Research

Security research, vulnerability analysis, and threat intelligence from our team.

December 3, 2025 • r00t

Critical Vulnerabilities in React and Next.js

Critical RCE in React Server Components (CVE-2025-55182): What to Patch, How to Verify, and How to Reduce Risk Today.

July 29, 2025 • r00t

CitrixBleed 2: Honeypot Analysis

CVE-2025-5777: A critical vulnerability affecting Citrix NetScaler ADC and Gateway appliances with CVSS score of 9.3.

January 7, 2023 • r00t

Honey Games

Honeypot monitoring initiative deploying HoneyDB agents across 18 countries to track unauthorized access attempts.

April 13, 2022 • r00t

Patch Tuesday: Remote Code Execution Buffet

Microsoft released 128 new patches with critical RCE vulnerabilities affecting RPC, SMB, NFS, LDAP, and Hyper-V.

March 2, 2022 • r00t

Conti Leaks: Tools and Techniques

Following Russia's invasion of Ukraine, a Conti ransomware group member leaked internal data including tools, training documents, and chat histories.

June 27, 2017 • r00t

Yet Another Global Ransomware Attack

On June 27, 2017, a ransomware variant called Petya began spreading globally. Kaspersky determined it was designed as a wiper pretending to be ransomware.

May 26, 2017 • r00t

Critical Samba Vulnerability

CVE-2017-7494: A critical remote code execution flaw in Samba affecting all versions from 3.5.0 onward.

May 12, 2017 • r00t

WannaCry Ransomware Utilizing NSA Exploits

The WannaCry ransomware outbreak spread globally exploiting the EternalBlue vulnerability, a remote code execution flaw in SMB v1 protocol released by the Shadow Brokers.

April 23, 2017 • r00t

DoublePulsar Global Implants: On the rise?

Research documenting the rising prevalence of DoublePulsar, a backdoor implant that emerged following The Shadow Brokers' leak of NSA Equation Group tools.