/var/log/research

Research

All published pentest, vulnerability research, and web security notes.

Web Security Jun 13, 2026 10 min read

GitHub Issue to Supply Chain Compromise: How Prompt Injection Turned AI Agents into the New CI/CD Kill Chain

When a single GitHub issue can poison an AI agent, steal pipeline credentials, and publish malicious packages to production registries — all without a single binary payload.

#prompt-injection #supply-chain #ci-cd #ai-agents #github-actions #llm-security #vulnerability-research

Web Security Jun 11, 2026 5 min read

Weaponizing Secure Email Gateways: When the Sandbox Clicks for the Attacker

When the SEG's sandbox click triggers real actions, the defender becomes the attacker's proxy.

#business-logic #email-security #seg #ssrf-adjacent #authentication-bypass #owasp

Vulnerability Research Jun 10, 2026 6 min read

From Zero to Root: Automating the Logsign Pre-Auth RCE Chain in Metasploit

Chaining CVE-2024-5716 and CVE-2024-5717 into a Metasploit module for root RCE on Logsign.

#metasploit #rce #exploit-dev #cve-2024-5716 #cve-2024-5717 #logsign #command-injection

Threat Intelligence Jun 9, 2026 6 min read

The Convergence: How Supply Chain Attacks Became Ransomware's Favorite Delivery Vehicle

How modern ransomware weaponizes supply chain trust, and where to break the kill chain.

#supply-chain #ransomware #ci-cd #lateral-movement #edr-evasion #methodology

Threat Intelligence Jun 8, 2026 9 min read

Inside the Machine: A Technical Anatomy of the 2025 Ransomware Ecosystem

Affiliate infrastructure, negotiation backends, and the TTPs that define modern RaaS operations.

#ransomware #raas #threat-intel #lateral-movement #edr-evasion #incident-response

Threat Intelligence Jun 7, 2026 9 min read

Mapping the Adversary: A Technical Profile of the 2025 APT Landscape

Operational TTPs, infrastructure patterns, and detection strategies for the APT groups shaping 2025.

#apt #threat-intel #nation-state #lateral-movement #zero-day #attribution

Threat Intelligence Jun 6, 2026 10 min read

The Evolution of Modern Ransomware: How They Became This Powerful

From script-kiddie lockers to billion-dollar enterprises — the technical leaps that made ransomware unstoppable.

#ransomware #edr-evasion #encryption #lateral-movement #threat-intel

Web Security Aug 4, 2025 5 min read

The Treasure of Finding Vulnerabilities: A Researcher's Guide to Secure Code Review

A risk-based methodology for finding the vulnerabilities that scanners and pentests miss.

#code-review #sast #sdlc #methodology #owasp #shift-left

Vulnerability Research Sep 9, 2024 7 min read

Anatomy of a Supply Chain Kill Chain: The xz Utils Backdoor (CVE-2024-3094)

How build-system manipulation and IFUNC hijacking turned a compression library into an SSH implant.

#supply-chain #backdoor #cve-2024-3094 #linux #openssh #build-security

Threat Intelligence Jun 22, 2024 5 min read

The Human Firewall: Why Decision Hygiene Is Your Best Security ROI

Why security awareness must evolve from compliance theater to decision hygiene.

#security-awareness #phishing #oauth #social-engineering #methodology

Pentest Jun 21, 2024 5 min read

Mapping the Digital Metropolis: A Practitioner's Guide to Attack Surface Management

Mapping the digital, human, supply chain, and physical attack surfaces with risk-based prioritization.

#attack-surface #asset-discovery #shadow-it #recon #methodology #owasp