Tue 20 May 2025
This article provides an analysis of World Leaks, a new extortion platform that emerged in early 2025, detailing its origins, operational challenges, and collaborations with other threat actors.
Wed 12 March 2025
Exploitation of multiple vulnerabilities in GLPI to gain remote code execution from unauthenticated privileges.
Fri 28 February 2025
An OSINT investigation into the world of forged documents business
Mon 04 November 2024
In this blog post, we describe new techniques to dump PHP files leveraging filters, and a tool that does it.
Mon 30 September 2024
In this blog post, we will explore how we can exploit CNEXT, but blind, covering the cases where we have a file read primitive, but cannot get the output.
Thu 26 September 2024
An authentication bypass vulnerability was found on Jupiter X Core Plugin <= 4.7.5 (CVE-2024-7781).
Check our offensive & continuous web security assessment service