I thought I was being recruited. Instead, I gave hackers access to my system by running a simple 'npm run start'. Discover how the tech details of this supply chain attack and how to protect yourself.

Akamai researchers have created detection noscripts and additional details for the Apache Camel vulnerabilities CVE-2025-27636 and CVE-2025-29891.

Writing secure code today is easier than making a mistake that would lead to an XXE vulnerability. While examining a library, I wondered: is its code truly secure? At first glance, everything appeared to be filtered, and the function didn’t have the attributes…

Lumma Stealer and AMOS are used in the campaign.

Recently, I paid attention to some open-source projects and technical articles related to security that involve large language models (LLMs). The authors emphasized the use of LLMs, but a closer look…

Critical authentication bypass vulnerabilities were discovered in ruby-saml up to version 1.17.0. See how they were uncovered.

Cybermonit is a modern platform for monitoring CVS vulnerabilities, data leaks, ransomware attacks and ongoing DDoS attacks, enabling rapid threat identification and effective response to cyber incidents.

Latest version: v2.10.0 CRADLE Intelligence Hub Batteries included collaborative knowledge management solution for threat intelligence researchers.

Hacking a Low-Cost Electric Toothbrush

In our team's latest blog post, we build a few examples that showcase ways in which memory corruption vulnerabilities could manifest in Delphi code despite being included in a list of "memory safe" languages within a paper published by the NSA. We cover how…

I recently helped a company recover their data from the Akira ransomware without paying the ransom. I'm sharing how I did it, along with the full source code.



The code is here: https://github.com/yohanes/akira-bruteforce



To clarify, multiple ransomware…

This article marks the first in a series aimed at sharing my adventures, personal notes, and insights into the Android kernel. My focus…

Technical analysis of NULL Pointer Dereference bugs, mitigations, and exploit development challenges on Apple Silicon macOS.

Stay informed with the latest insights in our Infostealers weekly report. Explore key findings, trends and data on info-stealing activities.

Deep dive into CVE-2025-24016 a critical remote code execution (RCE) vulnerability affecting Wazuh, a widely used open-source SIEM platform.

I recently joined watchTowr, and it is, therefore, time - time for my first watchTowr Labs blogpost, previously teased in a tweet of a pre-auth RCE chain affecting some ‘unknown software’.

Joining the team, I wanted to maintain the trail of destruction left…

Any service using xml-crypto or a Node.js SAML implementation using it, should update immediately to the latest version. WorkOS customers are safe and were not impacted.