Red-Team

Understanding Trojan.Win32.CVE20188120.E: A Windows Privilege Escalation Threat

CVE News

Understanding Trojan.Win32.CVE20188120.E: A Windows Privilege Escalation Threat

The Trojan.Win32.CVE20188120.E malware represents a persistent threat leveraging CVE-2018-8120, a privilege escalation vulnerability in Windows systems. This...

Trojan.W97M.CVE202140444.A: Analyzing the Microsoft Office Exploit That Enables Remote Code Execution

CVE News

Trojan.W97M.CVE202140444.A: Analyzing the Microsoft Office Exploit That Enables Remote Code Execution

A newly identified threat, Trojan.W97M.CVE202140444.A, exploits a critical Microsoft Office vulnerability (CVE-2021-40444) to execute remote code through...

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

CVE News

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

Two critical vulnerabilities in OpenSSH—CVE-2024-6387 (dubbed “regreSSHion”) and CVE-2024-6409—pose significant risks to Linux systems running vulnerable versions....

Critical WhatsUp Gold Vulnerabilities Exploited for RCE: Patch Now to Prevent Attacks

CVE News

Critical WhatsUp Gold Vulnerabilities Exploited for RCE: Patch Now to Prevent Attacks

Progress Software’s WhatsUp Gold, a widely used network monitoring solution, is under active attack due to two...

Critical Authentication Flaws in Microsoft Azure Private 5G Core Expose Networks to Disruption

CVE News

Critical Authentication Flaws in Microsoft Azure Private 5G Core Expose Networks to Disruption

Two significant vulnerabilities in Microsoft Azure Private 5G Core (AP5GC) have been identified and patched, according to...

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

CVE News

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

A malicious campaign is targeting security researchers by distributing a fake proof-of-concept (PoC) exploit for the LDAPNightmare...

Critical Next.js Authentication Bypass Vulnerability Patched (CVE-2025-XXXX)

CVE News

Critical Next.js Authentication Bypass Vulnerability Patched (CVE-2025-XXXX)

Vercel has resolved a significant security flaw in Next.js middleware authentication, which could have allowed attackers to...

NetApp SnapCenter Privilege Escalation Vulnerability Patched (NCSC-2025-0097)

CVE News

NetApp SnapCenter Privilege Escalation Vulnerability Patched (NCSC-2025-0097)

NetApp has resolved a critical privilege escalation vulnerability (NCSC-2025-0097) in its SnapCenter backup management platform, which could...

Critical Kubernetes Ingress-Nginx Vulnerability Exposes Clusters to RCE and Secret Theft (CVE-2025-1097)

CVE News

Critical Kubernetes Ingress-Nginx Vulnerability Exposes Clusters to RCE and Secret Theft (CVE-2025-1097)

A newly disclosed critical vulnerability (CVE-2025-1097) in Kubernetes’ Ingress-Nginx controller enables attackers to execute arbitrary code and...

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1098) Exposes Clusters to RCE and Secret Theft

CVE News

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1098) Exposes Clusters to RCE and Secret Theft

A newly discovered high-severity vulnerability (CVE-2025-1098) in Kubernetes’ Ingress-Nginx controller allows attackers to execute arbitrary code and...

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1974) Exposes Clusters to Remote Code Execution

CVE News

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1974) Exposes Clusters to Remote Code Execution

A critical security vulnerability (CVE-2025-1974) in Kubernetes’ ingress-nginx controller has been disclosed, allowing unauthenticated attackers with pod...

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-24514) Exposes Clusters to RCE & Secret Theft

CVE News

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-24514) Exposes Clusters to RCE & Secret Theft

A newly disclosed high-severity vulnerability (CVE-2025-24514) in Kubernetes’ ingress-nginx controller enables attackers to execute arbitrary code and...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

A newly discovered critical vulnerability (CVE-2025-2726) affecting multiple H3C Magic series routers allows remote attackers to execute...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

A critical command injection vulnerability (CVE-2025-2728) affecting H3C Magic NX30 Pro and NX400 routers has been identified,...

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

CVE News

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

A critical security vulnerability (CVE-2025-2727) has been identified in H3C Magic NX30 Pro routers running firmware versions...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

A critical vulnerability (CVE-2025-2729) has been identified in multiple H3C Magic series routers, exposing them to remote...

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

CVE News

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

A critical security vulnerability affecting multiple H3C Magic series routers has been identified, allowing remote attackers to...

Imperius: Exposing Hidden Linux Kernel Rootkits for Security Teams

Red-Team

Imperius: Exposing Hidden Linux Kernel Rootkits for Security Teams

A new tool called Imperius has emerged, designed to detect and expose Linux Kernel Module (LKM) rootkits...

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Bug Bounties & Responsible Disclosure

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Bug bounty programs have become a proven strategy for strengthening system security through collaboration with external researchers....

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

Red-Team

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

In an era of evolving cyber threats, organizations are adopting realistic methods to test their defenses. Red...

Posts pagination

Previous 1 2 3 4 5 6 Next

Red-Team

Understanding Trojan.Win32.CVE20188120.E: A Windows Privilege Escalation Threat

Trojan.W97M.CVE202140444.A: Analyzing the Microsoft Office Exploit That Enables Remote Code Execution

Critical OpenSSH Vulnerabilities CVE-2024-6387 and CVE-2024-6409: Analysis and Mitigation Strategies

Critical WhatsUp Gold Vulnerabilities Exploited for RCE: Patch Now to Prevent Attacks

Critical Authentication Flaws in Microsoft Azure Private 5G Core Expose Networks to Disruption

Fake LDAPNightmare PoC Exploit (CVE-2024-49113) Delivers Information-Stealing Malware

Critical Next.js Authentication Bypass Vulnerability Patched (CVE-2025-XXXX)

NetApp SnapCenter Privilege Escalation Vulnerability Patched (NCSC-2025-0097)

Critical Kubernetes Ingress-Nginx Vulnerability Exposes Clusters to RCE and Secret Theft (CVE-2025-1097)

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1098) Exposes Clusters to RCE and Secret Theft

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-1974) Exposes Clusters to Remote Code Execution

Critical Kubernetes Ingress-Nginx Vulnerability (CVE-2025-24514) Exposes Clusters to RCE & Secret Theft

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2726) Puts Networks at Risk

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2728) Puts Networks at Risk

Critical Command Injection Vulnerability in H3C Magic NX30 Pro Routers (CVE-2025-2727)

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2729): What Security Teams Need to Know

Critical Command Injection Vulnerability in H3C Magic Routers (CVE-2025-2732): What Security Teams Need to Know

Imperius: Exposing Hidden Linux Kernel Rootkits for Security Teams

Bug Bounty Programs: The Complete Guide to Vulnerability Hunting

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

You may have missed

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)