identity security • William OGOU Cybersecurity Blog

img of Grafana Critical CVE-2025-41115 CVSS 10.0

Urgent Alert: Grafana Enterprise CVE-2025-41115 (CVSS 10.0) allows full admin takeover via SCIM. Update to version 12.3.0 immediately. See the new affected versions and fix details here.

img of Critical Entra ID Impersonation Flaw - CVE-2025-55241

Sep 24, 2025 8 min read

vulnerability

Critical Entra ID Impersonation Flaw - CVE-2025-55241 By William OGOU

A critical flaw in Entra ID (CVE-2025-55241) allowed attackers to impersonate anyone. This is a CISO's guide to the 'Actor Token' vulnerability, the attack chain, and how to hunt for compromise.

Apr 27, 2025 10 min read

zero-trust

Your Practical Guide to Building a Zero Trust Architecture By William OGOU

Navigate your Zero Trust Architecture journey with a practical, phased roadmap. Learn key steps for securing identity, networks, applications, and data.