CyberDesserts

@index.blog.cyberdesserts.com.ap.brid.gy

The Security Practitioner. Serving up bite-sized #Infosec insights and technical deep-dives. 🛡️🍰 Writing at blog.cyberdesserts.com 🌉 bridged from ⁂ https://blog.cyberdesserts.com/, follow @ap.brid.gy to interact

2 followers0 following37 stories

Longform Stories

What is a JA3 Fingerprint? How TLS Client Fingerprinting Works

Recognise the software behind any encrypted connection from its TLS handshake alone. How JA3 fingerprinting works, how to read one, and what a single hash reveals about shared attacker tooling.

May 24·10 min read·1867 words

AndroxGh0st and the limits of TLS fingerprinting

May 2026 The same scanner toolkit AWS attributed to Interlock ransomware in March 2026 also runs AndroxGh0st credential theft and two other cybercrime campaigns in CyberDesserts research, showing TLS…

May 23·15 min read·2931 words

Exposed AWS Credentials Are Used in Under 90 Seconds: Findings from AI Infrastructure Research

Exposed AWS credentials were used against live AWS APIs within 67 seconds of being harvested, faster than CloudTrail delivers the first event to a defender.

May 20·13 min read·2448 words

Is npm Safe? A Practitioner Guide to npm Security in 2026

May 2026 Is npm safe to use in 2026? Yes, but the threat model has shifted. The risk in 2025-2026 is no longer the obvious malicious package, it is the trust-flow exploit: attackers compromise the de…

May 17·16 min read·3195 words

Inside the Scanners Hunting Exposed AI Infrastructure: 72 Hours of Findings

460 source IPs, 11,643 requests, 72 hours. The AI-aware operators in the data enumerated; the exploitation observed targeted credentials, not AI capabilities.

May 14·25 min read·4912 words

Cybersecurity Compliance Career Guide 2026

May 2026 Most career advice treats compliance as the boring corner of cybersecurity. Twenty years working with enterprise security teams has taught me the opposite. The compliance and framework spec…

May 14·25 min read·4909 words

Is Cybersecurity a Good Career in 2026? The Honest Reality

May 2026 Cybersecurity is still a good career in 2026 but the market is far more uneven than most career guides admit. Demand for experienced cybersecurity professionals remains extremely high. Acco…

May 3·1 min read·83 words

Claude Mythos Preview: Project Glasswing Solves One Problem. Here Are the Other Two

April 2026 On 7 April 2026, Anthropic announced that Claude Mythos Preview had autonomously found thousands of zero-day vulnerabilities across every major operating system and web browser. The respon…

Apr 14·1 min read·86 words

Scattered Spider: The Attack Chain, Hard Lessons, and What Comes Next

April 2026 Scattered Spider is a financially motivated cybercrime collective responsible for some of the most disruptive attacks in recent British and American corporate history. The group (tracked u…

Apr 8·1 min read·84 words

Axios NPM Supply Chain Attack (2026): What Happened and What to Do

On March 31, 2026, two malicious versions of the axios npm package were published using a compromised maintainer account. The affected versions, axios@1.14.1 and axios@0.30.4, introduced a hidden depe…

Apr 7·1 min read·87 words

Information Security Metrics for Executives: How to Report Cyber Risk to the Board

April 2026 The gap between how security teams measure their work and how boards evaluate organisational risk is not a presentation problem. It is a structural failure with measurable consequences. I…

Apr 5·1 min read·82 words

Anthropic Cuts OpenClaw Off Claude Subscriptions And It's Just the Start

Last updated: 5 April 2026 | What's changed: Initial publication covering April 4 enforcement. Get updates like this delivered to your inbox. Subscribe to CyberDesserts for practical security insight…

Apr 4·1 min read·90 words

Cybersecurity Career Report: April 2026

CyberDesserts | blog.cyberdesserts.com | April 2026 The cybersecurity skills shortage in 2026 is not a headcount problem. It is a skills-matching problem, and that distinction changes which career pa…

Apr 2·1 min read·83 words

What Censys's OpenClaw Count Reveals That February's Headlines Did Not

31st March 2026 OpenClaw's internet-facing exposure has fallen sharply since the February 2026 peak. Public scrutiny, repeated security warnings, and operational changes by some operators appear to h…

Mar 31·1 min read·86 words

Best Cybersecurity Books for 2026

Last updated: April 2026 Most cybersecurity book lists are generic. This one is different. Every recommendation here is either used in practice or recommended by professionals who rely on it daily. …

Mar 30·1 min read·89 words

Your Father Spent His Life Savings on Claude Code and We Shipped Nothing

March 2026 On AI slop, borrowed thinking, and the skills that matter when everyone has the same tools. The meme everyone is laughing at is also the most accurate professional warning of 2026. "Your…

Mar 27·1 min read·103 words

Cybersecurity Career Guide (2026)

Updated April 2026 A practical roadmap from zero to job-ready in cybersecurity. This guide breaks down what to learn, how to build real skills, and how to position yourself for roles like SOC analys…

Mar 27·1 min read·86 words

How to Use UK Government Cybersecurity Resources to Advance Your Security Career

March 2026 LinkedIn Post Copy Link UK government cybersecurity resources are the most underused career asset in the profession. While the government spends millions on national se…

Mar 23·1 min read·86 words

Why Ransomware Groups Are Targeting Firewalls and VPN Appliances

Updated March 2026: Analysis of the Interlock ransomware campaign exploiting a zero-day in Cisco Secure Firewall Management Center, based on Amazon threat intelligence published March 18, 2026. …

Mar 18·1 min read·74 words

Microsoft Intune Security: Hardening Privileged Access

Updated March 2026: Based on the Stryker incident and Microsoft's official hardening guidance published 13 March 2026. LinkedIn Post Copy Link Attackers do not need malware to wip…

Mar 16·1 min read·79 words

What SOC Hiring Managers Test For In Interviews

SOC hiring managers reveal what actually gets analysts hired: soft skills rank above technical ones, MITRE ATT&CK fluency is the X-factor, and AI is raising the bar without replacing the role.

Mar 14·1 min read·39 words

The Dead Internet Is a Security Problem: What Digg's Collapse Teaches Us

Published March 2026 Digg launched in January 2026 to challenge the idea that the internet is full of bots, by building a platform that stops them. By March 2026, the team announced significant layof…

Mar 13·1 min read·92 words

Can You Use AI for Security Work Without the Cloud?

This article draws on three months of production experience building the CyberDesserts Security Assistant, a RAG-based AI system trained on 67,900 documents from 30 curated security sources. The findi…

Mar 13·1 min read·86 words

Will AI Replace SOC Analysts?

March 2026 LinkedIn Post Copy Link Large language models cannot yet be trusted to make autonomous security decisions. That is not a controversial position. It is the engineering c…

Mar 12·1 min read·78 words

Best Blue Team Cybersecurity Books to Read in 2026

A first-year student asked me what to read for blue team. The answer surprised them, not because the list was long, but because it was short. Get practical security reads delivered to your inbox. Sub…

Mar 9·1 min read·90 words

Being Authentic in the Age of AI

Guest post by Keith Beech, Director - Proactive Communications The single most effective way to stand out in an AI-saturated content landscape is to ground everything you publish in lived experience …

Mar 2·1 min read·86 words

AI Agent Security Risks in 2026: The Incident Landscape and Hardening Framework

In February 2026, the supply chain threat model arrived in AI agent infrastructure all at once. The Model Context Protocol is the connective tissue across every major incident. Here's what practitione…

Mar 1·22 min read·4346 words

How the UK Government Slashed Cyber Fix Times by 84%

Published March 2026 The UK government has slashed cyber vulnerability fix times by 84%. Through a new nationwide scanning service, the median time to remediate DNS vulnerabilities has plummeted from…

Mar 1·1 min read·84 words

Free Cybersecurity Training: Resources by Career Path

You can break into cybersecurity without a degree using free and low-cost training resources. This is not wishful thinking. One in three cybersecurity roles are now filled without a traditional degree…

Feb 28·1 min read·83 words

Cybersecurity Graduate Guide: From Degree to First Job

Cybersecurity graduates can bridge the gap between degree and first job by building hands-on skills in four areas most programmes underserve: networking fundamentals, cloud security, governance framew…

Feb 28·1 min read·77 words

Does Cybersecurity Require Coding? A Practitioner's Take

March 2026 Most cybersecurity roles do not require coding. Roughly 30-40% of positions need little to no programming knowledge (CyberSeek), and information security analyst roles are projected to gro…

Feb 27·1 min read·84 words

Cybersecurity Threat Landscape Report: February 2026

Phishing was used by 200+ tracked threat entities, making it the single most common initial access vector across our intelligence dataset. In the first two months of 2026, ransomware groups have alrea…

Feb 20·1 min read·89 words

Cybersecurity Career Report: February 2026

LinkedIn Post Copy Link See the April 2026 Report for spotlight on DevSecOps The global cybersecurity workforce gap has hit 4.8 million unfilled positions (ISC2, 2025). Two out of…

Feb 20·1 min read·79 words

Two Notepad Attacks in One Week: Your Tools Are the Target

Software supply chain attacks more than doubled in 2025, with developer workstations identified as high-value targets across multiple industry reports (ReversingLabs, 2026). In the first two weeks of …

Feb 12·1 min read·83 words

OpenClaw Security Risks: Malicious Skills, Exposed Instances and Real Exploits

Latest updates (March 2026): NemoClaw announced, CVE count now 60+, and independent analysis using Censys identified 63,070 live instances alongside new critical disclosures. OpenClaw is an open-sour…

Feb 5·24 min read·4799 words

Notepad++ Compromised for 6 Months: Check Your Version Now

Updated May 2026 Notepad++ update servers were compromised from June through December 2025 by a Chinese state-sponsored threat group. The attackers hijacked the hosting infrastructure to deliver cust…

Feb 4·6 min read·1142 words

10 Cybersecurity Best Practices That Prevent Breaches

Sixty percent of breaches still involve human actions (Verizon DBIR, 2025). Organisations know they should train employees, enforce MFA, and patch systems. Most have policies that say exactly that. T…

Feb 1·1 min read·86 words