SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
Integrating Security and ITSM: SecPod x ServiceNow
In today’s hybrid, hyper-connected IT landscape, the speed at which vulnerabilities are discovered and exploited has never been faster. Security teams are flooded with new threats, while IT teams are tasked with maintaining uptime, delivering services, and ensuring compliance.
CVE Research
ClamAV 1.4.3 and 1.0.9 Released: Addressing Critical RCE Vulnerability
The ClamAV team has released versions 1.4.3 and 1.0.9, critical security patches that address CVE-2025-20260 vulnerabilities that could compromise system security. These releases address a severe buffer overflow vulnerability and other significant issues. Let’s explore the details of these updates a...
CVE Research
Critical Flaws in NetScaler ADC & Gateway: CVE-2025-5349 and CVE-2025-5777
Two critical vulnerabilities have been identified in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway), posing significant risks to enterprise networks. Let’s dive into the details of CVE-2025-5349 and CVE-2025-5777 and the necessary steps for remediation.
CVE Research
Surface Protection Fails in the Cloud: Why Deep Workload Defense Is Now Mandatory
Many cloud security tools still focus on scanning images, enforcing perimeter controls, or detecting simple misconfigurations. Attackers bypass these defenses by exploiting deep workload issues — stale dependencies, excessive permissions, or unpatched runtime services. IBM’s XForce Threat Intelligen...
CVE Research
Shadow IT in the Cloud: Risks and Mitigation Strategies
Cloud services have accelerated innovation by letting teams spin up new tools instantly. Yet when users bypass IT governance and adopt unsanctioned services, they introduce shadow IT. That hidden usage widens the gap between a “threat vs. vulnerability” approach. A threat is an actor or event that c...
CVE Research
CISA Issues Warning on Active Exploitation of TP-Link Vulnerability CVE-2023-33538
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added CVE-2023-33538, a high-severity vulnerability affecting certain TP-Link wireless routers, to its Known Exploited Vulnerabilities (KEV) catalog. This critical flaw is under active exploitation, prompting immediate action f...
CVE Research
Lessons from Recent Cloud Breaches (2023–2024)
Cloud environments today face an ever-shifting risk landscape. In 2023–2024, attackers exploited software flaws, stolen credentials, and misconfigurations to infiltrate high-value targets. These breaches throw light on the fact that defensive measures must go beyond detection. They serve as lessons ...
CVE Research
Managing Multicloud Security with Strategies That Actually Work
Over 79 percent of cloud buyers reported using multicloud providers in the third quarter of 2024. As cloud adoption scales, organizations are spreading infrastructure across AWS, Azure, GCP, and others to meet uptime, performance, and vendor diversification goals. But what begins as a strategic adva...