
Blog Series
Malware & Exploits
- No categories

Oops, Your AI-Generated Dockerfile Has...
Uh oh – you asked an LLM to generate your Dockerfile, and now you’re staring at an error about Node. Turns out the base image it gave you includes a...
Master Cloud Patch Management in...
Key Takeaways Achieve maximum uptime in dynamic Linux clouds through automated, prioritized patching. The cloud introduces unique challenges: rapid asset turnover, shared responsibility models, and the demands of speed and...
Behind Enemy Lines: What the...
In the cybersecurity industry, we’ve grown accustomed to meticulously analyzing attack patterns, reverse-engineering malware, and piecing together fragments of evidence to understand our adversaries. But rarely do we get to...
The 24 Hours We Nearly...
How a Contract Expiration Nearly Collapsed the Global Vulnerability Management Ecosystem It was a typical Tuesday at security operations centers around the world. Analysts were monitoring their SIEM dashboards, vulnerability...
Linux Kernel Vulnerabilities Added to...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added two Linux kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, signaling that these previously theoretical security risks are...
PHP 7 Vulnerable to Severe...
Executive Summary Our security research team has discovered that CVE-2022-31631, a critical SQL injection vulnerability with a CVSS 3 score of 9.1, affects PHP 7 installations (on Windows and...
CVE-2023-3824: PHP 7 Users Unknowingly...
Executive Summary CVE-2023-3824, a buffer overflow vulnerability in PHP’s PHAR extension, also impacts PHP 7 installations though official advisories only mention PHP 8+ versions. This vulnerability is particularly concerning...
Supply Chain Attacks: When Security...
The Hidden Vulnerability in Your Software Supply Chain There’s often an unspoken assumption: security breaches happen because someone made a mistake. Perhaps they failed to implement multi-factor authentication, neglected...
Beyond EOL: PHP 7 Vulnerability...
Executive Summary Our security research team has discovered that CVE-2023-0568, a buffer allocation vulnerability officially reported to affect only PHP 8+ versions, also impacts PHP 7 series installations (on...
Critical .NET Security Alert: CVE-2025-24070...
Executive Summary Our security research team has identified that the recently disclosed vulnerability CVE-2025-24070, an elevation of privilege vulnerability in ASP.NET Core, also affects .NET 6 applications despite not...
When CVSS Scores Don’t Tell...
Use the following links to track the status of patches for CVE-2024-50302 for KernelCare and Endless Lifecycle Support. All patches for all supported and affected distributions will be made available...