We break down a new infostealer attack that combines the ClickFix technique with a shared chat containing malicious user guides on the official ChatGPT website.

Welcome back! As we near the end of 2025, we are, of course, waiting for the next round of SSLVPN exploitation to occur in January (as it did in 2024 and 2025).

Weeeeeeeee. Before then, we want to clear the decks and see how much research we can publish.…

Professional self-hosted phishing platform built for enterprises, red teams, and security providers. Deploy locally for complete control over campaigns, data, and infrastructure with unlimited simulations and full privacy.

Learn why Alias Robotics transitioned from CAI ONE to CAI PRO. Real-world usage revealed that token-based models are incompatible with AI security workflows. CAI PRO delivers unlimited, enterprise-grade autonomous security performance.

This blog post demonstrates how a modern variant of an hardware attack found in the 2000's allowed the extraction of a €12 smartwatch's firmware using only cheap and robust hardware. Damien and Thomas (introduced later in this post) gave a talk on this subject…

Require Google to Remove One-Click Full Logout URLs

Horizon3.ai uncovers FreePBX flaws, including CVE-2025-66039 auth bypass, SQL injection, and file upload RCE—and shows how NodeZero detects them.

Nextcloud - a safe home for all your data

On November 25th, one of our engineers was compromised by the Shai-Hulud npm supply chain worm. Here's what happened, how we responded, and what we've changed.

AI deception platform: Deceive, Detect, Respond. “You can’t defend. You can’t prevent. The only thing you can do is detect and respond.” Bruce Schneier. We turn that hard truth into your tactical advantage. Our AI-based decoys, built using our open-source…

TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: including attribute pollution, namespace confusi

Cymulate Research Labs discovered CVE-2025-64669, a local privilege escalation flaw in Windows Admin Center enabling SYSTEM-level compromise.

Makop, a ransomware strain derived from Phobos, continues to exploit exposed RDP systems while adding new components such as local privilege escalation exploits and loader malware to its traditional toolkit.

Real Vulnerabilities. Actionable Results. | AI for Security, Vulnerability Research

CAI integrated with Chrome via MCP delivers AI-assisted web application security assessments, demonstrated on OWASP Juice Shop with 171x faster vulnerability discovery

Pentesting an API revealed an undocumented OFS Field Injection flaw that enables poisoned transactions without proper input validation.

For many of our e-commerce customers the problem of bad bots it's a everyday problem and has evolved a lot in the last few years. A common approach is to "block" automated traffic with a JavaScript challenge, basically a small noscript that the browser must…