Deep dive into CVE-2025-24016 a critical remote code execution (RCE) vulnerability affecting Wazuh, a widely used open-source SIEM platform.

I recently joined watchTowr, and it is, therefore, time - time for my first watchTowr Labs blogpost, previously teased in a tweet of a pre-auth RCE chain affecting some ‘unknown software’.

Joining the team, I wanted to maintain the trail of destruction left…

Any service using xml-crypto or a Node.js SAML implementation using it, should update immediately to the latest version. WorkOS customers are safe and were not impacted.

Company-wide visibility and advocacy along with a pragmatic approach will set up security teams for success.

I know, we have written it multiple times now, but in case you are just tuning in, Doyensec had found themselves on a cruise ship touring the Mediterranean for our company retreat. To kill time between parties, we had some hacking sessions analyzing real…

Summary This advisory describes an out-of-bounds write vulnerability in the Linux kernel that achieves local privilege escalation on Ubuntu 22.04 for active user sessions. Credit An independent security researcher working with SSD Secure Disclosure. Vendor…

Found a security vulnerability? Discover our forms for reporting security issues to Google: for the standard VRP, Google Play, and Play Data Abuse.

Introduction In this post, we’ll show precisely how to chain round-trip attacks and namespace confusion to achieve unauthenticated admin access on GitLab Enterprise by exploiting the ruby-saml library

On March 14, 2025, the popular GitHub action tj-actions/changed-files was compromised, exposing secrets in CI logs. GitGuardian's analysis identified leaked secrets like GitHub tokens, AWS keys, and more.

Security experts

In this post, we introduce Web-based Code Assurance and Transparency, a project that supports verifiable in-browser code for single-page browser applications. Along with this post, we are publishing the WEBCAT project repository; follow-up posts will provide…

MacBook Air laptop with the superfast M4 chip. Built for Apple Intelligence. Lightweight, with all-day battery life. Now in a new Sky Blue color.

It’s us again!

Once again, we hear the collective groans - but we're back and with yet another merciless pwnage of an inspired and clearly comprehensive RCE solution - no, wait, it's another vuln in yet another backup and replication solution..

While we…

We guard your domain, so you have peace of mind. Threat Visibility Platform.

Strengthen Windows endpoint security with the all-in-one powerful Scalefusion UEM. Unlock unmatched security with zero trust architecture.

How OSINT Exploits Password Recovery Flows to Expose Your Digital Identity

Common misconfigurations in on prem VM environments

Web browsers store bookmarks in plain text, making them vulnerable to malware, unauthorized access, profiling, and potential regulatory risks.

Technical details outlining how this Palo Alto vulnerability could be exploited by an Administrator-level user account to disable Cortex XDR.