In this urgent Cyber Resilience Brief, host Tova Dvorin is joined by SafeBreach experts Adrian Culley and Tomer Bar to break down CVE-2025-53770, a critical zero-day vulnerability actively exploited in Microsoft SharePoint Server. Known as part of the ToolShell attack chain, this deserialization flaw allows unauthenticated remote code execution and persistence — and it’s already being used in the wild.

We discuss:

What makes this vulnerability so dangerous (hint: there's no patch for SharePoint 2016 yet)

Why Microsoft is advising customers to assume breach

How SafeBreach Labs responded within 24 hours with new BAS coverage

Specific indicators of compromise (IoCs) and mitigation advice

Why this attack demands urgent attention from security teams and CISOs alike

Whether you're a SafeBreach customer or just trying to stay ahead of emerging threats, this episode delivers the critical insights you need — fast.

🔗 For more information on today's CVE, check out our post on the SafeBreach blog. 

AI vs. Cybersecurity: The New Frontline

In this eye-opening episode, host Tova Dvorin sits down with Tomer Bar, VP of Security Research at SafeBreach, and Shelly Zucker, Product Manager at SafeBreach, to unravel the alarming ways AI is transforming the cyber threat landscape—and what it means for defenders.

The conversation kicks off with jaw-dropping findings from Palo Alto Networks: AI-powered ransomware attacks that complete from breach to data theft in just 25 minutes, slashing attack timelines by 100x, and fueling forecasts of $57 billion in damages in 2025 alone. Pair that with an 890% surge in enterprise AI app usage, and it's clear: the attack surface has never been more exposed.

But this episode doesn’t stop at the headlines. Tomer and Shelly reveal how adversaries are leveraging generative AI to lower the bar for cybercrime, creating tailored malware with a simple prompt—no coding expertise required. From spyware that logs keystrokes and steals files to ransomware that evades half of today’s security tools on first try, they break down how traditional defenses are falling dangerously behind.

More importantly, you’ll hear how SafeBreach is turning the tables by building AI-generated malware scenarios—carefully crafted with the same techniques attackers use—so organizations can safely test if their defenses can withstand this new wave of threats.

Plus, get a tantalizing sneak peek at upcoming research that crosses the line from cyberspace to the physical world, showing how AI could manipulate smart homes with a single indirect prompt.

If you’re in cybersecurity, risk, or IT, this is an essential listen to understand why your current detection stack might not be enough—and how to prepare for the AI-enabled future.

In this episode, we break down the latest FBI advisory on Iranian cyber actors — and what it means for your OT, IoT, and critical systems. SafeBreach’s Adrian Culley shares practical steps to validate defenses and lock the stable door before the horse bolts.

In this premiere episode of The Cyber Resilience Brief, we dive into the EU’s Digital Operational Resilience Act (DORA) — and why its impact goes far beyond Europe. Host Tova Dvorin is joined by Adrian Culley and David Murray from SafeBreach to break down what DORA means for financial institutions, insurers, and ICT providers worldwide.

We explore:

Why resilience — both toughness and rapid recovery — is now the apex of cybersecurity

How DORA is pushing continuous testing and validation on live production systems, not just lab environments

What it means to have a “cyber canary in the coal mine” for early breach detection

The global ripple effect, with similar legislation already emerging in the UK and beyond

Whether or not your business is based in the EU, DORA is reshaping expectations for operational resilience. Tune in for actionable insights on evolving from incident response to instant anticipation, staying ahead of attackers, and meeting tomorrow’s regulatory demands today.