How I found a large network of fake support groups spreading crypto stealers and drainers.

A subtle AWS privesc hiding in SageMaker lifecycle configs, and what it reveals about execution roles.

Generate HTML/SVG payloads for testing Server-Side Request Forgery vulnerabilities.

Utilizing the Chrome DevTools Protocol to delegate C2 HTTP-traffic.

With over 3 billion users globally, mobile instant messaging apps have become indispensable for both personal and professional communication. Besides plain messaging, many services implement...

Compromising Developers with Malicious Extensions - VS Code, Cursor AI, and the Backdoor You Didn't See Coming.

Reverse engineering a dummy KAISTDE format and generating parsers with Kaitai Struct.

We break down a new infostealer attack that combines the ClickFix technique with a shared chat containing malicious user guides on the official ChatGPT website.

React Server Components (RSC) are a new feature in React that allows developers to render React components on the server. However, a critical security vulnerability in RSC could allow an attacker to inject arbitrary commands into the server's command execution…

Horizon3.ai uncovers FreePBX flaws, including CVE-2025-66039 auth bypass, SQL injection, and file upload RCE—and shows how NodeZero detects them.

TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: including attribute pollution, namespace confusi

Nextcloud - a safe home for all your data

Cymulate Research Labs discovered CVE-2025-64669, a local privilege escalation flaw in Windows Admin Center enabling SYSTEM-level compromise.

Makop, a ransomware strain derived from Phobos, continues to exploit exposed RDP systems while adding new components such as local privilege escalation exploits and loader malware to its traditional toolkit.

For many of our e-commerce customers the problem of bad bots it's a everyday problem and has evolved a lot in the last few years. A common approach is to "block" automated traffic with a JavaScript challenge, basically a small script that the browser must…

Privacy browser extensions misled users and sold 8 million AI chat logs, exposing sensitive conversations for profit without consent.

Preface

Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF.