SURIQ
Noam Alum
Noam Alum is a Senior Platform Engineer specializing in developer infrastructure, release engineering, and cyber platform resilience. He designs and builds the platforms that power software delivery, infrastructure automation, and disaster recovery at Suriq. His work spans software supply chain management, internal developer platforms, and operational resilience, helping Suriq deliver secure, scalable, and maintainable solutions.
5 articles by Noam Alum
Three requests, no password, a webshell: the JCE flaw hitting Joomla hosts now
Unauthenticated RCE (CVSS 10, CVE-2026-48907) in JCE, the most-installed Joomla editor. KEV-listed and exploited. Patch to 2.9.99.6 and hunt for webshells.
A Linux backdoor moved into the Windows kernel, and the detection window closes at driver load
SprySOCKS, a China-nexus Linux backdoor, now ships a Windows kernel-driver variant that hides itself from the host. Here is where defenders can still catch it.
LiteSpeed's cPanel plugin gave shared-hosting tenants root twice in 2026. CageFS didn't help.
CVE-2026-54420 and CVE-2026-48172 let shared-hosting tenants reach root through the LiteSpeed cPanel plugin. Why CageFS isolation failed and what to patch now.
Awesome Motive's WordPress CDN backdoor only fired for logged-in admins. Your scanner missed it.
OptinMonster, TrustPulse and PushEngage served a backdoor that ran only for logged-in WordPress admins, evading visitor scanners. How to scope and hunt it.
SearchLeak in Microsoft 365 Copilot: prompt injection as a new door to old bugs
SearchLeak chained prompt injection, an HTML render race, and Bing SSRF to steal Microsoft 365 Copilot data in one click. What it means for detection.
Ready to meet the Guardians?
Deploys fast - agentless for monitoring and cloud, a lightweight agent for deep endpoint security. Just Suriq, standing watch.