Discover how asset selection in VESTA enables Tarlogic to improve the cybersecurity resilience of critical entities

Liberating Bluetooth on the ESP32 through reverse engineering: documenting Espressif’s closed Bluetooth stack to enable low-level access

Reverse engineering firmware on ESP32 devices is slowed down by the absence of debugging symbols, forcing the manual identification of functions. This article explains how to use Ghidra’s Function Identification Databases (FIDB) together with ESP-IDF to automate function identification and transform an opaque binary into understandable code in a matter of minutes. An important part of vulnerability analysis projects on hardware and IoT devices is firmware analysis. Firmware is generally compiled without debugging symbols due to storage memory size constraints. This makes reverse engineering more difficult because there is no information about the functions in the binary, and they must be identified manually. The ESP32 microcontroller has gained popularity in embedded devices due to its low cost and integrated WiFi ...

The critical vulnerability CVE-2025-55182 allows an unauthenticated attacker to execute arbitrary code on the server and is already being actively exploited

Reverse engineering of Dahua NVR-XVR devices revealed weaknesses in the implementation of security mechanisms

The BadSuccessor vulnerability present in Windows Server 2025 allows an attacker to escalate privileges to obtain domain administrator privileges Akamai researchers have discovered a serious design vulnerability in Windows Server 2025 related to the use of delegated managed service accounts (dMSAs). This flaw allows an attacker with least privilege to escalate to domain administrator privileges without directly interacting with privileged accounts or modifying group memberships. The vulnerability has been dubbed BadSuccessor and resides in the ability to abuse the legacy account migration process to dMSA. Its exploitation does not require prior elevation of privilege and can run in domains that do not even actively use dMSAs, as long as at least one domain controller running Windows Server 2025 exists. Key ...

CVE-2025-32433 allows remote code execution on the Erlang/OTP SSH server without prior authentication CVE-2025-32433, a critical vulnerability affecting the SSH server implemented in Erlang/OTP (Open Telecom Platform), has been made public. This vulnerability allows remote code execution without prior authentication by sending specifically crafted protocol packets during an incomplete SSH session. Given its very low exploitation complexity and its total impact on the confidentiality, integrity, and availability of the system, this threat has been classified as critical. A few days after its disclosure, multiple public exploits emerged, significantly increasing the risk of active exploitation in the short term. Main characteristics of CVE-2025-32433 The main characteristics of the vulnerability are outlined below: CVE Identifier: CVE-2025-32433. CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (10.0 Critical). Publication ...

Information has been disclosed about IngressNightmare, a set of five new vulnerabilities affecting the Kubernetes Ingress NGINX Controller. IngressNightmare could allow a remote attacker to execute commands without authentication. Ingress exposes HTTP and HTTPS routes from outside the cluster to services within it. Traffic routing is controlled by rules defined in the Ingress resource. The following is a simple example where an Ingress sends all its traffic to a single service: Ingress flowchart Main features of IngressNightmare The main characteristics of the five vulnerabilities collectively known as IngressNightMare are detailed below: Vulnerability CVE-2025-1974: Affected Software: Ingress Nginx Controller CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (9.8 Critical) Summary: An unauthenticated attacker with access to the pod network can achieve arbitrary code execution in ...

This article takes an in-depth look at the hidden commands in the ESP32 chip and the use cases that can be exploited