Security researchers have uncovered several critical vulnerabilities in applications preloaded on Ulefone and Krüger&Matz Android smartphones. These flaws, reported by CERT Polska and discovered by Szymon Chadam, expose users to significant risks, including…

Discover Zintro's experienced market research and expert network. Connect with experts and research participants to inform your reasearch.

Discover Zintro's experienced market research and expert network. Connect with experts and research participants to inform your reasearch.

A backend flaw in Apple’s iOS infrastructure enables stealth provisioning on iPhones before the user ever sees a home screen.

We explain how we built a fuzzer for network applications that we tried to make as efficient and as effective as possible. We utilized custom mutators and input passing over shared memory and found that it gave us a huge speed and coverage boost compared…

This document defines a cryptographically secure mechanism for Root Certificate Authorities to perform emergency self-termination upon compromise detection. Current PKI architecture creates a mathematical impossibility: Root CAs cannot be cryptographically…

Windows authentication coercion often feels like a magic bullet against the average Active Directory. With any old low-privileged account, it usually allows us to gain full administrative access to almost arbitrary Windows workstations and servers, …

While performing research on Infoblox's NetMRI network automation and configuration management solution, we discovered 5 vulnerabilities.

A deep technical breakdown of CVE-2025-49113, a critical Roundcube vulnerability involving PHP session serialization. Learn how the bug was discovered, exploited, and responsibly disclosed with full PoC and recommendations for defenders and developers. Kirill…

This case demonstrates that effective smartphone espionage doesn't always require expensive zero-day exploits or the development of sophisticated, custom and undetected spyware. Instead, attackers can achieve significant intelligence gains using older, off…

Discover key challenges and the path forward. Learn about alert overload, tool sprawl, and the need for unified runtime security solutions.

The Model Context Protocol (MCP) is an open standard and open-source project from Anthropic that makes it quick and easy for developers to add real-world functionality — like sending emails or...

Still Using Cards? You’re the Weakest Link in the Payment Chain

Ever felt that Android CTF challenges are too focused on reverse engineering, leaving out the thrill of real-world exploitation? I did too…

This setup serves as a convenient alternative to carrying a full-sized laptop or struggling with a smartphone’s virtual keyboard for complex technical tasks. It offers comfortable typing and an efficient portability.

Analysis of a suspicious binary found in MicroDicom Viewer installer - darnas11/MicroDicom-Incident-Report

This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.

It happened earlier this week during a visit intended to celebrate the sister city relationship between Canberra and Wellington.