5d ago · 6 min read · TL;DR Chinese-linked APT groups are actively exploiting 2-year-old VMware ESXi kernel escape vulnerabilities (CVE-2024-20835, CVE-2024-20837) to move from compromised VPN appliances directly into hypervisor control. Once on the hypervisor, they contr...
Join discussionJan 21 · 5 min read · The code leverages known vulnerabilities in the OverlayFS filesystem driver, likely CVE-2021-3493 or CVE-2023-0386, to gain root-level access. The exploit allows an unprivileged local user to execute arbitrary code with the highest privileges, leadin...
Join discussionJan 15 · 6 min read · Executive Summary On one of our AWS EC2 servers running a Next.js development environment, we discovered an active exploitation of the React2Shell vulnerability (CVE-2025-55182 / CVE-2025-66478). The attacker successfully installed cryptocurrency min...
Join discussion
Jan 14 · 7 min read · Intro AwesomeBot is an awesome AI Chatbot! It was vibe coded from scratch to have a ton of awesome features without much security in mind so various attacks and offensive methods can be demonstrated. This series of blog posts serves as a way to under...
Join discussion
Jan 14 · 8 min read · As an authorized junior developer I was assigned a pentesting task. Something new with not much expertise, however problem-solving from computer science field got my back. Spoiler: the vulnerability was already patched. I just didn't know it yet. Th...
Join discussion
Jan 8 · 12 min read · Defining React terminology React: React started as a client-side JavaScript library for building component-based user interfaces, managing a virtual DOM and pushing minimal updates to the browser. Over time it grew into a full ecosystem that spans t...
Join discussion
Dec 29, 2025 · 10 min read · After twenty-three days of exploits, investigations, and saving Wareville from disaster, Advent of Cyber reaches its final challenge. There are no flashy tools left. No browser. No Burp Suite. Just a terminal, raw HTTP, and the skills we’ve built thr...
Join discussion
Dec 28, 2025 · 5 min read · "In the digital world, it is wise to appear unpredictable… like a Windows update." - The Art of Cyber War In this week's Seclog, the security landscape is dominated by critical vulnerabilities affecting widely used technologies and the emergence of ...
Join discussion
Dec 17, 2025 · 7 min read · Understanding binary exploitation is one of the most important foundations in penetration testing. Classic buffer overflow vulnerabilities shaped the history of computing, and although modern systems now use stronger defenses like DEP and ASLR, these...
Join discussion
