Sicuranext Blog

Ghost Stories: investigating an undocumented ClickFix C2 in Ghost CMS

One Paste to Rule Them All: Inside a ClickFix → EtherHiding → GULoader Intrusion

क Karna: we built our own WAF. Modern, Fast and Free.

From Prompt to Prod: Sicuranext Evaluates AI Integration in SOC Analysis

A nice approach to AWS security group management

Exploiting a PHP Object Injection in Profile Builder Pro in the era of AI

Fight bad bot with Sec Fetch and Client Hints inconsistencies in headless browsers

68% Of Phishing Websites Are Protected by CloudFlare

Vtenext 25.02: A three-way path to RCE

Influencing LLM Output using logprobs and Token Distribution

Breaking Down Multipart Parsers: File upload validation bypass

Hunt3r Kill3rs and the Italian Critical Infrastructure risks

Medical Devices Exposed

Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule

ModSecurity: Path Confusion and really easy bypass on v2 and v3

Emails and barcodes: a phishing story

OT Exposed Italy

How attackers fingerprint your WordPress website

AWS WAF Bypass: invalid JSON object and unicode escape sequences

Unleashing the Power of Data: Indexing Over 15 Million WordPress Websites with PWNPress

PWNPress: collect vulnerable WordPress websites over internet

Building Octofence WAAP Cache System & CDN: Lessons Learned and Best Practices

Why text/plain is evil for Web Application Firewall and Input validation