Security Risks of "OpenClaw things"With great power comes great responsibilityMar 25, 2026·6 min read
Abusing Content Delivery Networks (CDNs): Phishing, Malware, and EvasionContent Delivery Networks (CDNs) like jsDelivr, Webflow CDN, CloudFront, and Google APIs are trusted internet infrastructure – and attackers are abusing that trust. By hosting malicious pages and payloads on CDN domains, adversaries exploit the domai...May 24, 2025·15 min read
Threat Analysis: Investigating Suspicious Outbound Connections to cdn.jsdelivrs[.]com (Adware or Supply Chain Foothold?)Alert Overview On May 8, 2025, analysts at the FPT SOC identified a cluster of outbound HTTP requests from several internal endpoints targeting the domain cdn.jsdelivrs[.]com. This domain, which resolves to IP 91.195.240.12, is registered under AS478...May 21, 2025·3 min read
Fortifying AWS EKS: A Comprehensive Guide to Securing Containerized Workloads with AWS and Open-Source Tools1. Introduction Securing containerized workloads in today's cloud-centric landscape is paramount to ensuring robust and reliable application deployment. Amazon Web Services (AWS) Elastic Kubernetes Service (EKS) provides a scalable platform for runni...May 7, 2025·19 min read
Nuclei Multi-Step Template Gen: AI-Powered Automation for Chain-Based Functions in Penetration TestingIn recent years, AI and Generative AI have made significant advancements, but their practical use in the field of Penetration Testing is still met with doubt. In this article, we’ll share how we used Generative AI to automate the process of handling ...Mar 27, 2025·5 min read
[CVE-2024-21182] Oracle WebLogic ServerTrong năm 2024 vừa qua, oracle weblogic liên tục bị cve liên quan đến IIOP/T3 protocol. Vậy nên mình cũng chọn 1 CVE trong đó để học hỏi, CVE mình chọn là CVE-2024-21182. Sau khi tìm hiểu thì các cve này liên quan đến 1 loại lỗ hổng tên là JNDI injec...Feb 23, 2025·7 min read
Reducing Alert Fatigue: Automating the Triage of Microsoft Defender’s Internal Port Scanning AlertsIntroduction Modern security operations rely on automated alerting to detect reconnaissance activities within enterprise networks. However, when certain alerts trigger frequently, distinguishing between benign system behavior and true security threat...Feb 23, 2025·5 min read
![[ZVE-2025-3566] Stored XSS to RCE in Manage Engine OpManager](/_next/image?url=https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1753930975579%2Fb835c2ae-2b5b-425e-9210-09bb506d46c1.png&w=3840&q=75)
![Threat Analysis: Investigating Suspicious Outbound Connections to cdn.jsdelivrs[.]com (Adware or Supply Chain Foothold?)](/_next/image?url=https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1753931320526%2F96970cc3-2372-4aa3-a7ef-79db43716d51.png&w=3840&q=75)
![[CVE-2024-21182] Oracle WebLogic Server](/_next/image?url=https%3A%2F%2Fcdn.hashnode.com%2Fres%2Fhashnode%2Fimage%2Fupload%2Fv1753931508068%2F535e51f5-a30f-465e-8da8-93cf02326a21.jpeg&w=3840&q=75)
