OnSecurity's Latest Articles, News and Industry Tips
Security should be important to everyone. Our blog features articles regarding your business’ security and different aspects to consider.
Discover the top emerging AI security risks in 2026, including AI-driven phishing, autonomous agents, model
Build a proactive cybersecurity culture. Learn how CISOs can drive lasting behavioural change, boost awareness,
Matt Moses leads OnSecurity’s Movember efforts, raising funds and awareness for men’s health through running
Turn penetration test results into action. Follow this step-by-step remediation checklist to fix vulnerabilities and
Learn 9 key cybersecurity metrics boards care about to prove ROI, reduce risk, and align
Discover proven strategies to recognise and prevent phishing attacks, strengthen employee defences, and protect your
Explore the top penetration testing challenges CISOs face in 2025 and how AI-powered continuous pentesting
Learn about LLM prompt injection attacks and exclusive tips and tricks on prompt injection defence
LLM jailbreak guide: examples, attack types, and a practical testing checklist to identify vulnerabilities and
Discover what AI red teaming is, why it’s essential for AI security, and how to
Discover how AI is transforming cybersecurity. Explore how hackers exploit AI, how defenders fight back,
CEO explains his opinion on how AI is transforming cybersecurity. He explores how hackers exploit
Discover essential LLM red teaming techniques to secure AI systems. Learn step-by-step frameworks, attack vectors
Improve DevOps infrastructure security with post-pentest insights. Learn how to turn findings into action and
Explore the current cybersecurity AI arms race between hackers and defenders: how it’s being used,
Learn how Mike Oram, VP of engineering at OnSecurity, taught himself coding, and how to navigate coding in the age of AI.
Explore API pen testing, its benefits, common vulnerabilities, and best practices to strengthen your business’s security posture.
The risks of typosquatting and its implications for online security. Explore cybercriminal tactics, real-world cases, and protective measures for your brand.
Radar by OnSecurity: an advanced tool for threat intelligence. Learn its role in enhancing security, achieving ISO certifications, and prioritising threats
Understanding the importance of cybersecurity for SaaS companies. Explore the awareness of threats and proactive measures to safeguard data and systems.
Discover how we exploited a SSRF vulnerability in a web application to acquire API credentials and access AWS S3 buckets, showcasing cybersecurity risks.
Delve into an overview of 2021’s significant data breaches. Explore the most notable incidents and learn from them for better data security practices.
Discover OnSecurity’s innovative approach to penetration testing. Our client-collaborative efforts have streamlined booking to just 5 minutes for efficiency.
Experience real-time communication with your penetration test testers during the testing process for enhanced collaboration and continuous timely updates.
Look into IT Security through the eyes of a pen-tester. We’ll uncover the inner workings and provide in-depth insights for a comprehensive understanding.
Unveiling the origins of the first PC virus prank. Dive into the history of pioneering cyber mischief and understand the Elk Cloner Virus in OnSecurity’s blog.
What is a penetration test and why should I get one? A penetration test (aka pen-test), is an authorised simulated
Discover effective strategies to streamline and simplify penetration testing. Learn how to alleviate the complexities for a more efficient testing process.
This post explores each of the initial compromise methods for the TryHackMe x HackerOne CTF. Diving into the web security flaws and PHP tricks abused to gain access to the host webserver.
Protecting the data, valuables and account information related to your business has become even more vital as our workplaces have
Apple claims that its Mac computers are well protected by in-built antivirus features, and there is no need to worry about extra security – how true is this?
Delve into OnSecurity’s research on Go’s server-side template injection vulnerabilities, revealing potential for file reads and RCE exploits. Read more now.
Explore the challenge of vulnerabilities exploited before fixes. Learn how to address security gaps and protect against threats in this insightful discussion.
Learn 3 essential steps to enhance your cybersecurity posture, and effectively mitigate emerging zero-day vulnerabilities for comprehensive threat protection.
Here you can discover the history and impact of MyDoom, the fastest spreading and most damaging computer virus to date, on OnSecurity’s informative blog post
Explore the rise of social engineering threats. Understand how individuals are manipulated to divulge sensitive information, passwords, and financial details.
Dive deeper into Spear Phishing, a sophisticated cyber attack targeting specific individuals to gain unauthorized access to confidential data and files.
CVE hunting within open-source applications – invaluable insights for identifying vulnerabilities, ensuring robust security in open-source software.
Learn proactive cyber threat prevention through threat modeling. Discover how to anticipate and mitigate security incidents before they occur with this guide.
Recruitment companies are a prime target for hackers. We go over the main aspects that recruitment companies should be careful of with their CyberSecurity
Phishing, a cyber-crime that targets victims through email, has become the most common form of online attack. Hackers will attempt
Safeguard your inbox against cyber threats. Explore our expert insights on spotting and avoiding phishing attempts to enhance your online security strategy.
7 effective strategies to improve your company’s security. Discover actionable steps to fortify your defences against cyber threats and safeguard your business.
Ready to experience the future of pentesting?
Discover how combining expert insight with automation leads to faster, more precise, and high-impact penetration testing.