The Security blog

Vulnerability Cybersecurity Hack Advisories CVE Security research

CVE-2025-54309: From Authentication Bypass to Remote Command Execution in CrushFTP

Introduction Following the recent release of a proof-of-concept (PoC) by watchTowr Labs, derived from honeypot observations, we have elected to disclose our own independent research into this ...

Keith Lee 12min
LEARN MORE
Cybersecurity Vulnerability Android Apache Cordova Mobile Security Testing Penetration Testing WUP iOS Advisories Mobile applications Xamarin advisory mobile app CVE HTML Hack Security research
SUBSCRIBE
Cybersecurity Advisories

Securing JFrog Artifactory: Addressing INFO-Level Vulnerabilities

INFO-Level Findings from Vulnerability Scanners Can Still Pose Real Risks Introduction JFrog Artifactory is a universal artifact repository manager that stores and manages binary artifacts used in ...

Keith Lee 9min
LEARN MORE
Penetration Testing Vulnerability Cybersecurity advisory

Why Pentesting Still Matters: Exploiting CVE-2024-36991 in Splunk Enterprise

During one of our recent penetration tests, we discovered a critical vulnerability in Splunk Enterprise that automated security scanners like Nessus missed. This article underscores why manual ...

Keith Lee 10min
LEARN MORE
Subscribe

Join our community, subscribe to our blog

SUBSCRIBE

Advanced Offensive Operations

Recent cybersecurity breaches demonstrate that solely relying on Penetration Testing when evaluating an organisation's cybersecurity posture is a thing of the past. OrionX offers the most comprehensive security services to stop adversaries disrupting your business. 

DOWNLOAD BROCHURE

Join our Community

Subscribe to our blog and discover more about offensive tactics, techniques and procedures.