We’re glad you asked…
Constant Cyber Attack: What People Keep Getting Wrong
There are a lot of terms floating around offensive security right now. COST. CTEM. Exposure validation. Some of it is useful. Most of it is new…
When “Just Logging In” Isn’t Just Logging In: A Lookat xrdp and CVE-2026-33145
A quiet finding with real-world impact. CVE-2026-33145 shows how xrdp’s AlternateShell feature, enabled by default, passes client-supplied input directly into a shell, turning an RDP login…
Mythos found a $20,000 bug. It won’t tell you who’s already inside.
Anthropic’s Mythos has dominated the security conversation this week. But the debate about whether it’s overhyped is the wrong argument. The real question is simpler and…