Edwin Kwan
  • Home
  • Speaker
  • Podcasts
    • Cyber Bites
    • AppSec Unlocked
    • It’s 5:05 Podcast
  • Journal
  • Publications
Select Page

Critical Vulnerability Discovered in W3 Total Cache WordPress Plugin Enabling PHP Command Injection

Nov 18, 2025 | Podcast

https://www.bleepingcomputer.com/news/security/w3-total-cache-wordpress-plugin-vulnerable-to-php-command-injection A critical security flaw has been identified in the popular W3 Total Cache (W3TC) WordPress plugin, which could allow unauthenticated attackers to...

WhatsApp Vulnerability Exposes User Phone Numbers, Enabling Large-Scale Enumeration Attacks

Nov 17, 2025 | Podcast

https://github.com/sbaresearch/whatsapp-census/blob/main/Hey_there_You_are_using_WhatsApp.pdf A recently disclosed vulnerability in the popular messaging app WhatsApp has raised significant security concerns, as it allows attackers to potentially access the phone...

OWASP Unveils AI Vulnerability Scoring System (AIVSS) to Assess AI-Powered Threats

Nov 14, 2025 | Podcast

https://aivss.owasp.org The Open Web Application Security Project (OWASP) has introduced the AI Vulnerability Scoring System (AIVSS), a framework designed to assess the security risks associated with artificial intelligence-powered technologies. The AIVSS aims to...

Malicious NuGet Packages Deployed with Disruptive ‘Time Bomb’ Payloads

Nov 13, 2025 | Podcast

https://socket.dev/blog/9-malicious-nuget-packages-deliver-time-delayed-destructive-payloads Security researchers have uncovered a concerning series of malicious NuGet packages that contain harmful code designed to disrupt and sabotage various applications and...

Swiss Authorities Warn of Phishing Scam Targeting Lost iPhone Owners

Nov 12, 2025 | Podcast

https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2025/wochenrueckblick_44.html The Swiss National Cyber Security Centre (NCSC) is alerting iPhone users to a concerning phishing scam that aims to steal their Apple ID credentials by falsely claiming to have found...

Dangerous runC Vulnerabilities Expose Docker and Kubernetes Containers to Potential Escape Attacks

Nov 11, 2025 | Podcast

https://www.wiz.io/vulnerability-database/cve/cve-2025-31133 Researchers have disclosed three critical vulnerabilities in the runC container runtime, a core component of Docker and Kubernetes, that could allow attackers to break out of the container environment and...
« Older Entries
Next Entries »

Latest Posts

  • Malicious Websites Are Embedding Hidden Instructions to Hijack AI Agents Through Indirect Prompt Injection
  • Microsoft Introduces Smarter Bot Protection in Microsoft Teams Meetings
  • Anthropic to Restore Claude Fable Access After Export Control Suspension
  • Apple’s Hide My Email Service Has Been Leaking Real Email Addresses for Over a Year Despite Being Reported
  • Massive Automated Password Spray Attack Against Microsoft Azure Compromises 78 Accounts Across 64 Organisations

Speaking Events

  • Guest Lecture at UNSW Business School for INFS5907
  • Speaker at Bugcrowd Luncheon
  • Guest Lecture at UNSW
  • Panelist at SecTalks Legends – 2025
  • Keynote Speaker at Sydney AI Security Summit 2025

More Content

  • Articles (26)
  • Podcast (820)
  • Posts (26)
  • Publications (1)
  • Speaking (50)
  • X
  • RSS
Edwin Kwan