Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/
watchTowr Labs
Is b For Backdoor? Pre-Auth RCE Chain In Sitecore Experience Platform
Welcome to June! We’re back—this time, we're exploring Sitecore’s Experience Platform (XP), demonstrating a pre-auth RCE chain that we reported to Sitecore in February 2025.
We’ve spent a bit of time recently looking at CMS’s given the basic fact that they…
We’ve spent a bit of time recently looking at CMS’s given the basic fact that they…
CVE-2025-34508: Another File Sharing Application, Another Path Traversal https://horizon3.ai/attack-research/attack-blogs/cve-2025-34508-another-file-sharing-application-another-path-traversal/
Horizon3.ai
Path Traversal Vulnerability Discovered in ZendTo
Learn how Horizon3.ai uncovered CVE-2025-34508 in ZendTo, allowing attackers to access sensitive files through a path traversal flaw.
The Jitter-Trap: How Randomness Betrays the Evasive https://www.varonis.com/blog/jitter-trap
Varonis
The Jitter-Trap: How Randomness Betrays the Evasive
Discover how Varonis researchers detect stealthy beacon traffic by analyzing jitter patterns, turning evasion tactics into powerful behavioral detection signals.
Sleepless Strings - Template Injection in Insomnia https://tantosec.com/blog/2025/06/insomnia-api-client-template-injection/
Tanto Security
Sleepless Strings - Template Injection in Insomnia
A Template Injection vulnerability in the latest version of Kong's Insomnia API Client leads to Remote Code Execution.
AntiDot Android Bot Malware Analysis https://catalyst.prodaft.com/public/report/antidot/overview#heading-1000
Unexpected security footguns in Go's parsers https://blog.trailofbits.com/2025/06/17/unexpected-security-footguns-in-gos-parsers/
The Trail of Bits Blog
Unexpected security footguns in Go's parsers
File parsers in Go contain unexpected behaviors that can lead to serious security vulnerabilities. This post examines how JSON, XML, and YAML parsers in Go handle edge cases in ways that have repeatedly resulted in high-impact security issues in production…
Series 2: Implementing the WPA in RAWPA - Part 2 https://kuwguap.github.io/posts/series-2-implementing-the-WPA-in-rawpa-part-2/
Rodney’s Intuition
Series 2: Implementing the WPA in RAWPA - Part 2
What’s up, everyone? I’m back with Part 2 on implementing the Web Penetration Assistant (WPA) logic in RAWPA. Last time, we talked about the initial steps, and now, I’ve got some major updates to share.
Navigating the "So What Now?" of CyberSecurity https://rawpa.vercel.app/
Novel SSRF Technique Involving HTTP Redirect Loops https://slcyber.io/assetnote-security-research-center/novel-ssrf-technique-involving-http-redirect-loops/
Searchlight Cyber
Novel SSRF Technique Involving HTTP Redirect Loops › Searchlight Cyber
It's difficult to show impact for Server-Side Request Forgery (SSRF) vulnerabilities when you cannot see the full HTTP response. Our research team details a novel technique that allowed for us to leak the full HTTP response, even though the SSRF seemed like…
MCP Authorization in 5 easy OAuth specs https://workos.com/blog/mcp-authorization-in-5-easy-oauth-specs
Workos
MCP Authorization in 5 easy OAuth specs — WorkOS
Behind every secure MCP integration is a stack of OAuth standards working in harmony. Learn how they combine to deliver seamless authorization for LLMs.
Deleting a file in Wire doesn’t remove it from servers — and other findings https://offsec.almond.consulting/deleting-file-wire-doesnt-remove-it.html
Cryptominers’ Anatomy: Shutting Down Mining Botnets https://www.akamai.com/blog/security-research/cryptominers-anatomy-shutting-down-mining-botnets
Akamai
Cryptominers’ Anatomy: Shutting Down Mining Botnets | Akamai
In the final installment of Cryptominers’ Anatomy, Akamai researchers analyze cryptominers and reveal a novel technique to shut down mining botnet campaigns.
Remote code execution in CentOS Web Panel - CVE-2025-48703 https://fenrisk.com/rce-centos-webpanel
Fenrisk
Remote code execution in CentOS Web Panel - CVE-2025-48703
Security experts
When Your Login Page Becomes the Frontline: Lessons from a Real-World DDoS Attack https://www.cloud-iam.com/post/our-resilience-against-cyber-attacks
Cloud-Iam
Our resilience against cyber attacks
As an IAM SaaS company, our work often remains in the shadows—until something goes wrong. Today, I want to shed light on how we handle security at the very first layer all IAM systems have: the login page. Specifically, I’ll walk you through an incident we…
Windows Inter Process Communication A Deep Dive Beyond the Surface - Part 1 https://sud0ru.ghost.io/windows-inter-process-communication-a-deep-dive-beyond-the-surface-part-1/
Sud0Ru
Windows Inter Process Communication A Deep Dive Beyond the Surface - Part 1
Windows Inter-Process Communication (IPC) is one of the most complex technologies in the Windows operating system. It consists of multiple layers that can work together or operate independently, depending on the usage context.
For example, you can use RPC…
For example, you can use RPC…
Analyzing the Windows 11 24H2 kernel shadow stack mitigation https://github.com/synacktiv/windows_kernel_shadow_stack
GitHub
GitHub - synacktiv/windows_kernel_shadow_stack: Proof of concepts demonstrating some aspects of the Windows kernel shadow stack…
Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation. - synacktiv/windows_kernel_shadow_stack
Windows Inter Process Communication A Deep Dive Beyond the Surface - Part 2 https://sud0ru.ghost.io/windows-inter-process-communication-a-deep-dive-beyond-the-surface-part-2/
Sud0Ru
Windows Inter Process Communication A Deep Dive Beyond the Surface - Part 2
Let’s continue our journey into the world of IPC. As I mentioned in part one, we’re starting with RPC (Remote Procedure Call). I also said in my strategy that I’d begin with a high-level network overview of the technology to understand how the interface is…