Flashing Your Lights: CVE-2025-7202

A CSRF vulnerability in Elgato Key Lights let websites flash your lights remotely. Here’s how CVE-2025-7202 was discovered and fixed.

Leaking Secrets with AI: The Hidden Risks of ChatGPT’s Share Feature

Learn how ChatGPT’s ‘Share’ feature can accidentally expose sensitive data to Google. Discover hidden risks and how to protect your AI conversations.

When Metadata Goes Rogue: Lessons from the Tea App Breach

The Tea app breach exposed thousands of user selfies with sensitive location metadata, revealing key lessons on protecting privacy by stripping metadata from uploads.

How a Toreon ski-trip led to a CVE in MikroTik’s Wi-Fi Hotspot

During Toreon’s annual ski trip, Robbe opted out of skiing and hiking to explore the hotel’s Wi-Fi login page for security flaws. While others hit…

Threat Modeling Insider – June 2025

The latest Threat Modeling Insider features a guest article on securing AI Agents, a framework to maximize ROI and minimize risk.

Mind the Gap: STRIDE-AI – Your Clear Path to Understanding AI Vulnerabilities

We’re excited to launch STRIDE-AI, our enhanced methodology for comprehensive AI threat modeling, along with our new 3-day AI threat modeling training.

Toreon authorized by the CVE as a CVE Numbering Authority

Toreon is now an official CVE Numbering Authority (CNA), enabling formal disclosure of security vulnerabilities. This strengthens Toreon’s leadership in product and AI security, helping…

Threat Modeling Insider – May 2025

The latest Threat Modeling Insider features a guest article on how security champions drive threat modeling at scale by Stanley Harris.

LLN Press Release

Toreon opens an office in Louvain-La-Neuve.

Security Leader Insider – May 2025

In this issue, we feature a guest article by Nathalie Claes, showcasing that cybersecurity starts with you, not just IT.

Start typing and press Enter to search

Shopping Cart