Tech Skills

Cybersecurity

Ethical hacking, penetration testing, network security, CTFs and defensive security

18,359
lessons
Skills in this topic
View full skill map →
Security Basics
beginner
Fix OWASP top 10 vulnerabilities
AI Security
intermediate
Identify and patch prompt injection vulnerabilities
Network Security
intermediate
Configure a firewall with proper inbound/outbound rules
Ethical Hacking & Pen Testing
intermediate
Conduct a full pen test with Kali Linux
Cloud Security
intermediate
Implement IAM least-privilege policies on AWS/GCP
Incident Response
intermediate
Build an incident response playbook
Security Compliance
intermediate
Map controls for SOC 2 Type II compliance
Defensive AI
advanced
Build an AI-powered log anomaly detector
All Reads (11,447) Articles (5712)Blog Posts (4416)Tutorials (424)Research Papers (37)News (858)
App Safety Red Flags: Warning Signs Users Shouldn’t Ignore
Forbes Innovation 🔐 Cybersecurity ⚡ AI Lesson 2w ago
App Safety Red Flags: Warning Signs Users Shouldn’t Ignore
A polished interface, strong rating or confident privacy claim can make an app look trustworthy, but those signals don’t always tell the full story.
IPVanish handed the FBI its user logs. The user had no idea.
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
IPVanish handed the FBI its user logs. The user had no idea.
In 2016, a VPN provider called IPVanish delivered detailed connection logs to federal investigators — timestamps, IP addresses, session… Continue reading on Med
My 14-Year-Old MacBook Still Works. Why Does Software Decide When Hardware Dies?
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
My 14-Year-Old MacBook Still Works. Why Does Software Decide When Hardware Dies?
A decade-old MacBook Pro reveals an uncomfortable truth: devices often become obsolete not because they stop working, but because software… Continue reading on
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Mailing list for cves on random products I use?
Is there any way to basucally add a list of relatively obscure software (eg browser extensions) and be informed if a cve is exposed? I have a few browser extens
Using Football Passwords Is A Huge Own Goal
Forbes Innovation 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Using Football Passwords Is A Huge Own Goal
Passwords containing football player or club names can be cracked in milliseconds, warn security researchers.
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
ShapedPlugin supply-chain attack backdoored Pro plugin updates, stealing credentials and 2FA secrets
Attackers backdoored ShapedPlugin Pro updates, deploying malware that steals credentials, 2FA secrets, and grants full site access. https://securityaffairs.com/
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
BBC News: How 100 hospitals switched to pen and paper to defeat a national cyber-attack. New 10 min youtube doc about the massive hack that Romania coped with surprisingly well:
https://www.youtube.com/watch?v=WxY6aLRVgcI&t=204s submitted by /u/tides977 [link] <a href="https://www.reddit.com/r/cybersecurity/comments/1udc9ss/bbc_news
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Healthcare Data Security Under Pressure as Xsolis Breach Impacts 1.4 Million Individuals
The healthcare sector continues to face growing cybersecurity challenges as another large-scale data breach highlights the risks… Continue reading on Medium »
Intent Doesn’t Lie. How TIKOS® Stopped Every Prompt Injection
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Intent Doesn’t Lie. How TIKOS® Stopped Every Prompt Injection
How TIKOS® Stopped Every Prompt Injection In A Critical System Analysing LLM Internals. Continue reading on Tikos Tech »
Why Weak Passwords Still Win: Lessons from a Hydra Brute-Force Exercise
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Why Weak Passwords Still Win: Lessons from a Hydra Brute-Force Exercise
Cybersecurity is one of those fields where reading about attacks and actually performing them in a controlled environment are two… Continue reading on Medium »
The Hackers Hiding Their Commands in the Internet’s Phone Book
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
The Hackers Hiding Their Commands in the Internet’s Phone Book
A new backdoor called Dohdoor doesn’t connect to a suspicious server. Continue reading on Medium »
How to get a VPN free trial: Test risk-free before you buy
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
How to get a VPN free trial: Test risk-free before you buy
Want to test a VPN before paying? Learn how to get a free VPN trial, what to look for, and which providers offer the best free trials. Continue reading on Mediu
Who Caught Whom?
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Who Caught Whom?
On the morning of one of the blessed Fridays, I received a high-severity alert on the SIEM (Security Information and Event Management)… Continue reading on Medi
Reddit r/cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Are open source EDRs any good?
Asking as a freelancer looking to offer monitoring services to clients. One of the things I want to do is be able to offer clients an EDR solution so I can moni
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
From Isolated Indicators to Campaign-Level Scam Intelligence
Most scam response still begins with isolated indicators: a suspicious URL, a phone number, a fake profile, a screenshot, a… Continue reading on Medium »
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Top 10 Cybersecurity Best Practices Every Company Should Follow
Meta Title: Top 10 Cybersecurity Best Practices Every Company Should Follow Continue reading on Medium »
Build a Tiny Container Without Docker: Understanding Containers From First Principles (P3)
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Build a Tiny Container Without Docker: Understanding Containers From First Principles (P3)
A beginner-friendly but deep dive into building a mini Linux container using namespaces + cgroups Continue reading on Medium »
Are SQL Injection Vulnerabilities Absolete ?
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Are SQL Injection Vulnerabilities Absolete ?
SQL injection are genuinely one of those vulnerabilities that people keep predicting will die out — and it keeps refusing to. Bug bounty… Continue reading on Me
Goodbye Crypto: Discover the Most Painful Cases of Lost Private Keys
Hackernoon 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Goodbye Crypto: Discover the Most Painful Cases of Lost Private Keys
Lost hard drives, forgotten passwords, fires, and secrets gone forever. These real crypto stories show how fortunes vanish. Take a look before it happens to you
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Beyond the Quantum Horizon: How I Built a Live ML-KEM Visualizer with Node.js
Think quantum-proofing your applications requires a Ph.D. in advanced lattice mathematics? Think again. Continue reading on Medium »
I Looked at My LinkedIn Profile Like a Hacker. What I Found Scared Me.
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
I Looked at My LinkedIn Profile Like a Hacker. What I Found Scared Me.
You spent hours perfecting your LinkedIn profile. So did the attacker who’s planning to use it against you. Continue reading on Medium »
MobileHackingLabs — Document Viewer writeup
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
MobileHackingLabs — Document Viewer writeup
This one was honestly very engaging. It was the most technically involving lab involving using a path traversal vulnerability to override… Continue reading on M
Reddit r/devops 🔐 Cybersecurity ⚡ AI Lesson 2w ago
I'm looking for AWS Security Trainings
Which one would you recommend? My boss told us last month we can get a professor led training. The virtual doesn't work for me as I am always pulled into debugg
The Predatory Use of CAPTCHA Fraud
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
The Predatory Use of CAPTCHA Fraud
A guide to recognizing fake verification methods and practical steps for securing your device Continue reading on IT Chronicles »
User ID Controlled By Request Parameter With Data Leakage In Redirect
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
User ID Controlled By Request Parameter With Data Leakage In Redirect
Access Control Vulnerabilities — APPRENTICE Continue reading on Medium »
Day 42: You Don’t Need Any Other Linux Firewall Tutorial After This
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Day 42: You Don’t Need Any Other Linux Firewall Tutorial After This
Learn Firewalls in Linux from Scratch with iptables, firewalld, UFW, nftables, and More Continue reading on Medium »
Cloud Security Lab Write-Up: SNS Secrets (CloudGoat Scenario)
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Cloud Security Lab Write-Up: SNS Secrets (CloudGoat Scenario)
I recently completed the CloudGoat sns_secrets scenario, a deliberately vulnerable AWS environment designed to simulate real-world cloud… Continue reading on Me
What Your GitHub Tells Me Before Your Interview Starts
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
What Your GitHub Tells Me Before Your Interview Starts
There is a link on a lot of cybersecurity resumes that nobody thinks twice about. A GitHub link, sitting right under the name, added… Continue reading on Medium
IOS Bypass Root detection in 1.3.10 safe_device package
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
IOS Bypass Root detection in 1.3.10 safe_device package
In this article, we will explore how the following package works: Continue reading on Medium »
WordPress Plugin Security in 2026: The AI Reality
Medium · LLM 🔐 Cybersecurity ⚡ AI Lesson 2w ago
WordPress Plugin Security in 2026: The AI Reality
Vibe-coded plugins, a 5-hour mass-exploitation window, 52% of devs patching too late. What a solo WordPress plugin author changed in 2026. Continue reading on M
Business Logic Vulnerabilities: 15 Test Cases Every Bug Bounty Hunter Needs to Know
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Business Logic Vulnerabilities: 15 Test Cases Every Bug Bounty Hunter Needs to Know
I was testing an e-commerce application last year. Continue reading on OSINT Team »
How to Stop AI Bots in 2026 (Using Behavioral Intent)
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
How to Stop AI Bots in 2026 (Using Behavioral Intent)
Your Firewall Can’t Read Minds. But Your Security Stack Should Continue reading on OSINT Team »
Your Browser Trusts Websites More Than It Should
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Your Browser Trusts Websites More Than It Should
The simple logic behind CORS Misconfiguration, how I test for it, and why it is one of the easiest bugs to find Continue reading on OSINT Team »
Stealing a $500 Gift Card With Nothing But a Timestamp
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Stealing a $500 Gift Card With Nothing But a Timestamp
The code was never random, and the seed was on your screen Continue reading on Medium »
Attackers Are Exploiting Vulnerabilities 7 Days Before the Patch Exists. Now What?
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Attackers Are Exploiting Vulnerabilities 7 Days Before the Patch Exists. Now What?
How the collapse of the patch window changes everything, and what security teams should do about it. Continue reading on Medium »
Medium · Python 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Spotting Security Vulnerabilities (Because making it “just work” isn’t enough)
Now that my degree is officially done and I’m focusing heavily on my AI-ML classes, I’ve been looking back at the code I wrote over the… Continue reading on Med
The Day Quantum Computers Break Modern Encryption
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
The Day Quantum Computers Break Modern Encryption
A few weeks ago, I was reading about quantum computing when I came across something that genuinely surprised me. Continue reading on Medium »
Lab: Basic password reset poisoning — PortSwigger Web Security Academy
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Lab: Basic password reset poisoning — PortSwigger Web Security Academy
This lab is vulnerable to password reset poisoning. The application has a password reset feature that sends an email containing a reset… Continue reading on Med
Unlocking the Flag Vault: A Complete TryHackMe Reverse Engineering Walkthrough
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Unlocking the Flag Vault: A Complete TryHackMe Reverse Engineering Walkthrough
Hey everyone!  In this challenge, Flag Vault, we’ll analyze the target binary, uncover its hidden logic, and retrieve the flag using… Continue reading on Mediu
Chaos Theory: What Jurassic Park Teaches Us About Modern Insider Risk
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Chaos Theory: What Jurassic Park Teaches Us About Modern Insider Risk
Take a walk with me through the lush jungle landscape of Isla Nublar. Through deep emerald-green ferns that brush past your arms as you… Continue reading on Ber
TechRepublic 🔐 Cybersecurity ⚡ AI Lesson 2w ago
New Apple Exploit Exposes Millions of iPhones Worldwide, No Software Fix Available
Researchers disclosed usbliter8, a SecureROM exploit affecting older Apple devices that can bypass boot protections with physical access. The post New Apple Exp
The Hackers Hiding Their Commands in the Internet’s Phone Book
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
The Hackers Hiding Their Commands in the Internet’s Phone Book
A new backdoor called Dohdoor doesn’t connect directly to a suspicious server. Continue reading on Medium »
Zero Trust Security: A Simple Guide to Modern Cyber Defense
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Zero Trust Security: A Simple Guide to Modern Cyber Defense
How to Protect Your Company and Applications in Today’s Digital AI-World Continue reading on Medium »
Level Up Your Network Security: WatchGuard Firebox vs FortiGate for South African SMEs in 2026
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Level Up Your Network Security: WatchGuard Firebox vs FortiGate for South African SMEs in 2026
At Shinray Digital, we love seeing local businesses thrive. As an all-in-one partner supplying top-tier IT services, software, hardware… Continue reading on Med
From Hex to Hierarchy: How Smart Cards Organize Data Using TLV USING ISO/IEC 7816
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
From Hex to Hierarchy: How Smart Cards Organize Data Using TLV USING ISO/IEC 7816
The Invisible Language Inside Your Chip Card Continue reading on Medium »
Looking Glass (THM) Tryhackme Medium Challenge
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Looking Glass (THM) Tryhackme Medium Challenge
Description : Step through the looking glass. A sequel to the Wonderland challenge room. Continue reading on Medium »
The Computer Virus That Accidentally Shut Down the Internet
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
The Computer Virus That Accidentally Shut Down the Internet
裂 One programming mistake infected thousands of computers and changed cybersecurity forever. Continue reading on Medium »
Investigating a Potentially Unwanted Program (PUP) Using Velociraptor (DFIR Lab)
Medium · Cybersecurity 🔐 Cybersecurity ⚡ AI Lesson 2w ago
Investigating a Potentially Unwanted Program (PUP) Using Velociraptor (DFIR Lab)
This project demonstrates a basic Digital Forensics and Incident Response (DFIR) workflow using Velociraptor, where a Windows 10 endpoint… Continue reading on M