NVISO Labs · Scour

Securing AI systems without overconfidence or fear – Part 2: Attack surfaces and the checkpoint flow

blog.nviso.eu·8h

Security’s Blind Spot: Physical Keyloggers That Bypass Antivirus Entirely

blog.nviso.eu·6w

The Axios npm supply chain incident: fake dependency, real backdoor

blog.nviso.eu·7w

Why the pentesting playbook doesn’t fit: belief, assumptions, and non-determinism

blog.nviso.eu·8w

Exploitation of CVE-2026-1281 & CVE-2026-1340 Ivanti EPMM Sleeper Shells

blog.nviso.eu·10w

Capture the Kerberos Flag: Detecting Kerberos Anomalies

blog.nviso.eu·14w

Boost LLM Security: automated Red Teaming at Scale with Promptfoo

blog.nviso.eu·15w

Enterprise Podman Security: Rootless Containers, SELinux, Backups & Docker Comparison

blog.nviso.eu·15w·r/selfhosted

ConsentFix (a.k.a. AuthCodeFix): Detecting OAuth2 Authorization Code Phishing

blog.nviso.eu·16w

OWASP Top 10 2025 – A Pentester’s Perspective

blog.nviso.eu·19w

Integrating Abuse Case Scenarios to Improve Authorization Testing

blog.nviso.eu·22w·Hacker News

The Detection & Response Chronicles: Exploring Telegram Abuse

blog.nviso.eu·22w

Managing SIEM Log Collectors at Scale with Ansible and GitHub Actions – Part 1

blog.nviso.eu·23w

Detection Engineering: Practicing Detection-as-Code – Tuning – Part 8

blog.nviso.eu·25w

Contagious Interview Actors Now Utilize JSON Storage Services for Malware Delivery

blog.nviso.eu·27w

Vulnerability Management – Process Perspective

blog.nviso.eu·29w

Patching Android ARM64 library initializers for easy Frida instrumentation and debugging

blog.nviso.eu·31w

Vulnerability Management – Requirements, Scoping & Target Setting

blog.nviso.eu·32w

Detection Engineering: Practicing Detection-as-Code – Monitoring – Part 7

blog.nviso.eu·32w

What Did the Attacker Read? MailItemAccessed Tells You

blog.nviso.eu·33w

Log in to enable infinite scrolling