🤓 If you want to learn more about MCP attacks or vulnerabilities, check out this project called Damn Vulnerable MCP. It allows you to experiment on MCP server security through 10 challenges, from basic prompt injection to multi-vector attacks. github.com/harishsg993010…

ALERT—The FBI has recently observed the cybercriminal group Scattered Spider expanding its targeting to include the airline sector. These actors rely on social engineering techniques, often impersonating employees or contractors to deceive IT help desks into granting access.

I recently created a VNC honeypot. Many people asked me how I went about setting it up, so I've created a blog post describing the process. You can read about it at: ja.meswoolley.co.uk/vnc-honeypot/

Are we bleeding out? Enjoy our analysis of CitrixBleed 2, aka CVE-2025-5777 - the "new" Citrix NetScaler Memory Leak vulnerability. We've been using this mechanism to identify vulnerable systems, and hope it helps the teams that need it.. enjoy! labs.watchtowr.com/how-much-more-…

MITRE's CVE database has just surpassed 300,000 entries! 🥳

We’re thrilled to welcome Ryan Dewhurst (Ryan Dewhurst) to the @watchTowr team as Head of Threat Intelligence! 🚀 Ryan will lead the evolution of our Proactive Threat Intel capabilities - helping clients stay ahead of inevitable breaches and emerging threats.

Four UK arrests in Scattered Spider incidents. Suspects are 17 to 20 years old. therecord.media/uk-arrests-fou…

Happy Friday! We're ending the week by publishing our analysis of Fortinet's FortiWeb CVE-2025-25257.... labs.watchtowr.com/pre-auth-sql-i…

Here's my 6 hour conversation with DHH, a legendary programmer, creator of Ruby on Rails, author, and race car driver. This was a fun and inspiring conversation on everything from the future of programming & AI to the nature of happiness & productivity to the value of family,

On Sunday, Elmo’s X account was briefly hacked by an outside party, in spite of the security measures in place. We strongly condemn the abhorrent antisemitic and racist content, and the account has since been secured. These posts in no way reflect the values of Sesame Workshop

While having a quick look at Ivanti EPMM, I added a funny RCE 😅

🚨A SharePoint zero-day (CVE-2025-53770) is under active exploitation, with attackers stealing MachineKey secrets to forge __VIEWSTATE and maintain RCE. No patch exists. If you expose SharePoint to the Internet, assume breach. Reach out to via our website if you need support.

Update on CVE-2025-53770: Microsoft has released a security update for SharePoint Subscription Edition to mitigate active attacks targeting on-premises servers. SharePoint Online is not affected. Customers should apply the update immediately. We are actively working on updates

Stack overflows, heap overflows, and existential dread - it must be an SSLVPN. labs.watchtowr.com/stack-overflow…

2025 CVE Stats Update (July 31st, 2025) Total Number of CVEs: 27,447 Average CVEs Per Day: 129.47 Average CVSS Score: 6.62 YOY Growth: 17.32% or +4053 (23,394 CVEs in 2024)

we grew up in #phrack - so a huge thank you to our friends @ Phrack Staff for offering us the privilege to be on the back cover of Phrack 72. Did the scene die? Who knows ;-)

Should security solutions be secure? We're beginning to feel wrong. Enjoy some unscheduled programming - our analysis of CVE-2025-25256, a pre-auth Command Injection in Fortinet's FortiSIEM labs.watchtowr.com/should-securit…

Happy Friday! 😁

Focus for roles, with hands on capability spans: * Threat Intelligence/Engineering (no bed time stories) * Vuln. Research * Security Automation Engineering