Insights
Welcome to the Black Belt Secure cybersecurity blog, your trusted source for the latest cybersecurity insights, news, and best practices in the ever-evolving world of digital security. Here, you’ll find a wealth of information covering everything from emerging threats and vulnerabilities to practical tips and strategies for protecting your business. Our cybersecurity blog is dedicated to empowering individuals and organizations with the knowledge they need to navigate the complex cybersecurity landscape and stay one step ahead of cybercriminals.
Neverending ESXi Security Vulnerabilities for Publicly Exposed Servers
In the ever-evolving landscape of cybersecurity threats, ESXi security vulnerabilities in virtualization platforms like VMware ESXi remain prime targets for attackers—particularly ransomware operators seeking to maximize impact. A recent update from the U.S....
ShinyHunters SSO Attack: Mandiant Reveals How Extortion Group Abuses Single Sign-On
The ShinyHunters SSO attack campaign detailed in Mandiant’s latest report highlights a dangerous evolution in financially motivated cybercrime. Single Sign-On (SSO) has revolutionized how organizations manage access to cloud applications—providing convenience,...
Notepad++ Supply Chain Attack: Chinese State-Sponsored Threat Actors Hijack Update Mechanism
The recent Notepad++ supply chain attack has sent shockwaves through the developer and cybersecurity communities. Notepad++ has long been a staple in the toolkit of developers, system administrators, and security professionals worldwide. Its lightweight design,...
Fortinet CVE-2025-59718 Woes Continue
Fortinet, a leading provider of network security appliances like FortiGate firewalls, is facing renewed challenges as the critical authentication bypass vulnerability Fortinet CVE-2025-59718 continues to plague customers—even on devices thought to be fully patched....
ShinyHunters Okta Attack: Group Resurfaces with Vishing Campaign Targeting SSO Platforms
The ShinyHunters Okta attack has brought the notorious extortion group back into the spotlight, as they resurface with a sophisticated new campaign targeting single sign-on (SSO) platforms—starting prominently with Okta. In a series of recent attacks reported in...
Initial Access Broker Secrets for Sale: A Troubling Sign of Things to Come
In the shadowy underbelly of the cybercrime economy, a new class of threat actor has risen to prominence: the initial access broker. These individuals or groups specialize in breaching corporate networks and then monetizing that foothold by selling ready-made access...
FortiSIEM Vulnerability Comes Under Attack
In the ever-evolving landscape of cybersecurity threats, the FortiSIEM vulnerability has emerged as a major concern, with Fortinet products continuing to attract significant attention from adversaries. The latest example: a critical vulnerability in FortiSIEM,...
Microsoft Spoofed Internal Phishing Surge: Exploits Email Routing Gaps to Mimic Trusted Messages– Don’t Let Misconfigurations Open the Door
Microsoft spoofed internal phishing remains one of the most effective initial access vectors in 2026, and threat actors are getting smarter about making their attacks look legitimate. In early January, Microsoft’s Threat Intelligence team issued a stark warning: a...
Critical n8n Ni8mare Vulnerability (CVE-2026-21858): Unauthenticated Takeover Risk Hits Nearly 60,000 Exposed Instances
The n8n Ni8mare vulnerability has emerged as a critical threat in the rapidly evolving landscape of workflow automation and AI-driven integrations, where tools like n8n have become indispensable for businesses connecting apps, APIs, data pipelines, and even...
Top 5 Real-World AI Security Threats Exposed in 2025
As we step into 2026, the AI security threats exposed in 2025 have proven that vulnerabilities in artificial intelligence are no longer hypothetical—they are actively being exploited by cybercriminals, causing real damage to enterprises worldwide. The rapid adoption...
Top Cybersecurity Resolutions for 2026: Insights from Industry Leaders
As we kick off 2026, the cybersecurity resolutions for 2026 are more critical than ever as the landscape continues to evolve rapidly. With AI integration accelerating, quantum computing threats on the horizon, and persistent challenges like team burnout and identity...
FortiGate 2FA Bypass: 5-Year-Old Vulnerability Still Haunting FortiGate Users
In late December 2025, Fortinet released an updated advisory highlighting ongoing active exploitation of a FortiGate 2FA bypass vulnerability that was originally patched more than five years earlier. Despite the long-available fixes, threat actors continue to...
Co Founder and Vice President
Peter Vavrosky, a cybersecurity expert with over 20 years of experience in infrastructure and network engineering, co-founded Black Belt Secure in 2020, transforming it into one of North Texas’ most acclaimed cybersecurity firms, recognized with multiple national awards. His work securing critical systems and designing tailored solutions for SMBs highlights his commitment to digital safety. As a university educator, Peter also shapes the next generation of cybersecurity professionals, while his speaking engagements across DFW inspire businesses to prioritize robust security. Read Peter’s full profile for more details.
Read More