Stop Calling Them Password Managers: The Truth About Chromium’s In-Memory Flaw

by | May 7, 2026 | BLOG | 0 Comments

We need to talk about the built-in "password managers" in Chromium-based browsers like Google Chrome, Brave, and Microsoft Edge. They are incredibly convenient, syncing effortlessly across your...
Read More

RCE Via Arbitrary File Upload at Open eClass

by | January 16, 2026 | BLOG | 0 Comments

Introduction The Open eClass platform (http://www.openeclass.org) is an integrated Learning Management System (LMS). It follows the philosophy of open source software and supports a multitude of...
Read More

BoFs Are Not Dead

by | January 14, 2026 | BLOG | 0 Comments

Abstract Buffer overflow vulnerabilities remain highly relevant in embedded systems, where the absence of operating system abstractions and modern memory protection mechanisms creates conditions...
Read More

Is user training a good thing?

by | December 9, 2025 | BLOG | 0 Comments

In the past years, there has been a major focus on end-user training as it is considered (and rightly so) the weakest link in the cybersecurity chain. I keep hearing more and more experts (and...
Read More

The three vectors of a pentest engagement.

by | November 14, 2025 | BLOG | 0 Comments

There are 3 vectors that define a penetration test engagement. I. Knowledge of the attacker Blackbox The attacker has no previous knowledge of the scope, its technology stack nor the security...
Read More