A few months ago, up to 6 million customers were affected through a third-party data breach — reportedly linked to Scattered Spider, a group notorious for social engineering and supply chain attacks. 🔍 The takeaway? The weakest link often lies outside the organization. ✈️ At RELIANOID, we helped air..

A major AWS outage disrupted high-profile services like Amazon, Snapchat, and Disney+, affecting over 70 AWS services and causing widespread operational issues.

GitHub rolled out theMCP Registry—a hub for findingModel Context Protocol (MCP) serverswithout hunting through scattered corners of the internet. No more siloed lists or mystery URLs. It's all in one place now. The goal? Cleaner access to AI agent tools, plus a path towardself-publishing, thanks to ..

Last February, CVE-2024-26141 punched a nasty hole inRack's Range header parsing. All versions since 1.3.0 are exposed. The bug let attackers blow up memory usage and responses—classic denial-of-service—just by crafting bloated Range headers. The trick? Custom file download handlers. They skip the u..

A stateful browser agent using self-healing DOM maps is now available. Users describe tasks, Agent4 performs them, creates reusable workflows from interactions, and executes instantly on subsequent requests. Under the hood, it checks for known maps in a vector DB, patches them if needed, and self-he..

Wiz dug up 550+ leaked secrets buried in 500+ public VSCode extensions—including 130+ live access tokens forVSCode MarketplaceandOpenVSX. That’s a wide-open door to supply chain attacks through auto-updates. Microsoft reacted fast: dumped the breached tokens, rolled outpre-publish secret scanning, a..

UnpatchedSharePoint flaws(CVE-2025-53770, CVE-2025-49704) cracked open theKansas City National Security Campusin July. IT systems tied to 80% of U.S. non-nuclear weapons parts got compromised. Attackers—likely state-backed, Russian or Chinese—moved fast, hitting the zero-day RCE and spoofing bugs ju..