Category: Offensive security

The threat landscape has drastically changed in the last decade, and so does the threat perception. Organizations now prefer a shift-left approach, instead of reacting to an incident. Cyber kill…

What’s electron?, the design of electron desktop app, the story bug of the bug, the static code of the bug and how to find it, how to develop it and…

Cyberattacks can hit hard, threatening even business survival. The risk is greater as incidents like data breaches, ransomware, malware, cryptographic failures, and supply chain gaps can halt everything in your…

You’re about to wrap up work when suddenly an email pops up from someone in your team. The subject line reads, “Need credentials ASAP to resolve system outage.” 

The rise of LLMs has enhanced productivity to the next level. However, have you ever given a thought on how AI agents understand the right context, at the right time?…

Many claim to offer penetration testing or red teaming but when it comes to simulating real-world attacks, only a few truly understand how to think and act like an adversary.…

CVE-2025-49127 is a crit­i­cal re­mote code ex­e­cu­tion vul­ner­a­bil­i­ty af­fect­ing Kaf­bat UI ver­sion 1.0.0. This vul­ner­a­bil­i­ty al­lows any unau­then­ti­cat­ed user to ex­e­cute ar­bi­trary code on the serv­er through un­safe de­se­ri­al­iza­tion when…

CVE-2025-32433 is a critical remote code execution (RCE) vulnerability in the Erlang/OTP SSH implementation. It allows an unauthenticated attacker to execute arbitrary code on systems running vulnerable versions of Erlang’s…

In June 2025, a critical local privilege escalation vulnerability was disclosed in the Fedora and SUSE Linux environments involving the udisksd daemon and its backend library libblockdev. Assigned CVE-2025-6019, this…

In May 2025, a critical vulnerability (CVE-2025-4318) was disclosed in the @aws-amplify/codegen-ui package, a core part of AWS Amplify Studio’s UI generation process. The issue arises from improper input sanitization…