Orange Cyberdefense (OCD) has discovered a critical vulnerability (CVE-2025-32432) in the Craft CMS software. OCD has approached us to work […]
CVE-2025-32432 – 0day Craft CMS discovered by Orange Cyberdefense Read More »
ShadowServer has discovered more than 17,000 Fortinet SSL VPNs compromised by what’s known as the symlink backdoor. We obtained the
Symlink backdoor on Fortinet SSL-VPN devices Read More »
Two vulnerabilities in the IT asset management tool GLPI have been published under the heading “Pre-authentication SQL injection to RCE
New critical vulnerabilities in GLPI : CVE-2025-24799 and CVE-2025-24801 Read More »
Written on 2025/01/31 First of all, we wish you and your loved ones a wonderful year in 2025. May it
Retrospective 2024 and Roadmap 2025 Read More »
As you have probably seen by now @evilsocket published an amazing blog on vulnerabilities in CUPS. If you’ve been staying
Detecting cups vulnerabilities while staying ethical Read More »
Apache log4j logging system is affected by a critical issue impacting billions of devices or software stacks. That issue is
Why we won’t scan /0 for log4shell issue Read More »
