Lucas Oliveira

CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path A critical point in the new PAN-OS warning is that defenders are not looking at a ro...

Lucas Oliveira

Research

DAEMON Tools supply-chain attack turns trusted installers into a malware delivery path The most important part of the DAEMON Tools incident is not that malware...

Lucas Oliveira

Research

Vishing and SSO abuse are accelerating rapid SaaS extortion The most dangerous part of modern SaaS intrusions is not always malware. Sometimes it is speed, trus...

Lucas Oliveira

Research

ConsentFix v3 turns Azure OAuth phishing into a scalable token theft risk ConsentFix v3 matters because it shifts Azure account compromise away from password th...

Lucas Oliveira

Research

BlackCat case shows ransomware risk inside trusted cyber roles A new U.S. criminal case tied to BlackCat (ALPHV) is a sharp reminder that ransomware risk is not...

Lucas Oliveira

Research

PyTorch Lightning supply-chain compromise puts AI developer credentials at risk The most dangerous supply-chain incidents are not always the ones that hit opera...

Lucas Oliveira

Research

CVE-2026-31431: Copy Fail turns routine Linux access into reliable root compromise Copy Fail is the kind of Linux flaw defenders should not shrug off just becau...

Lucas Oliveira

Research

CVE-2026-41940 turns exposed cPanel and WHM servers into control-plane takeover targets CVE-2026-41940 is a critical authentication bypass in cPanel and WHM, an...

Lucas Oliveira

Research

CVE-2026-42208 turns exposed LiteLLM gateways into a secrets exposure risk CVE-2026-42208 is a critical SQL injection flaw in LiteLLM's proxy API key verificati...

Lucas Oliveira

Research