Full Width [alt+shift+f] Shortcuts [alt+shift+k]
Sign Up [alt+shift+s] Log In [alt+shift+l]
21
Surprise surprise, we've done it again. We've demonstrated an ability to compromise significantly sensitive networks, including governments, militaries, space agencies, cyber security companies, supply chains, software development systems and environments, and more. “Ugh, won’t they just stick to creating poor-quality memes?” we
a month ago

Improve your reading experience

Logged in users get linked directly to articles resulting in a better reading experience. Please login for free, it takes less than 1 minute.

More from watchTowr Labs

The Best Security Is When We All Agree To Keep Everything Secret (Except The Secrets) - NAKIVO Backup & Replication (CVE-2024-48248)

As an industry, we believe that we’ve come to a common consensus after 25 years of circular debates - disclosure is terrible, information is actually dangerous, it’s best that it’s not shared, and the only way to really to ensure that no one ever

2 weeks ago 12 votes
Get FortiRekt, I am the Super_Admin Now - FortiOS Authentication Bypass CVE-2024-55591

Welcome to Monday, and what an excitingly fresh start to the week we're all having. Grab your coffee, grab your vodka - we're diving into a currently exploited-in-the-wild critical Authentication Bypass affecting foRtinet's (we are returning the misspelling gesture 🥰) flagship SSLVPN appliance, the

a month ago 21 votes
Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282)

As we saw in our previous blogpost, we fully analyzed Ivanti’s most recent unauthenticated Remote Code Execution vulnerability in their Connect Secure (VPN) appliance. Specifically, we analyzed CVE-2025-0282. Today, we’re going to walk through exploitation. Once again, however, stopping short of providing the world with a

2 months ago 34 votes
Do Secure-By-Design Pledges Come With Stickers? - Ivanti Connect Secure RCE (CVE-2025-0282)

Did you have a good break? Have you had a chance to breathe? Wake up. It’s 2025, and the chaos continues. Haha, see what we did? We wrote the exact same thing in 2024 because 2024 was exactly the same. As an industry, we are on GroundHog day

2 months ago 36 votes

More in technology

Going down the rabbit hole of Git's new bundle-uri

Git's new bundle-uri could help significantly speed up clones, but what bugs lurk within?

23 hours ago 4 votes
Unbundling and Abundance

on the (high) dimensionality of 21st century ideology

10 hours ago 2 votes
This challenge escalated quickly!

Check it out on YouTube and Podcasts! Matt and Chris have all the new Apple hardware, and Niléane takes the challenge to the next level. Weekly Topics iPhone 16e iPad Air (M3) MacBook Air (M4) Other Things Discussed Niléane’s brilliant Touch ID setup TP-Link

17 hours ago 2 votes
Odds and Ends #62: Right-wing populism is over... maybe... possibly... hopefully

Plus over-diagnosis, governance theatre, and... crisps.

an hour ago 1 votes
Handheld consoles, assemble!

Jez Corden writing for Windows Central: EXCLUSIVE: Xbox's New Hardware Plans Begin With a Gaming Handheld Set for Later This Year, With Full Next-Gen Consoles Targeting 2027 Microsoft is working with a PC gaming OEM (think ASUS, Lenovo, MSI, Razer, etc.) on an Xbox-branded gaming handheld, surprisingly slated

2 days ago 3 votes