Michael Haag
Beyond the Patch: SharePoint Exploits and the Hidden Threat of IIS Module Persistence
The cybersecurity landscape witnessed a perfect storm in July 2025 when multiple critical SharePoint vulnerabilities collided with sophisticated IIS module-based persistence techniques, creating a nightmare scenario for enterprise defenders.
CitrixBleed 2: When Memory Leaks Become Session Hijacks
Discover how to detect, mitigate, and respond to CitrixBleed 2 (CVE-2025-5777), a critical Citrix NetScaler ADC and Gateway vulnerability exploited in the wild.
Beyond The Click: Unveiling Fake CAPTCHA Campaigns
Learn how clipboard hijacking delivers malware and explore tools like ClickGrab & PasteEater for robust defense strategies.
Hey SDDL SDDL: Breaking Down Windows Security One ACE at a Time
Explore SDDL in Windows security with our comprehensive guide to help enhance your defensive strategy against privilege escalation attacks.
Bypassing the Bypass: Detecting Okta Classic Application Sign-On Policy Evasion
The Splunk Threat Research Team dives into the Okta policy bypass vulnerability, offering detection insights and effective hunting strategies for security teams.
CosmicSting: A Critical XXE Vulnerability in Adobe Commerce and Magento (CVE-2024-34102)
The Splunk Research Team dissects the technical intricacies of the CosmicSting vulnerability, explores its potential impact on affected systems, and provides detection opportunities and mitigation strategies.
