In my last post, I demonstrated a basic approach to fuzzing an RTOS firmware using AFL++’s Unicorn mode. The provided firmware for that…

Summary Multiple Foscam X5 vulnerabilities have been discovered, the vulnerabilities allow a remote attacker to trigger code execution vulnerabilities in the product. Credit An independent security researcher working with SSD Secure Disclosure. Vendor Response…

Varonis' 2025 State of Data Security Report shares findings from 1,000 real-world IT environments to uncover the dark side of the AI boom and what proactive steps orgs can take to secure critical information.

A new malvertising scheme is turning legitimate e-commerce sites into phishing traps without the knowledge of site owners or advertisers. By exploiting the integrations with Google APIs, they are injecting malicious noscripts into ecommerce sites using JSONP…

EvilWorker is a new AiTM attack framework designed to conduct credential phishing campaigns.

Akamai researchers found a privilege escalation vulnerability in Windows Server 2025 that allows attackers to compromise any user in Active Directory.

Rhino Security Labs found CVE-2025-26147 in Denodo Scheduler, an application administrators use to configure servers, databases, and specify forms of authentication.

Authenticated Remote Code Execution Vulnerability in Netwrix Password Secure

Diving into the MS-RPC protocol and how to automate vulnerability research using a fuzzing approach.

Rare Code Base offers free ethical hacking, programming tutorials, cybersecurity insights, and much more. Access expert resources to learn coding, master ethical hacking, explore tech trends, and stay ahead in the ever-evolving world of technology.

Two newly discovered vulnerabilities (CVE-2025-4427 CVE-2025-4428) in Ivanti Endpoint Mobile Manager are being actively exploited leading to severe data breach

Analyze CVE-2025-32756, a Fortinet buffer overflow flaw under active attack, and see how NodeZero can validate exposure now.

This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.

Discover how to implement it with Arduino UNO, and what security measures can protect your system.

TCC on macOS isn't just an annoying prompt—it's the last line of defense between malware and your private data. Read this article to learn why.

Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Smartbedded MeteoBridge. Learn about the risks and recommended actions.

At Mozilla, we consider security to be a paramount aspect of the web. This is why not only does Firefox have a long running bug bounty program but also mature ...