#Incident Response
Joomla JCE exploitation forces defenders beyond simple patching
Joomla JCE exploitation forces defenders beyond simple patching On Friday, June 19, 2026, defenders running Joomla sites with the JCE editor are at a deadline,...
Lucas Oliveira
Research
PAN-OS GlobalProtect auth bypass is now an incident response problem
PAN-OS GlobalProtect auth bypass is now an incident response problem Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, an authentication by...
Lucas Oliveira
Research
Oracle PeopleSoft alert follows breach claims at 100+ organizations
Oracle PeopleSoft alert follows breach claims at 100+ organizations Claims of mass compromise across Oracle PeopleSoft environments were already serious on June...
Lucas Oliveira
Research
GitHub breach forces GHES signing-key rotation
GitHub breach forces GHES signing-key rotation | 2026 GitHub's May 2026 incident is a useful reminder that developer tooling is now part of the production trust...
Lucas Oliveira
Research
GitHub GHES Signing Key Rotation Puts Admins on the Clock
GitHub GHES Signing Key Rotation Puts Admins on the Clock Executive Summary GitHub warned on May 26, 2026 that administrators running GitHub Enterprise Server (...
Lucas Oliveira
Research
Dirty Frag Linux kernel zero-day gives local users a fast path to root
Dirty Frag Linux kernel zero-day gives local users a fast path to root Dirty Frag is the kind of Linux bug defenders worry about because it turns a limited foot...
Lucas Oliveira
Research
Dirty Frag Linux kernel zero-day gives local users a fast path to root
Dirty Frag Linux kernel zero-day gives local users a fast path to root Dirty Frag deserves attention because it is not a theoretical Linux bug waiting for slow...
Lucas Oliveira
Research
CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path
CVE-2026-0300 puts exposed PAN-OS User-ID portals on a zero-day attack path A critical point in the new PAN-OS warning is that defenders are not looking at a ro...
Lucas Oliveira
Research
DAEMON Tools supply-chain attack turns trusted installers into a malware delivery path
DAEMON Tools supply-chain attack turns trusted installers into a malware delivery path The most important part of the DAEMON Tools incident is not that malware...
Lucas Oliveira
Research
BlackCat case shows ransomware risk inside trusted cyber roles
BlackCat case shows ransomware risk inside trusted cyber roles A new U.S. criminal case tied to BlackCat (ALPHV) is a sharp reminder that ransomware risk is not...
Lucas Oliveira
Research
Firestarter leaves patched Cisco firewalls at continued risk
Firestarter leaves patched Cisco firewalls at continued risk A newly detailed persistence mechanism called Firestarter changes the defender story around last ye...
Lucas Oliveira
Research
Axios npm compromise pushed a cross-platform RAT through a fake dependency
Axios npm compromise pushed a cross-platform RAT through a fake dependency A compromise of the widely used axios package on npm shows why defenders cannot rely...
Lucas Oliveira
Research