The Security Gap GitHub Doesn’t Want to Talk About

Vulnerability intelligence that predicts avenues of attack with speed and accuracy.

Triggering web requests with sanitized input

The Target A few months ago I realized I was overdue for a fun, quirky hardware project. Every so often I like to see what new and interesting electronic children's toys are out there. When looking, I keep in mind the potential attack surface, typically…

AI deception platform: Deceive, Detect, Respond. “You can’t defend. You can’t prevent. The only thing you can do is detect and respond.” Bruce Schneier. We turn that hard truth into your tactical advantage. Our AI-based decoys, built using our open-source…

The Internet is ablaze, and once again we all have a front-row seat - a bad person, if you can believe it, is doing a bad thing!

The first warning of such behaviour came from the great team at Defused:

As many are now aware, an unnamed (and potentially…

FaceSeek helps you verify photos, find people, and enhance online safety using ethical face search and advanced facial recognition.

Posted by Sufficient_Air5988 - 0 votes and 0 comments

Protect your Node.js projects from supply chain attacks. Scan npm packages for malware and vulnerabilities.

A report describing an a highly sophisticated AI-led cyberattack

Are you ready for your IT career? Train for CCNA, CCNP and others certifications with a complete study plan, real exams and a gamified experience.

Scan your repositories for security vulnerabilities using Semgrep, Trivy, and Detect Secrets.

Most security labs are built around predictable, well-documented vulnerabilities. But every once in a while, during experimentation, you…

Cracking open the rewards admin panel.

X.509 Certificate Extractor (TLS over TCP and DTLS) Introduction Release 4.0 introduces a new capability: the scanning of TCP and UDP streams for x.509 certificates. You can now either export these certificates to disk or dissect their attributes and output…

Root cause analysis for N-able N-central CVE-2025-9163 and CVE-2025-11700 which allow for reading files and and potentially compromising the N-central database which stores client credentials, API keys, and more.

elttam is a globally recognised, independent information security company, renowned for our advanced technical security assessments.

Oligo Security uncovers ShadowRay 2.0, an active global campaign exploiting Ray to hijack AI infrastructure and create a self-propagating botnet.