Buffer Overflow for Netatalk, VMware vCenter Server OVA Upload, Apache Tomcat Java Deserialization RCE, and continued development of Sitecore exploits.
Mar 08 - Mar 14, 2025
Exploits for SiteCore, SolarView, and ThinVNC. New Scanners for Sophos UTM. A new go-exploit release and an IP-Intel update.
Mar 3 - Mar 7, 2025
Delivered exploits and coverage for NAKIVO Backup & Replication information disclosure, MITRE Caldera RCE, Wazuh authenticated RCE, and updated D-Tale exploits to support variants.
Feb 22 - Feb 28, 2025
New Initial Access Intelligence coverage developed for Xwiki, Cisco RV-Series, D-Tale, and BeyondTrust. New IP-Intel coverage for BeyondTrust Remote Support honeypots.
Feb 15 - Feb 21, 2025
Major security updates including PAN-OS auth bypass, SonicWall VPN auth bypass, and CyberPanel RCE exploits with comprehensive detection coverage.
Feb 08 - Feb 14, 2025
Integration of VulnCheck with OpenCTI platform completed. New exploits for Vinchin Backup, Chamilo file upload, and mySCADA PRO vulnerabilities.
Feb 01 - Feb 07, 2025
Key developments include exploits for RudderStack, NetAlertX, OpenTSDB and Netatalk vulnerabilities. Major updates to go-exploit framework.
Jan 25 - Jan 31, 2025
Delivered WSO2 account creation exploit, Reposilite directory traversal, and Nexus Repository RCE exploits. Enhanced API capabilities.
Jan 18 - Jan 24, 2025
Focused on SimpleHelp path traversal, PAN Expedition Spark RCE, and FortiOS auth bypass exploits. Updated exploit catalog metadata.
Jan 11 - Jan 17, 2025
Focused on Ivanti Connect IF-T buffer overflow, ShowDoc RCE, VoIP Monitor SQLi, and mySCADA PRO info leak exploits. Artica Proxy auth bypass covered.
Dec 21 - Dec 27, 2024
Major security updates for Apache Tomcat TOCTOU, SoftEther VPN, Jorani leave management system, and CHAOS RAT exploits.
Dec 14 - Dec 20, 2024
Added tracking for new C2 infrastructure, delivered exploits for Four-Faith routers, Acronis products, and Apache Solr vulnerabilities.
Dec 7 - Dec 13, 2024
Rapid response for Cleo products, delivered OwnCloud Ghostscript RCE chain, and Cobbler XML-RPC auth bypass. PAN Expedition SQLi covered.
Nov 30 - Dec 6, 2024
Delivered exploits for Mitel MiCollab file disclosure, OwnCloud Ghostscript RCE, WordPress plugin auth bypass. New syscall reflector tool developed.
Nov 23 - Nov 29, 2024
Delivered ProjectSend CVE-2024-11680 exploit chain, Alibaba Nacos RCE, and Draytek Vigor vulnerabilities. New fortigate exploit in development.
Nov 18 - Nov 22, 2024
Developed exploits for Citrix Session Recording, PAN-OS auth bypass chain, and D-Link ShareCenter DNS injection. Major API and tracking updates.
Nov 9 - Nov 17, 2024
Status update on Fortinet FortiManager auth bypass, delivered detections for Netgear WAX206. Added RedGuard C2 tracking capabilities.
Nov 2 - Nov 8, 2024
Released exploits for Acronis products, Apache Solr auth bypass, and pgAdmin OAuth2 info disclosure. Enhanced API query capabilities.
Oct 26 - Nov 1, 2024
Major updates for Spring WebFlux, CyberPanel RCE, Delta Electronics InfraSuite, and FortiOS vulnerabilities. Integration with OpenCTI platform.
Oct 19 - Oct 25, 2024
Major updates focused on exploits for Palo Alto Expedition chain, LiteSpeed Cache WordPress vulnerabilities, and network detection enhancements.
Oct 12 - Oct 18, 2024
Added ZoomEye/FOFA queries, delivered exploits for ABB ASPECT, Laravel credential leak, and Magento exploit chain.
Oct 5 - Oct 11, 2024
Developed Four Faith router exploits, WhatsUp Gold webshell, and discovered Zyxel CPE zero-days. Updated PCAP naming conventions.
Sept 28 - Oct 4, 2024
Released exploits for AVideo RCE, XWiki RCE, Progress MOVEit Transfer bypass. Enhanced IP Intel with new C2 infrastructure tracking.
August 31 - September 6, 2024
Delivered Traccar exploit chain, analyzed D-Link vulnerabilities, and created GLIBC Tunables exploit. Updated IP Intel tracking.
August 24 - August 30, 2024
Released exploits for Acronis products, SolarWinds Web Help Desk, and Anyscale Ray vulnerabilities. Enhanced API query capabilities.