Red Team Tactics

2025 Threat Detection Report: Key Strategies for Security Teams

Threat Intelligence

2025 Threat Detection Report: Key Strategies for Security Teams

The 2025 Threat Detection Report highlights critical trends and actionable strategies for security teams to counter emerging...

AI-Powered Red Teaming: Evolving Tactics in Cybersecurity

Red-Team

AI-Powered Red Teaming: Evolving Tactics in Cybersecurity

Recent research highlights a significant shift in red team operations as artificial intelligence becomes more sophisticated. A...

Active Directory Security: Exploiting and Mitigating GenericWrite DACL Vulnerabilities

Blue-Team

Active Directory Security: Exploiting and Mitigating GenericWrite DACL Vulnerabilities

Active Directory’s Discretionary Access Control Lists (DACLs) serve as fundamental security mechanisms governing object permissions within directory...

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

Red-Team

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

The Diamond Ticket attack represents an advanced exploitation technique targeting Active Directory environments by manipulating Kerberos authentication...

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

Red-Team

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

Active Directory (AD) remains a prime target for attackers due to its central role in enterprise authentication...

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

Red-Team

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

In an era of evolving cyber threats, organizations are adopting realistic methods to test their defenses. Red...

Cyber Essentials ‘Pathways’: A New Approach to Cybersecurity Certification for Large Organizations

Cyber Laws & Regulations

Cyber Essentials ‘Pathways’: A New Approach to Cybersecurity Certification for Large Organizations

The UK’s National Cyber Security Centre (NCSC) is taking a significant step forward in cybersecurity certification with...

CVE-2025-0628 – BerriAI Litellm Privilege Escalation Vulnerability

Exploitation

CVE-2025-0628 – BerriAI Litellm Privilege Escalation Vulnerability

A critical privilege escalation vulnerability, CVE-2025-0628, has been identified in the BerriAI/litellm application. This flaw allows users...

CVE-2024-9701 – Kedro ShelveStore Remote Code Execution Vulnerability

Exploitation

CVE-2024-9701 – Kedro ShelveStore Remote Code Execution Vulnerability

A critical vulnerability, CVE-2024-9701, has been identified in the Kedro ShelveStore class (version 0.19.8), a component of...

CVE-2024-9919 – Parisneo Lollms Webui Missing Authentication Check Directory Traversal Vulnerability

Exploitation

CVE-2024-9919 – Parisneo Lollms Webui Missing Authentication Check Directory Traversal Vulnerability

A high-severity vulnerability, CVE-2024-9919, has been identified in the parisneo/lollms-webui software, specifically in version V13. This vulnerability...

CVE-2025-2303 – Block Logic – WordPress Full Gutenberg Block Display Control Remote Code Execution

Exploitation

CVE-2025-2303 – Block Logic – WordPress Full Gutenberg Block Display Control Remote Code Execution

TL;DR CVE-2025-2303: A critical vulnerability in the Block Logic WordPress plugin allows authenticated attackers with Contributor-level access...

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

Exploitation

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

TL;DR CVE-2024-9880: A high-severity command injection vulnerability in Apache Pandas’ DataFrame.query function. Affected Versions: All versions up...

CVE-2025-0452 – Eosphoros-ai DB-GPT Windows File Deletion Vulnerability

Exploitation

CVE-2025-0452 – Eosphoros-ai DB-GPT Windows File Deletion Vulnerability

A newly disclosed vulnerability, CVE-2025-0452, has been identified in the latest version of eosphoros-ai/DB-GPT, a popular database...

CVE-2025-23120 – Veeam Backup & Replication RCE Vulnerability

Exploitation

CVE-2025-23120 – Veeam Backup & Replication RCE Vulnerability

TL;DR CVE-2025-23120: A critical remote code execution (RCE) vulnerability in Veeam Backup & Replication. Severity: 9.9 (CRITICAL)...

CVE-2025-30472 – Corosync Stack-Based Buffer Overflow Vulnerability

News

CVE-2025-30472 – Corosync Stack-Based Buffer Overflow Vulnerability

TL;DR CVE-2025-30472: A critical stack-based buffer overflow vulnerability in Corosync (up to version 3.1.9). Severity: Rated 9.0...

Microsoft Trust Signing Service Abused to Code-Sign Malware

APT-News

Microsoft Trust Signing Service Abused to Code-Sign Malware

In a concerning development, cybercriminals have been abusing Microsoft’s Trusted Signing platform to code-sign malware executables with...

Exploiting CVE-2025-29927: A Red-Teamer’s Guide to Next.js Middleware Bypass

Exploitation

Exploiting CVE-2025-29927: A Red-Teamer’s Guide to Next.js Middleware Bypass

Next.js middleware, a cornerstone of modern web applications, faces a critical security threat. CVE-2025-29927 exposes a severe...

CVE-2024-9847 – FlatPress CMS CSRF Attack

Exploitation

CVE-2024-9847 – FlatPress CMS CSRF Attack

A critical vulnerability, CVE-2024-9847, has been identified in FlatPress CMS, a lightweight blogging platform. The flaw, classified...

Red Team Tactics

2025 Threat Detection Report: Key Strategies for Security Teams

AI-Powered Red Teaming: Evolving Tactics in Cybersecurity

Active Directory Security: Exploiting and Mitigating GenericWrite DACL Vulnerabilities

Diamond Ticket Attacks: The Stealthy Kerberos Exploit Targeting Active Directory

GhostPack: Red Team Tactics for Active Directory Exploitation and Defense

Red Team Simulations and Physical Pentesting: Strengthening Organizational Resilience

Cyber Essentials ‘Pathways’: A New Approach to Cybersecurity Certification for Large Organizations

CVE-2025-0628 – BerriAI Litellm Privilege Escalation Vulnerability

CVE-2024-9701 – Kedro ShelveStore Remote Code Execution Vulnerability

CVE-2024-9919 – Parisneo Lollms Webui Missing Authentication Check Directory Traversal Vulnerability

CVE-2025-2303 – Block Logic – WordPress Full Gutenberg Block Display Control Remote Code Execution

CVE-2024-9880 – Apache Pandas Command Injection Vulnerability

CVE-2025-0452 – Eosphoros-ai DB-GPT Windows File Deletion Vulnerability

CVE-2025-23120 – Veeam Backup & Replication RCE Vulnerability

CVE-2025-30472 – Corosync Stack-Based Buffer Overflow Vulnerability

Microsoft Trust Signing Service Abused to Code-Sign Malware

Exploiting CVE-2025-29927: A Red-Teamer’s Guide to Next.js Middleware Bypass

CVE-2024-9847 – FlatPress CMS CSRF Attack

You may have missed

YesWiki Path Traversal Vulnerability (CVE-2025-31131): Technical Analysis and Mitigation

Critical SQL Injection Vulnerability in Next-Cart Store to WooCommerce Migration Plugin (CVE-2025-30807)

WpTravelly Plugin Vulnerability Exposes WordPress Sites to Object Injection Attacks

Critical SQL Injection Vulnerability in WooCommerce Order Splitter Plugin (CVE-2025-31089)