Published inDoublePulsarCitrixBleed 2 situation update — everybody already got ownedCitrix acknowledge exploitation finally.4d agoA response icon14d agoA response icon1
Published inDoublePulsarCitrixBleed 2 exploitation started mid-June — how to spot itCitrixBleed 2 — CVE-2025–5777 — has been under active exploitation to hijack Netscaler sessions, bypassing MFA, globally for a month.Jul 8Jul 8
Published inDoublePulsarCitrixBleed 2: Electric Boogaloo — CVE-2025–5777Remember CitrixBleed, the vulnerability where a simple HTTP request would dump memory, revealing session tokens? It’s back.Jun 24A response icon4Jun 24A response icon4
Published inDoublePulsarBig Game Ransomware: the myths experts tell board membersA look inside the myths board members are told about ransomware.May 4A response icon4May 4A response icon4
Published inDoublePulsarDragonForce Ransomware Cartel attacks on UK high street retailers: walking in the front doorThe individuals operating under the DragonForce banner and attacking UK high street retailers are using social engineering for entry.May 2A response icon3May 2A response icon3
Published inDoublePulsarMicrosoft’s patch for CVE-2025–21204 symlink vulnerability introduces another symlink vulnerabilityHow non-admins can now stop security updates in Windows.Apr 22A response icon3Apr 22A response icon3
Published inDoublePulsarMicrosoft Recall on Copilot+ PC: testing the security and privacy implicationsA look at the risks and tradeoffs with Microsoft Recall.Apr 21A response icon6Apr 21A response icon6
Published inDoublePulsarOracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS serviceBeing a provider of cloud SaaS (Software-as-a-service) solutions requires certain cybersecurity responsibilities — including being…Mar 31A response icon6Mar 31A response icon6
Published inDoublePulsarNo, there isn’t a world ending Apache Camel vulnerabilityPosts have been circulating publicly on the internet for several days about a “critical”, end of the world “zero day” in Apache Camel…Mar 9A response icon2Mar 9A response icon2
Published inDoublePulsarUse one Virtual Machine to own them all — active exploitation of ESXicapeA chain of three zero days allow threat actors to escape a Virtual Machine.Mar 5A response icon2Mar 5A response icon2
