The Security blog

Penetration Testing Vulnerability Cybersecurity advisory CVE

From PaperCut RCE to Domain Admin: Exploiting CVE-2023-39143

Introduction Following our company motto, we’re sharing today a handy tool for penetration testers and security professionals that we hope will make your job easier. This tool helps demonstrate that ...

Keith Lee 21min

LEARN MORE

Vulnerability Cybersecurity Hack Advisories CVE Security research

CVE-2025-54309: From Authentication Bypass to Remote Command Execution in CrushFTP

Introduction Following the recent release of a proof-of-concept (PoC) by watchTowr Labs, derived from honeypot observations, we have elected to disclose our own independent research into this ...

Keith Lee 12min

LEARN MORE

Cybersecurity Advisories

Securing JFrog Artifactory: Addressing INFO-Level Vulnerabilities

INFO-Level Findings from Vulnerability Scanners Can Still Pose Real Risks Introduction JFrog Artifactory is a universal artifact repository manager that stores and manages binary artifacts used in ...

Keith Lee 9min

LEARN MORE

Penetration Testing Vulnerability Cybersecurity advisory

Why Pentesting Still Matters: Exploiting CVE-2024-36991 in Splunk Enterprise

During one of our recent penetration tests, we discovered a critical vulnerability in Splunk Enterprise that automated security scanners like Nessus missed. This article underscores why manual ...

Keith Lee 10min

LEARN MORE

Join our community, subscribe to our blog

Advanced Offensive Operations

Recent cybersecurity breaches demonstrate that solely relying on Penetration Testing when evaluating an organisation's cybersecurity posture is a thing of the past. OrionX offers the most comprehensive security services to stop adversaries disrupting your business.

DOWNLOAD BROCHURE

Advanced Offensive Operations

DOWNLOAD BROCHURE

Join our Community

Subscribe to our blog and discover more about offensive tactics, techniques and procedures.