Red-Team

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

CVE News

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

A newly disclosed path traversal vulnerability (CVE-2024-54291) in Apache’s NotFound PluginPass has been rated with a high...

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

CVE News

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

A newly discovered SQL injection vulnerability in the widely used GLPI IT Service Management (ITSM) tool poses...

AI-Powered Red Teaming: Evolving Tactics in Cybersecurity

Red-Team

AI-Powered Red Teaming: Evolving Tactics in Cybersecurity

Recent research highlights a significant shift in red team operations as artificial intelligence becomes more sophisticated. A...

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

CVE News

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

Mozilla has issued an emergency update for Firefox on Windows to address a critical sandbox escape vulnerability...

Critical NetApp SnapCenter Vulnerability Allows Privilege Escalation to Remote Admin Access

CVE News

Critical NetApp SnapCenter Vulnerability Allows Privilege Escalation to Remote Admin Access

A critical security flaw in NetApp SnapCenter, tracked as CVE-2025-26512, could allow authenticated users to escalate privileges...

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

CVE News

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

Mozilla has released emergency updates to patch a critical sandbox escape vulnerability (CVE-2025-2857) in Firefox for Windows,...

Mobile Security & Malware Threats: Critical Vulnerabilities and Emerging Risks in March 2025

CVE News

Mobile Security & Malware Threats: Critical Vulnerabilities and Emerging Risks in March 2025

The fourth week of March 2025 has brought significant developments in mobile security and malware, with critical...

High-Severity Missing Authorization Flaw in Shinetheme Traveler WordPress Theme (CVE-2025-26733)

CVE News

High-Severity Missing Authorization Flaw in Shinetheme Traveler WordPress Theme (CVE-2025-26733)

A high-severity vulnerability (CVE-2025-26733) has been identified in the Shinetheme Traveler WordPress theme, affecting versions up to...

Critical RCE Vulnerability in Shinetheme Traveler (CVE-2025-26873): Analysis and Mitigation

CVE News

Critical RCE Vulnerability in Shinetheme Traveler (CVE-2025-26873): Analysis and Mitigation

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-26873, has been disclosed in the Shinetheme Traveler...

Critical SQL Injection Vulnerability Discovered in Shinetheme Traveler (CVE-2025-26898)

CVE News

Critical SQL Injection Vulnerability Discovered in Shinetheme Traveler (CVE-2025-26898)

A critical SQL injection vulnerability (CVE-2025-26898) has been identified in the Shinetheme Traveler WordPress theme, affecting versions...

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

CVE News

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

A high-severity vulnerability (CVE-2025-30232) has been identified in Exim mail servers, affecting versions 4.96 through 4.98.1. The...

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

CVE News

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

A critical vulnerability (CVE-2025-24383) has been identified in Dell Unity operating environments, allowing unauthenticated attackers to execute...

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

CVE News

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

A high-severity open redirect vulnerability (CVE-2025-24381) has been identified in Dell Unity storage systems running versions 5.4...

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

CVE News

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

A critical vulnerability (CVE-2025-2294) has been identified in the Kubio AI Page Builder plugin for WordPress, affecting...

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

CVE News

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

A severe remote code execution (RCE) vulnerability has been identified in the Ingress NGINX Controller, allowing attackers...

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

CVE News

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS firewalls has been actively exploited since at...

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

CVE News

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

A critical zero-day vulnerability (CVE-2024-3400) in Palo Alto Networks’ PAN-OS GlobalProtect feature has been actively exploited since...

Active Directory Security Testing with Netexec: A Red Team Perspective

Red-Team

Active Directory Security Testing with Netexec: A Red Team Perspective

Active Directory penetration testing remains a cornerstone of enterprise security assessments, with tools like Netexec providing robust...

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

Red-Team

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

The Diamond Ticket attack represents an advanced exploitation technique targeting Active Directory environments by manipulating Kerberos authentication...

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

Red-Team

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

Active Directory (AD) remains a prime target for attackers due to its central role in enterprise authentication...

Posts pagination

Previous 1 2 3 4 5 6 Next

Red-Team

Apache NotFound PluginPass Path Traversal Vulnerability (CVE-2024-54291): Analysis and Mitigation

Critical SQL Injection Vulnerability in GLPI ITSM Tool (CVE-2025-24799): Analysis and Mitigation

AI-Powered Red Teaming: Evolving Tactics in Cybersecurity

Mozilla Patches Critical Windows Sandbox Escape Flaw Linked to Chrome Zero-Day

Critical NetApp SnapCenter Vulnerability Allows Privilege Escalation to Remote Admin Access

Firefox and Chrome Zero-Days Highlight Systemic Sandbox Risks

Mobile Security & Malware Threats: Critical Vulnerabilities and Emerging Risks in March 2025

High-Severity Missing Authorization Flaw in Shinetheme Traveler WordPress Theme (CVE-2025-26733)

Critical RCE Vulnerability in Shinetheme Traveler (CVE-2025-26873): Analysis and Mitigation

Critical SQL Injection Vulnerability Discovered in Shinetheme Traveler (CVE-2025-26898)

Exim Use-After-Free Vulnerability (CVE-2025-30232) Poses Privilege Escalation Risk

Critical OS Command Injection Vulnerability in Dell Unity (CVE-2025-24383) Poses Severe Risk

Dell Unity Open Redirect Vulnerability (CVE-2025-24381): Risks and Mitigation

Critical LFI Vulnerability in Kubio AI Page Builder for WordPress (CVE-2025-2294)

Critical Unauthenticated RCE Vulnerability Discovered in Ingress NGINX Controller

Critical Zero-Day Exploit in Palo Alto GlobalProtect Firewalls (CVE-2024-3400) Actively Exploited

Detecting and Mitigating CVE-2024-3400: Critical Zero-Day in Palo Alto GlobalProtect

Active Directory Security Testing with Netexec: A Red Team Perspective

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

You may have missed

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)