Security insights
The blog.
Analysis of the latest vulnerabilities and threats, prioritized for Saudi finance.
Adobe's BPO Backdoor: How 'Mr. Raccoon' Stole 13M Support Tickets — and What Saudi Financial Institutions Must Learn About Vendor Risk
15 Apr 2026
CVE-2026-40261 & CVE-2026-40176: PHP Composer's Hidden Command Injection Risk — What Saudi Fintech Dev Teams Must Patch Now
15 Apr 2026
CVE-2026-25075: The 15-Year strongSwan Flaw That Can Crash Saudi Banks' VPN With One Packet
15 Apr 2026
Booking.com Breach Fuels Spear-Phishing Against Saudi Bank Employees
14 Apr 2026
Agentic AI: 2026's #1 Cyber Threat and What Saudi Banks Must Do Now
14 Apr 2026
CVE-2026-40175: Axios Gets Hit Twice — North Korean Backdoor Then a 9.9 CVSS Flaw That Hands Attackers Your AWS Keys
14 Apr 2026
CVE-2026-21643: Fortinet FortiClient EMS Pre-Auth SQL Injection — CISA's 72-Hour Deadline and What Saudi Financial CISOs Must Do Before April 16
14 Apr 2026
29 Minutes to Lateral Movement: CrowdStrike's 2026 Threat Report and What It Demands from Saudi Financial SOCs
14 Apr 2026
CPUID Supply Chain Breach: How STX RAT Hijacked CPU-Z & HWMonitor — A Wake-Up Call for Saudi Data Centers
14 Apr 2026
Seven in One Blow: CISA's April 13 KEV Update Targets Exchange, Fortinet & Adobe — Saudi Bank Patch Roadmap
14 Apr 2026
CVE-2026-39987: Marimo's Pre-Auth RCE Was Weaponized in Under 10 Hours — What Saudi AI Analytics Teams Must Do Now
12 Apr 2026
Microsoft Secure Boot Certificates Expire June 26: The 75-Day Countdown Saudi Bank CISOs Cannot Ignore
12 Apr 2026