Latest cybersecurity insights, threat analysis and expert perspectives
Technical summary of CVE-2025-59287 affecting WSUS unsafe deserialization of **encrypted cookieData** sent via SOAP/GetCookie allows remote code execution (RCE). The root cause and data flow, PoC requests, encrypted payload structure, and detection and monitoring indicators are covered.
Technical summary of CVE-2025-59287 affecting WSUS unsafe deserialization of **encrypted cookieData** sent via SOAP/GetCookie allows remote code execution (RCE). The root cause and data flow, PoC requests, encrypted payload structure, and detection and monitoring indicators are covered.
What IIS Web Deploy is and how it is deployed; the root cause of the unsafe deserialization chain using GZip + Base64 on the msdeploy.axd and msdeployagentservice path, data flow, PoC (Proof of Concept) request examples, monitoring methods, and permanent mitigation recommendations.
Detailed analysis of CVE-2024-12106 affecting WhatsUpGold, demonstrating pre-auth LDAP injection and credential theft.
Analyzing how SQL Server Smart Admin Agent works under the hood and how it can be abused for remote code execution.