CVE-2025-15027
An analysis of CVE-2025-15027, a critical privilege escalation vulnerability in the JAY Login & Register WordPress plugin that allows for a full site takeover without authentication.
CVE-2026-25751: Critical Information Disclosure in FUXA SCADA Software
An analysis of CVE-2026-25751, a critical information disclosure vulnerability in FUXA SCADA software that can lead to full system compromise.
When “Trusted” Infrastructure Isn’t: How Attackers Abuse Microsoft Cloud Services for Phishing
An analysis of how attackers are using trusted Microsoft cloud services like Azure Blob Storage to host phishing campaigns, bypassing traditional security controls.
Understanding the Flickr Data Breach (February 2026): A Clear Look at What Happened and Why
An analysis of the Flickr data breach, where a third-party email service provider's vulnerability led to potential user data exposure, highlighting supply chain risks.
CVE-2026-1731 Explained: A Critical Pre-Authentication RCE in BeyondTrust
An analysis of CVE-2026-1731, a critical pre-authentication RCE in BeyondTrust Remote Support and Privileged Remote Access, and its risks.
BYOVD Explained: How Attackers Use Vulnerable Drivers to Bypass Endpoint Security
An in-depth explanation of Bring Your Own Vulnerable Driver (BYOVD) attacks, detailing how attackers abuse legitimate, signed drivers to gain kernel-level control and disable security products.
Digital Work IDs: Necessary Evolution or Identity Overreach?
An analysis of Digital Work IDs, the problem they solve with helpdesk security, and the new risks they introduce around social engineering, privacy, and vendor lock-in.
Cyberleveling: What Security Feels Like When It Actually Works
An exploration of what true security maturity feels like in practice, moving beyond controls and metrics to the calmer, more deliberate state of a resilient organization.
Identity Gating and the Security Costs No One Mentions
An analysis of how age-based access restrictions create new identity infrastructure, and the security costs and attack surfaces that are often overlooked.
Why the Olympics Are a Cyber Target: Geopolitics, Visibility, and Digital Risk
An exploration of why the Olympic Games have become a prime target for cyberattacks, driven by geopolitics, global visibility, and digital risk.
The Substack Data Breach and Why It Likely Involved a Web Vulnerability
An analysis of the Substack data breach, exploring why a web or backend application vulnerability is the most plausible explanation, and applying a seven-level incident analysis lens.