updates

2025-02-13 In a recent discovery, a critical vulnerability was identified involving the exposure of sensitive data, specifically admin credentials that […]

2025-02-13 Just finished my writeup about CVE-2025-23369, an interesting SAML authentication bypass on GitHub Enterprise Server I reported last year.

2025-02-13 The OSI (Open Systems Interconnection) model is a conceptual framework used to understand and implement standard protocols in network

2025-02-13 Medusa, developed by Dimitrios Valsamaras, is revolutionizing the field of mobile bug hunting. Powered by FRIDA, this framework automates

2025-02-13 Building a Security Operations Center (SOC) is a critical step for organizations aiming to enhance their cybersecurity posture. A

2025-02-13 During a security assessment for a client, I identified a stored Cross-Site Scripting (XSS) vulnerability in Opensearch Dashboards-reporting version

2025-02-13 In the world of low-level system exploitation, one of the most fascinating techniques involves manipulating memory mappings to bypass

2025-02-13 In a recent collaboration, my colleague Leonard Rapp and I analyzed a sophisticated malware campaign that utilized Pyarmor v8+

2025-02-13 Earlier this morning, Rapid7 disclosed CVE-2025-1094, a new zero-day vulnerability in PostgreSQL’s psql component. This discovery was made by

2025-02-13 In a recent post on BleepingComputer, hackers have been exploiting a fake Telegram captcha page that instructs users to