Skip to content

Category: Labs

Mar 18, 2026

When Support Becomes the Backdoor: Bypassing MFA on a Major Security Vendor’s Portal
Mar 11, 2026

The Tensor in the Haystack: Weightsquatting as a Supply-Chain Risk
Feb 25, 2026

GLPI Agent: The “No-CVE” That Still Bought Us Domain Compromise Two Years Later
Feb 18, 2026

Supply Chain Necromancy: Reborn Namespaces in JitPack Coordinates
Feb 11, 2026

Bypassing the FortiGate Symlink Patch: The Double Slash Technique (CVE-2025-68686)
Feb 4, 2026

The €10 Mirror: Why Enterprise Security Looks Like a Kid’s Toy
Jan 9, 2026

CVE-2024-30376 Unpatched: Advanced IP Scanner still ships a Qt LPE in the same build that leaks NTLM
Jan 7, 2026

CVE-2025-1868 Unpatched: Advanced IP Scanner still silently exposing NTLM during scans 9 months later
Dec 17, 2025

CMS Media Timeleaks in Jetpack, WordPress and beyond: A Risky OpSec Issue
Dec 9, 2025

How We “Stole” a Non-Public CVE: Draft Artifacts as an Attack Surface

1 2 3

penny for your thoughts

LABS@ITRESIT.es

IMPROVE Your CYBERSECURITY MINDSET

Don’t miss out. Subscribe now to receive two updates per month. No FUD. No spam. Guaranteed.

Thank you for your response. ✨

Name(required)

Email(required)

You’re giving us permission to email you. You may unsubscribe at any time.

Δ

BACK TO MAIN PAGE

DISCLOSURE POLICY

PUBLISHED VULNERABILITIES

FOLLOW AT ITRES