CIL Security Advisory

pac4j-jwt Vulnerability: Could Allow Authentication Bypass

In modern web applications, JSON Web Tokens (JWTs) act like digital passports. They tell the server who you are and…

Critical Patch Management: Closing the Door on Exploits

Unpatched software remains one of the leading causes of enterprise breaches in 2026. Attackers no longer rely solely on zero-day…

Device Code Phishing: Abusing Legitimate Microsoft 365 Authentication

In device code phishing, threat actors exploit the device code authentication flow to capture authentication tokens, which they then use…

Reynolds Ransomware: Disables Security Before Encrypting Data

Reynolds is a ransomware threat identified in early 2026. Its key capability is disabling security tools before encrypting files.

Living off the Land (LotL) Attacks

Living off the Land (LotL) attacks occur when threat actors misuse legitimate tools already present within a system to perform…

IDOR Vulnerability: A Digit Between Privacy and Exposure

Insecure Direct Object Reference (IDOR) occurs when an application uses a "direct reference" to an internal object (like a database…

TOAD Attacks: Weaponising Legitimate Zoom Infrastructure

Imagine receiving a meeting invitation from a legitimate @zoom.us email address that turns out to be a phishing invitation. This…

Phishing Alert: Are Your Employees Ready for the Most Common Attack?

Phishing remains the #1 cyberattack method worldwide. Criminals impersonate trusted brands, colleagues, or executives to trick employees into clicking malicious…

Distributed Denial of Service (DDoS): When Traffic Becomes a Weapon

A Distributed Denial of Service (DDoS) attack is a direct assault on availability, designed to overwhelm a target’s resources—bandwidth, processing…