XSS based on DNS CNAME Type Record

Use MSSQL CLR Assembly To Bypass EDR blog.pyn3rd.com/2024/11/22/How…

Activiti is a lightweight workflow and Business Process Management (BPM) platform that supports Expression Language expressions within its flows. In this example, I demonstrate how to exploit this feature to trigger RCE in a SpringBoot environment.

#CVE-2024-49194 Databricks JDBC Driver via JAAS, Make JDBC Attack Great Again!! I’ve included the link to my write-up below. Enjoy!! blog.pyn3rd.com/2024/12/13/Dat…

I truly appreciate James Kettle's kind help in adding both my blog and slides to Web Hacking Techniques 2024.Thank you so much!

Last year, I committed to uncovering critical vulnerabilities in Maven repositories. Now it’s time to share the findings: RCE in Sonatype Nexus, Cache Poisoning in JFrog Artifactory, and more! Read it all below 🧵

It was a genuine pleasure meeting shubs in Sydney and receiving your insightful advice and valuable information. Thank you! Hope to see you again soon!

We (+sagitz Ronen Shustin Hillai Ben-Sasson) found a series of unauthenticated RCEs in core @KubernetesIO project "Ingress-NGINX". The impact? From zero permissions ➡️ to complete cluster takeover 🤯 This is the story of #IngressNightmare 🧵⬇️

Old but GOld! That's a good one!

#Bugcrowd Team's handling of my recent report has been absurd. I reported a bug 6 days ago, but they didn’t attempt to reproduce it right away. Today, after it was already fixed, they reproduced it and claimed the bug is no longer applicable, considering it theoretical.bugcrowd

🚨 New research: A cryptomining campaign is hijacking exposed PostgreSQL, hiding payloads in fake 404 pages, and abusing legit infra. Multiplatform, stealthy, and still active 👉 wiz.io/blog/soco404-m…

Over coffee, found a vulnerability.

I just published From XSS to RCE: Critical Vulnerability Chain in Anthropic MCP Inspector(CVE-2025–58444) medium.com/p/from-xss-to-…

Does anyone happen to know someone on the Cloudflare Security team? I’ll be in the US next month and would like to arrange a visit if feasible.

The JDBC attack surface goes far beyond this. I still have some unpublished research, and if there’s an opportunity, we could definitely collaborate. 8,5000 dollars is certainly a substantial reward. It’s absolutely insane!!! Congrats!

I’m glad that my research can inspire others — it makes my work feel meaningful and worthwhile.

I’ll be vacationing in the U.S. during the Christmas holidays, and if I have time, I’d love to meet up and chat with everyone in person.