Manuel Roccon - December 29th, 2025
This article analyzes a recent and sophisticated phishing campaign that uses the Browser-in-the-Browser (BitB) technique to steal credentials, particularly those from services like Microsoft 365. The BitB attack is notable...
Manuel Roccon - December 23rd, 2025
The following analysis examines the attack vector for CVE-2025-47761 , a vulnerability found in the Fortips_74.sys kernel driver used by FortiClient VPN for Windows. The core of the vulnerability lies...
Manuel Roccon - November 14th, 2025
Of all the vulnerabilities, the most feared by victims and the most sought after by attackers is remote code execution, or RCE. This vulnerability allows arbitrary commands to be executed...
Manuel Roccon - November 6th, 2025
A new vulnerability affecting Notepad++ was released in September. The vulnerability has been identified as CVE-2025-56383, and details can be found on the NIST website. CVE-2025-56383 is a DLL hijacking...
Manuel Roccon - October 29th, 2025
The cybersecurity landscape was recently rocked by the discovery of a critical Remote Code Execution (RCE) vulnerability in Microsoft’s Windows Server Update Services (WSUS) . Identified as CVE-2025-59287 and with...
Manuel Roccon - October 2nd, 2025
Generative Artificial Intelligence (GenAI) systems are revolutionizing the way we interact with technology, offering extraordinary capabilities in the creation of text, images, and code. However, this innovation brings with it...
