top of page
Search


Jenkins Plugin Vulnerabilities: Critical Security Risks in OpenID, Health Advisor, and More – May 2025 Advisory
On May 14, 2025, Jenkins published a security advisory highlighting multiple vulnerabilities in various Jenkins plugins. These...

Nox90 Engineering
2 minutes ago4 min read
0 views
0 comments


Enhancing MCP Security: Combating Insecure Credential Storage Vulnerabilities
Insecure Credential Storage in MCP: A Practical Guide to Fixing the Problem Insecure credential storage in Model Context Protocol (MCP) ...

Nox90 Engineering
May 53 min read
1 view
0 comments


Critical Deserialization Vulnerability (CVE-2025-23254) in NVIDIA TensorRT-LLM: Upgrade to Secure Your Systems Now
Overview: CVE-2025-23254 is a high-severity vulnerability identified in NVIDIA's TensorRT-LLM framework. This security flaw primarily...

Nox90 Engineering
May 42 min read
0 views
0 comments


Universal LLM Jailbreak Exposes ChatGPT, Gemini, Claude, and More: Policy Puppetry Attack and Security Implications
Universal LLM Jailbreak: The Policy Puppetry Attack and Its Security Implications By Nox90 Senior Technology Analyst, June 2025 Executive...

Nox90 Engineering
Apr 278 min read
58 views
0 comments


OWASP GenAI Security Project: A Comprehensive Technical Analysis of LLM Vulnerabilities, Innovations, and Cybersecurity Impacts
The OWASP GenAI Security Project: Technical Analysis, Innovations, and Cybersecurity Implications By the Nox90 Technology Research Team...

Nox90 Engineering
Apr 2710 min read
0 views
0 comments


Critical Path Traversal Vulnerability in AnythingLLM (CVE-2024-13059) Allows Arbitrary File Write and Remote Code Execution
Nox90 Application Security Report: CVE-2024-13059 (AnythingLLM Path Traversal Vulnerability) Executive Summary CVE-2024-13059 is a...

Nox90 Engineering
Apr 203 min read
0 views
0 comments


Securing the Future: The Critical Role of the Secure Development Lifecycle (SDLC) in Artificial Intelligence
Executive Summary Artificial Intelligence (AI) systems are transforming critical sectors such as healthcare, finance, education, and...

Nox90 Engineering
Apr 205 min read
0 views
0 comments


AWS Security Reference Architecture for Generative AI: A Detailed Examination
Executive Summary The rapid adoption of generative AI technologies has necessitated a focus on securing these complex workloads. AWS has...

Nox90 Engineering
Apr 193 min read
2 views
0 comments


Why CISOs Struggle with Application Security and How to Align R&D Teams
Bridging the Gap Between Security and Development: A Comprehensive Guide Introduction: The Security-Development Dilemma Imagine this...
gd2285
Apr 153 min read
2 views
0 comments


AI-Powered Investment Scams Ruin COINBLACK – WENDMINE, Stealing $20 Million
Detailed Analysis Report: AI-Powered Investment Scams Leading to $20 Million Theft Introduction In a recent operation dubbed "COINBLACK –...

Nox90 Engineering
Apr 82 min read
1 view
0 comments


How to Cut Through Tool Sprawl and Build a Cohesive AppSec Strategy
Let’s start with a moment of brutal honesty: if you walked over to your DevSecOps lead right now and asked, “How many security tools are...

Nox90 Engineering
Apr 74 min read
7 views
0 comments


Gennomis Data Leak: Exposing Underage Deepfake Concerns and AI Misuse
Detailed Analysis Report on Gennomis Exposure of Underage Deepfakes Introduction Recently, a significant data leak from the AI image...

Nox90 Engineering
Apr 52 min read
31 views
0 comments


GitHub Actions Supply Chain Attack: CI/CD Security Breach in tj-actions/changed-files
Detailed Report on GitHub Action Compromise Impacting CI/CD Security Executive Summary In March 2025, a significant supply chain attack...

Nox90 Engineering
Apr 52 min read
0 views
0 comments


Critical Analysis of the Storm-2372 Device Code Phishing Campaign Targeting Microsoft Authentication Systems
Storm-2372 Device Code Phishing Campaign: A Critical Analysis Executive Summary Storm-2372, a threat actor with suspected ties to Russian...

Nox90 Engineering
Apr 13 min read
3 views
0 comments


The Hidden Cost of Application Security Failures: A Guide for R&D Leaders
You’re Delivering Fast, But at What Cost? Deadlines are looming. Features need shipping. Your team is pushing code to production at...
gd2285
Mar 163 min read
4 views
0 comments


Access Control
Security is a top priority in the modern world, and for good reason. With data breaches becoming increasingly frequent, organizations...
Nox90
Dec 5, 20235 min read
45 views
1 comment


PCI DSS v4.0 - Updates You Need To Know
Digital payment technology is an incredibly valuable asset to society. It gives people the luxuries of sending money, paying others, and...
Nox90
Nov 5, 20234 min read
37 views
0 comments


AI-Driven - Predictive Analysis
Recent research shows that the average cost of a cyber breach in 2022 was $4.35M. It is predicted that cybercrime is expected to rise to...
Nox90
Sep 26, 20234 min read
31 views
0 comments


Understanding AppSec
Application Security, often abbreviated as AppSec. As we embark on this journey to understand its intricacies, we must first grasp its...
Nox90
Sep 10, 20234 min read
22 views
0 comments


Safety by Design: Best Practices in IaC Security.
The dawn of the cloud era has been nothing short of a revolution, changing the landscape of how businesses conceive, design, and manage...
Nox90
Aug 9, 20237 min read
24 views
0 comments
bottom of page