👉 Episode 4: Cursor IDE Arbitrary Data Exfiltration via Mermaid (CVE-2025-54132) 🏴‍☠️

This guide explores: ✅ Emerging antenna-for-hire threats ✅ Remote rogue AP deployments ✅ OT, IoT, and physical airspace risks you won’t see in traditional network maps Thanks to @vanhoefm for inspiring the @AirEyeSecurity team to work on that threat modelling.

🚨 The AirEye research team has just published our 2025 Wireless Airspace Threat Modeling guide. In an era where any Wi-Fi attack can now be a remote attack, understanding and securing your wireless airspace has never been more critical. https://t.co/T9O2tDAr0D

.@Volexity’s latest blog post describes in detail how a Russian APT used a new attack technique, the “Nearest Neighbor Attack”, to leverage Wi-Fi networks in close proximity to the intended target, while the attacker was halfway around the world. https://t.co/R3aKyrjVYR #dfir

1/Hack thy neighbor!🧵 There is a bigger lesson here: We often dismiss (e.g. lower CVSS) attack vectors that require proximity. However, in many cases the required attack stimulus can be generated via a hacked nearby system, making it remote! CC:@thegrugq @RGB_Lights @ImposeCost

Wow, an adversary first compromised a neighbor of the target, and then attacked the target over Wi-Fi (with stolen password). This is the first observed case of the #AntennaForHire attack that @AirEyeSecurity hypothesized. Remember: any Wi-Fi attack can now be a remote attack

For all of the #cybersecurity guys out there, do you agree?

https://t.co/xtudrsvepF

2/2 OTA attacks can be exploited remotely – without actually physically being in the network airspace. Here's how: https://t.co/FV1qCzyz66 #NACP #cybercrime #cyberattack #networksecurity

1/2 Recently passengers of a flight from Israel to Turkey received on their mobile phones pictures of airplane crashes, causing fright and leading the pilot to return to the terminal. While the offenders in the airplane case were on the airplane, it’s important to note that...

We like it secured. #nacp #aireye @AirEyeSecurity

and links to the AirEye blog explaining how we can help to protect the organization's network airspace. #cybersecurity #security #hacking #cyberdefense #securityawareness #cyberwarfare #cyberattack #phishing

Thanks to @nytimes for publishing this article describing the @NSACyber and @POTUS administration's warnings on Wi-Fi security. Our CTO, @amichaishulman was quoted on today's Wi-Fi vulnerabilities. https://t.co/K7gHK8mTDv

Where there’s smoke there’s fire. When I assessed the Apple SSID vulnerability almost a month ago, I warned that it could possibly be used for more than just a prank. Our amazing colleagues from ZecOps just proved that it can be used for Remote Code Execution!!

Forbes describes the latest finding of our CTO, @amichaishulman , iOS and macOS security WiFi Vulnerabilities that can have an impact on your network and device security. https://t.co/sWkx7WQHS2

"Network Monitoring and Visibility Isn’t Enough" - great words by @Barikapace from @Gartner_inc. @AirEyeSecurity is mentioned under "Must Have Security – Prevent & Predict" "Plan On Your Road To Securing Critical Infrastructure & Beyond" https://t.co/k6b3eVfk7W

@vm_call Although this latest iPhone Format String flaw is perceived as seemingly benign, the implications of this vulnerability stretch far and beyond any joking matter. More insights in my blog post

Thanks to @AirEyeSecurity CTO - @amichaishulman who shed some light about #Amazon #Sidewalk and its's impact on corporate security. Read more here: https://t.co/S4KuEBaiQr

Are you an IR professional? Time to hear your take! Is Wi-Fi an overlooked aspect in incidents or just someone's anecdotal battle story? Take the survey now! 5 mins, max. 8 simple questions. https://t.co/KVIsKfetpn

Are you an IR professional? Time to hear your take! Is Wi-Fi an overlooked aspect in incidents or just someone's anecdotal battle story? Take the survey now! 5 mins, max. 8 simple questions. https://t.co/zIN3YDb5Ft