Blogs & Articles
Cybersecurity News, Latest Vulnerabilities, Hacking Tutorials
What Happened When We Invited Hackers to Break our AI Chatbot
In November we hosted an AI Hacking CTF Challenge as part of TCM’s annual Black Friday Sale. The challenge was straightforward: convince the chatbot to reveal the secret code that it knew, but was instructed to keep secret. For some contestants it was simple, they had...
OWASP Top 10 2025 Explained: Insights from a Web Application Pentester
Introduction Earlier this year I published an OWASP Top 10 2025 prediction blog where I pulled CVE data from 2021 and made data driven predictions on where the new top 10 list will land. Now that the official list has been released, it’s time to reflect on the results...
Ethically Hack AI | Part 2 – Prompt Injection
This blog will demonstrate how various methods of prompt injection, including jailbreaking, can be used to compromise AI chatbots during ethical testing.
How To Become A SOC Analyst
This blog explores the duties of a SOC analyst, lasting motivations for pursuing defensive cyber security, and resources to get started and progress in the SOC.
Network VS Cloud Penetration Testing
This article defines cloud pentesting, explores the relationship between traditional network and cloud pentesting, and explains how to learn cloud pentesting.
Vulnerability Scanning VS Pentesting
Understanding the difference between vulnerability scanning and penetration testing is important for moving past automated testing and into manual testing.
AI Assisted Pentest Reporting
In this blog, we’ll show how to generate pentest finding templates with DeepSeek AI using MITRE’s Common Weakness Enumeration (CWE) categories.
AI-Automated Credential Stuffing
Credential stuffing remains one of the most efficient paths to account takeover, and AI assistance is changing the scale and effectiveness of those attacks.
OSINT Resources and Tools
Explore some of the fundamental domains of OSINT research, plus a list of tools and resources to develop this discipline as a cyber security professional.
Networking Fundamentals for Pentesters
We will take a look at networking concepts you should focus on, why they matter, and resources for learning for beginning pentesters without an IT background.
Penetration Testing – PCI Compliance – Auditing
See How We Can Secure Your Assets
Let’s talk about how TCM Security can solve your cybersecurity needs. Give us a call, send us an e-mail, or fill out the contact form below to get started.