Apr 20 · 13 min read · Executive Summary In early 2026, Varonis Threat Labs identified Storm — a new infostealer circulating on underground cybercrime networks for under $1,000 per month. Storm is not simply another commodi
Join discussion
Dec 21, 2025 · 5 min read · Introduction Computer networks work based on trust. Users inside a LAN trust each other to share information between them. One such important protocol is ARP (Address Resolution Protocol), which maintains a mapping of an IP address to the correspondi...
NNube commentedDec 20, 2025 · 4 min read · Introduction Session hijacking is one of the most practical and misunderstood web attacks. It does not rely on breaking passwords, exploiting cryptography, or abusing server-side vulnerabilities. Instead, it targets the trust relationship established...
Join discussionSep 3, 2025 · 3 min read · Security researchers have uncovered a high-severity vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway—CVE-2025-5777, nicknamed “CitrixBleed 2.” This flaw allows an unauthenticated attacker to craft a specially malformed HTTP POST req...
Join discussion
Jul 5, 2025 · 3 min read · Scenario You are currently participating in a bug bounty program. The only URL in scope is http://minilab.htb.net Attacking end-users through client-side attacks is in scope for this particular bug bounty program. Test account credentials: Email:...
Join discussion
Dec 19, 2024 · 7 min read · Introduction: A Digital Heist in Plain Sight Imagine shopping online, adding items to your cart, and preparing to check out—only to find items you didn’t add. This could mean you’re a victim of session hijacking, where hackers steal your active sessi...
Join discussion
Apr 1, 2024 · 4 min read · Cross-site scripting (XSS) is a menacing threat to web application security, allowing attackers to inject malicious scripts into websites, potentially leading to data theft, session hijacking, and unauthorized activities. This blog post delves into t...
Join discussion
Apr 12, 2023 · 4 min read · Web hacking is a common technique used by attackers to exploit vulnerabilities in web applications. In this article, we will explore some common types of web attacks, including cookie tampering, directory traversal, session hijacking, authentication ...
Join discussion
