The December 2025 Security Update Review

December 09, 2025 | Dustin Childs CONTINUE READING

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

Blog post

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

October 05, 2023
Sony, Automotive, Infotainment, Research

Finding Deserialization Bugs in the SolarWinds Platform

Blog post

Finding Deserialization Bugs in the SolarWinds Platform

September 21, 2023
SolarWinds, Deserialization, Research

The September 2023 Security Update Review

Blog post

The September 2023 Security Update Review

September 12, 2023
Apple, Cisco, Adobe, Microsoft, Security Patch

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

Blog post

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

August 23, 2023
XWiki, Research, Exploit

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability

Blog post

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability

July 20, 2023
Progress, MOVEit, Research

The SOHO Smashup Returns for Pwn2Own Toronto 2023

Blog post

The SOHO Smashup Returns for Pwn2Own Toronto 2023

July 13, 2023
Pwn2Own, Synology, Apple, Google, Router

The July 2023 Security Update Review

Blog post

The July 2023 Security Update Review

July 11, 2023
Security Patch, Apple, Adobe, Microsoft

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs

Blog post

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs

June 29, 2023
VMware, Aria, Research

CVE-2022-31696: An Analysis of a VMware ESXi TCP Socket Keepalive Type Confusion LPE

Blog post

CVE-2022-31696: An Analysis of a VMware ESXi TCP Socket Keepalive Type Confusion LPE

June 22, 2023
VMware, ESXi, Research

CVE-2023-24941: Microsoft Network File System Remote Code Execution

Blog post

CVE-2023-24941: Microsoft Network File System Remote Code Execution

June 01, 2023
Microsoft, NFS, Research