SURIQ
Jack of Suriq
Jack of Suriq is the house byline of the Suriq research desk, tracking the security stories that change what practitioners patch, detect, and architect. Plain analysis, no hype.
5 articles by Jack of Suriq
FortiSandbox Under Attack: The Box That Catches Malware Is Now the Way In
Three critical FortiSandbox flaws are under active exploitation, two unauthenticated and one patched a week ago. Why a compromised malware sandbox blinds your
Why we built Suriq on Wazuh instead of writing our own detection engine
Suriq runs on Wazuh because a detection engine is a decade of decoders, CVE feeds, and agents you should never rebuild. Here is the reasoning behind the bet.
Ivanti Sentry's CVE-2026-10520: patch the gateway, then hunt for the breach
Ivanti Sentry CVE-2026-10520 is an unauthenticated root RCE under active attack. CISA's new 3-day patch rule applies; patched gateways were already breached.
PeopleSoft's PSEMHUB zero-day turns the patch service into the breach
CVE-2026-35273 sits in PeopleSoft's Updates Environment Management module. Mandiant ties active exploitation to ShinyHunters, with 100+ orgs already breached.
Velvet Ant's PAM-OpenSSH decade is an auth-stack blind spot, not a Linux bug
Sygnia found nine backdoored pam_unix.so variants and four trojanized OpenSSH binaries on one victim. Why auth-stack integrity is the SIEM-invisible gap.
Ready to meet the Guardians?
Deploys fast - agentless for monitoring and cloud, a lightweight agent for deep endpoint security. Just Suriq, standing watch.