Lucas Oliveira
Research
A DevOps engineer and cybersecurity enthusiast with a passion for uncovering the latest in zero-day exploits, automation, and emerging tech. I write to share real-world insights from the trenches of IT and security, aiming to make complex topics more accessible and actionable. Whether I’m building tools, tracking threat actors, or experimenting with AI workflows, I’m always exploring new ways to stay one step ahead in today’s fast-moving digital landscape.
Expertise Areas
Articles by Lucas Oliveira
CVE-2026-48172 puts LiteSpeed cPanel deployments on a KEV deadline
CVE-2026-48172 puts LiteSpeed cPanel deployments on a KEV deadline CVE-2026-48172 has escalated from vendor emergency to federal patching priority. On May 26, 2...
Lucas Oliveira
Research
CVE-2026-9082 makes Drupal on PostgreSQL an urgent KEV patch priority
CVE-2026-9082 makes Drupal on PostgreSQL an urgent KEV patch priority CVE-2026-9082 is no longer just a critical Drupal patch note. It is now an actively target...
Lucas Oliveira
Research
Microsoft MDASH surfaces 16 Windows network flaws defenders should patch first
Microsoft MDASH surfaces 16 Windows network flaws defenders should patch first Microsoft's May 12, 2026 security disclosures included a point that deserves more...
Lucas Oliveira
Research
CVE-2024-12802 leaves SonicWall Gen6 VPNs exposed after incomplete patching
CVE-2024-12802 leaves SonicWall Gen6 VPNs exposed after incomplete patching CVE-2024-12802 is the kind of edge-device flaw that can fool defenders twice: once d...
Lucas Oliveira
Research
CVE-2026-45829: ChromaDB Pre-Auth RCE Risk in AI Stacks
CVE-2026-45829: ChromaDB Pre-Auth RCE Risk in AI Stacks | 2026 Executive Summary CVE-2026-45829 is a critical ChromaDB flaw that can let unauthenticated attacke...
Lucas Oliveira
Research
CVE-2026-41615: Microsoft Authenticator Token Theft Risk
CVE-2026-41615: Microsoft Authenticator Token Theft Risk | 2026 Executive Summary CVE-2026-41615 is a critical Microsoft Authenticator flaw that can expose ente...
Lucas Oliveira
Research
GitHub Action tag hijack turns CI/CD runs into credential theft
GitHub Action tag hijack turns CI/CD runs into credential theft A fresh GitHub Actions supply chain incident is a good reminder that "pinned" does not mean safe...
Lucas Oliveira
Research
CVE-2026-42945 makes NGINX rewrite chains a live patch priority
CVE-2026-42945 makes NGINX rewrite chains a live patch priority CVE-2026-42945 has moved from fresh disclosure to active exploitation in days, which is exactly...
Lucas Oliveira
Research
Kazuar’s redesign turns a familiar backdoor into a harder-to-hunt botnet
Kazuar’s redesign turns a familiar backdoor into a harder-to-hunt botnet Microsoft’s latest research on Kazuar matters because it reframes the malware from a we...
Lucas Oliveira
Research
Get the latest cybersecurity insights in your inbox.