High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)

Recent Security research

Security research

High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478)

Security research

Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757)

Security research

Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236)

Security research

Finding Critical Bugs in Adobe Experience Manager

Security research

Secondary Context Path Traversal in Omnissa Workspace ONE UEM

Security research

Struts Devmode in 2025? Critical Pre-Auth Vulnerabilities in Adobe Experience Manager Forms

Security research

How We Accidentally Discovered a Remote Code Execution Vulnerability in ETQ Reliance

Security research

A Novel Technique for SQL Injection in PDO’s Prepared Statements

Security research

RCE in the Most Popular Survey Software You’ve Never Heard Of

Security research

Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke)

Security research

How we got persistent XSS on every AEM cloud site, thrice

Security research

Novel SSRF Technique Involving HTTP Redirect Loops

Security research

Loose Types Sink Ships: Pre-Authentication SQL Injection in Halo ITSM

Security research

Doing the Due Diligence: Analyzing the Next.js Middleware Bypass (CVE-2025-29927)

Security research

Sitecore: Unsafe Deserialisation Again! (CVE-2025-27218)

Security research

Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108)

Recent Videos

Uncovering Critical Vulnerabilities in Magento: A Deep Dive

A Deep Dive into Three ServiceNow Vulnerabilities

Chaining Three Bugs to Access All Your ServiceNow Data (Live Q&A)