🚨 New Vulnerability Analysis: Zimbra Collaboration Suite < 9.0.0 is vulnerable to Remote Code Execution (CVE-2024-45519). Our latest blog details the impact and analysis of this vulnerability and includes a Nuclei template for detection. 🔗 Analysis & Template:

🚨 CVE-2024-45409: SAML Auth Bypass in GitLab We just reversed a critical Ruby-SAML vuln affecting GitLab! 🔓 ✅ Detailed analysis of the SAML bypass ⚛️ Nuclei detection template Check out the full write-up: blog.projectdiscovery.io/ruby-saml-gitl… #CyberSecurity #GitLab #RubySAML #Infosec

Checkout our new blogpost! In this post we talk about SAML and the recent Ruby-SAML Auth bypass. CVE-2024-45409: Ruby-SAML Auth Bypass in GitLab blog.projectdiscovery.io/ruby-saml-gitl…

Had a fun and productive weekend! Rahul Maini and I were reversing a CVE and stumbled upon a new bug in the patch. It was actually a cool one! Turns out a fix was released for this bug just 3 days ago. While our finding went dupe, it was still a great bug and a learning

🚨 New Vulnerability Research Alert! 🚨 Our latest discovery reveals a critical GitHub Enterprise SAML Authentication Bypass (CVE-2024-9487) 🔓 ✅ Full technical analysis and impact breakdown ⚛️ Nuclei templates for rapid detection Read the full write-up:

Check out our latest blog post! We dive into GitHub Enterprise’s SAML implementation and explore an authentication bypass in encrypted assertion mode. CVE-2024-4985 / CVE-2024-9487: GitHub Enterprise SAML Authentication Bypass. projectdiscovery.io/blog/github-en…

I just published a new blog post sharing an improved Deserialization Gadget Chain for Ruby! It builds on the work of others, including Leonardo Giovanni, Peter Stöckli GitHub Security Lab and William Bowling @[email protected] nastystereo.com/security/ruby-…

Imagine opening a Discord message and suddenly your computer is hacked. We discovered a bug that made this possible and earned a $5,000 bounty for it. Here's the story and a beginner-friendly deep dive into V8 exploit development. Watch: youtube.com/watch?v=R3SE4V…

Day 1 of launch week! We've completely rebuilt exposure discovery and asset management for the modern web. Here's what's new in v1 👇 (1/6)

Day 3 of launch week! We’re building the future vulnerability detection powered by Nuclei. Get faster scans, automated scheduling, smart alerts, and more. Here's what's new in v1 👇 (1/6)

New Blogpost - We identified a vulnerability in Discourse where a misconfiguration in Rails send_file + Nginx's internal directive can expose database backups! projectdiscovery.io/blog/discourse… This issue isn't limited to Discourse. It can affect other Rails + Nginx apps with similar

Here’s a breakdown of CVE-2025-29927: Next.js Middleware Authorization Bypass. We’ve also added a Nuclei template for detecting this vulnerability, along with a lab where you can try it out for yourself. Check it out here: projectdiscovery.io/blog/nextjs-mi… Nuclei by ProjectDiscovery

🚨 CVE-2025-2825: CrushFTP Authentication Bypass (CVSS 9.8) 🚨 A critical auth bypass in CrushFTP 10.0.0–10.8.3 and 11.0.0–11.3.0 allows remote attackers to gain full access using S3-style headers. The flaw stems from improper handling of authentication flags—letting attackers

I've created benchmark to test LLM capabilities. HackBench tests LLMs' cybersecurity skills using CTF challenges modeled on real-world vulnerabilities. Starting with 16 Security Intern-level tasks, it scales as models improve proving real skill even with test-set contamination

I am starting a new company. We will be exploring LLM capabilities in software security and sharing our work publicly in our blog. So far, we created a benchmark and found multiple 0 days with the help of LLMs, and will be sharing once they are fixed.

Every security researcher knows the dance: satisfy every parameter, only to hit a 403 at the finish line. In our analysis of CVE-2025-4427 and 4428, that same flow led to unauthenticated RCE in Ivanti EPMM. Within 24 hours, we published a Nuclei template to detect the issue.

🚨 New blog post: Authentication Bypass to RCE in Versa Concerto (0-Day) Our research team discovered a critical authentication bypass leading to remote code execution in Versa Concerto, an enterprise SD-WAN orchestration product used by major telecoms and large corporations.

I found another variant of CVE-2025-4428 — a pre-auth RCE in Ivanti EPMM. Link to the blog post below 👇

Apple once ran this software. Multiple security firms poked at it. No one spotted the bug. Here's a thread of how we found CVE-2025-5086 in Delmia Apriso... 👇🧵

CVE-2025-49113 is a fascinating PHP Object injection in Roundcube webmail, a really nice find by the original finder. #roundcube #cve-2025-49113 #rce