
Blog Series
Malware & Exploits
- No categories

Behind Enemy Lines: What the...
In the cybersecurity industry, we’ve grown accustomed to meticulously analyzing attack patterns, reverse-engineering malware, and piecing together fragments of evidence to understand our adversaries. But rarely do we get to...
The 24 Hours We Nearly...
How a Contract Expiration Nearly Collapsed the Global Vulnerability Management Ecosystem It was a typical Tuesday at security operations centers around the world. Analysts were monitoring their SIEM dashboards, vulnerability...
Linux Kernel Vulnerabilities Added to...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added two Linux kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signaling that these previously theoretical security risks are...
PHP 7 Vulnerable to Severe...
Executive Summary Our security research team has discovered that CVE-2022-31631, a critical SQL injection vulnerability with a CVSS 3 score of 9.1, affects PHP 7 installations (on Windows and...
CVE-2023-3824: PHP 7 Users Unknowingly...
Executive Summary CVE-2023-3824, a buffer overflow vulnerability in PHP’s PHAR extension, also impacts PHP 7 installations though official advisories only mention PHP 8+ versions. This vulnerability is particularly concerning...
Supply Chain Attacks: When Security...
The Hidden Vulnerability in Your Software Supply Chain There’s often an unspoken assumption: security breaches happen because someone made a mistake. Perhaps they failed to implement multi-factor authentication, neglected...
Beyond EOL: PHP 7 Vulnerability...
Executive Summary Our security research team has discovered that CVE-2023-0568, a buffer allocation vulnerability officially reported to affect only PHP 8+ versions, also impacts PHP 7 series installations (on...
Critical .NET Security Alert: CVE-2025-24070...
Executive Summary Our security research team has identified that the recently disclosed vulnerability CVE-2025-24070, an elevation of privilege vulnerability in ASP.NET Core, also affects .NET 6 applications despite not...
When CVSS Scores Don’t Tell...
Use the following links to track the status of patches for CVE-2024-50302 for KernelCare and Endless Lifecycle Support. All patches for all supported and affected distributions will be made available...
Critical Vulnerability CVE-2024-4577: Understanding the...
Introduction A critical vulnerability in PHP for Windows (CVE-2024-4577) has become a significant cybersecurity concern since its disclosure in June 2024. With a CVSS score of 9.8, this high-severity...
The Linux Kernel CVE Flood...
Almost a year ago, the Linux Kernel team became a CVE Numbering Authority (CNA), marking a significant shift in how kernel vulnerabilities are tracked and disclosed. Far from being a...