Blogs

Beyond the Checklist: A Strategic Guide to Offensive Security

Most companies treat penetration testing as a "check-the-box" compliance task. But if you’re testing the wrong surface, you’re buying a false sense of security.

07-01-26

SecureIT - Top Vulnerabilities - December 2025

December 2025 had exploited issues across perimeter devices, email security appliances, Windows endpoints, browsers, developer platforms, and databases. Several flaws let attackers take over internet exposed systems or gain full control after a first foothold.

BlogRead more →

30-12-25

That Christmas 2025 MongoDB Vulnerability

What is MongoDB? • How bad is “MongoBleed” (CVE-2025-14847)? • Do I have MongoDB? • Is my MongoDB vulnerable?

BlogRead more →

12-12-25

Mobile Application Penetration Testing Explained

Most companies trust their mobile apps are secure but haven’t tested them. Here’s why that’s a costly mistake, and how a pentest reveals the truth.

BlogRead more →

08-12-25

React2Shell RCE in React Server Components

New critical vulnerabilities CVE-2025-55182 and CVE-2025-66478 published by the React maintainers, dubbed "React2Shell" enables unauthenticated, zero-click RCE in React Server Components and Next.js.

BlogRead more →

02-12-25

SecureIT - Top Vulnerabilities - November 2025

In November 2025 Cloudflare experienced a major outage that disrupted a large portion of the internet. A change in an internal system assigned incorrect permissions to a database, which caused a configuration file used by Cloudflare’s bot management to grow far beyond its expected size.

BlogRead more →

19-11-25

Cybercrime around the holidays, some sober thoughts and some advice

It is almost December, do you know where your credit card has been? Like all of you at this time of year, I am of course thinking about… scams. Oh wait, shopping, and then about scams. This week

BlogRead more →