Vulnerability Research
Shared-Memory ACL Writable by Authenticated Users: Discovering CVE-2026-7431 in the Ivanti Secure Access Client for Windows
Significance VPN clients run with deep system access, hold persistent credential material, and are deployed across entire enterprise fleets. They sit …
There Are No Hidden Zero-Days
Every other month, a critical infrastructure breach makes the news. An enterprise edge product receives another CISA emergency directive. A boundary …
eval() in a Root Process: Discovering CVE-2026-4837 in the Rapid7 Insight Agent for Linux
Significance Endpoint security agents are some of the most trusted software on any machine. They run at the highest privilege level, hold open …
What Happens When You Point Offline AI at Critical Infrastructure Software
Proactive vulnerability discovery for the software that critical infrastructure depends on. Why This Matters Now In December 2024, Salt Typhoon …