SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
FortiSIEM Vulnerability CVE-2025-25256: Unauthenticated OS Command Injection Now Active
Fortinet has issued a critical security advisory regarding a high-severity vulnerability in its FortiSIEM platform, identified as CVE-2025-25256. This flaw, which has a CVSS score of 9.8, is a remote, unauthenticated command injection vulnerability that can allow attackers to execute unauthorized co...
CVE Research
Zero Trust Under Fire: Critical Flaws Expose Check Point, Zscaler, and Netskope Users
Security researchers have uncovered critical vulnerabilities in leading Zero Trust Network Access (ZTNA) solutions from major cybersecurity vendors, including Zscaler, Netskope, and Check Point. These findings, presented at DEF CON 33 in Las Vegas, highlight potential authentication bypasses, privil...
CVE Research
WinRAR CVE-2025-8088: RomCom’s Doorway to Remote Code Execution
A critical vulnerability in WinRAR, identified as CVE-2025-8088, was exploited as a zero-day in targeted phishing attacks to deploy RomCom backdoors. This flaw, a directory traversal vulnerability, allows attackers to craft malicious archives that place executable files in Windows Startup folders, e...
CVE Research
15000 Jenkins Servers Exposed to Unauthenticated RCE Attack
A recently identified command injection vulnerability, CVE-2025-53652, in the Jenkins Git Parameter plugin puts approximately 15,000 Jenkins servers at risk of remote code execution (RCE). This flaw could allow attackers to compromise unauthenticated Jenkins servers, potentially leading to significa...
CVE Research
Retbleed Reloaded: New Exploit Pierces CPU Memory Defenses
Security researchers have recently demonstrated a significantly improved exploit for the Retbleed CPU vulnerability, highlighting the ongoing risks posed by speculative execution flaws in modern processors. This exploit allows attackers to read arbitrary memory from affected systems, bypassing secur...
CVE Research
Dangerous Linux Kernel Exploit Targets Chrome Users for Full Control
Executive SummaryA critical vulnerability in the Linux kernel, identified as CVE-2025-38236, enables attackers to escalate privileges from the Chrome renderer sandbox to full kernel-level control on affected Linux systems. Immediate patching is essential, as successful exploitation grants attackers...
CVE Research
Ghost Calls: Stealthy C2 Attack Exploits Zoom, Teams, and Meet
A novel attack technique dubbed “Ghost Calls” has emerged, exploiting web conferencing platforms like Zoom, Microsoft Teams, and Google Meet to create covert command and control (C2) channels. This sophisticated method allows attackers to bypass traditional network security measures, making it a sig...
CVE Research
HTTP/1.1 Vulnerability: A Looming Threat to Millions of Websites
A fundamental vulnerability within the HTTP/1.1 protocol poses a significant threat to millions of websites, potentially allowing attackers to execute hostile takeovers through sophisticated request smuggling attacks. This flaw, rooted in the protocol’s design, creates ambiguity in request boundarie...