Remote code execution using Symfony's _fragment's page and unsecure secret values.

This article is a deep dive into the IOCP and encryption process from LockBit in depth.

This articles intends to bring an exploitation scenario encountered during a common penetration test.

In this whitepaper, Lexfo analyses Lazarus malwares, from their motives, to their detection and mitigation, through their techniques, tactics, procedures.

We demonstrate how one can recover mt_rand()'s seed with only two outputs and without any bruteforce.

Several flaws have been identified in the latest version of Magento 2, allowing an attacker to obtain complete control over the server. We're now releasing the exploit for the unauthenticated SQL injection. We'll release the details for the RCE vulnerability at a later time.