 | ClickFix, CrashFix and the growing family of copy and paste attacks | 2026-06-10 | True | Alex Wallace | True | | |
| Shelly Wall Display exposed RPC over Bluetooth | 2026-05-26 | True | Alex Wallace | True | | |
| Insecure IAM is the root of many cloud security failures | 2026-03-24 | True | Alex Wallace | True | | |
| EV batteries as grid infrastructure and the security risk that follows | 2026-02-24 | True | Alex Wallace | True | | |
| Shelly IoT door controller config fail: leaving your garage, home and security exposed | 2026-02-11 | True | Alex Wallace | True | | |
| Carlsberg… probably not the best cybersecurity in the world | 2026-01-16 | True | Alex Wallace | True | | |
| Compromising a multi-cloud environment from a single exposed secret | 2026-01-13 | True | Alex Wallace | True | | |
| 2025, the year of the Infostealer | 2026-01-06 | True | Alex Wallace | True | | |
| Eurostar AI vulnerability: when a chatbot goes off the rails | 2025-12-22 | True | Alex Wallace | True | | |
| Discord as a C2 and the cached evidence left behind | 2025-09-16 | True | Alex Wallace | True | | |
| Terraform Cloud token abuse turns speculative plan into remote code execution | 2025-08-15 | True | Alex Wallace | True | | |
| Our capabilities. A story about what we can achieve | 2025-07-28 | True | Joe Bursell | True | | |
| Leaked data. Continuous glucose monitoring | 2025-07-22 | True | Joe Bursell | True | | |
| Framework 13. Press here to pwn | 2025-07-16 | True | Alex Wallace | True | | |
| Sil3ncer Deployed – RCE, Porn Diversion, and Ransomware on an SFTP-only Server | 2025-07-11 | True | Joe Bursell | True | | |
| Pet microchip scams and data leaks in the UK | 2025-07-04 | True | Joe Bursell | True | | |
| CSP directives. Base-ic misconfigurations with big consequences | 2025-06-23 | True | Joe Bursell | True | | |
| Android AI UX is great until it leaks your data | 2025-06-17 | True | Joe Bursell | True | | |
| Fire detection system been pwned? You’re not going to sea | 2025-05-30 | True | Joe Bursell | True | | |
| The remote desktop puzzle. DFIR techniques for dealing with RDP Bitmap Cache | 2025-05-01 | True | Joseph Williams | True | | |
| Backdoor in the Backplane. Doing IPMI security better | 2025-03-31 | True | Kieran Larking | True | | |
| DNSSEC NSEC. The accidental treasure map to your subdomains | 2025-03-04 | True | Darrell Hall | True | | |
| Watch where you point that cred! Part 1 | 2025-02-18 | True | Tom Thomas-Litman | True | | |
| ICS testing best results. Hint: Blend your approach | 2025-02-07 | True | Andrew Tierney | True | | |
| A tale of enumeration, and why pen testing can’t be automated | 2025-02-05 | True | Morgan Davies | True | | |
| Security flaws found in tiny phones promoted to children | 2025-01-15 | True | Joe Lovett | True | | |
| The unexpected effects of GPS spoofing on aviation safety | 2025-01-09 | True | PTP Aviation Team | True | | |
| Heels on fire. Hacking smart ski socks | 2024-12-23 | True | Ken Munro | True | | |
| How easily access cards can be cloned and why your PACS might be vulnerable | 2024-12-11 | True | Warren Houghton | True | | |
| Did security gaps at Antwerp port enable drug smuggling operations? | 2024-11-12 | True | Ken Munro | True | | |
| You lost your iPhone, but it’s locked. That’s fine, right? | 2024-11-06 | True | Nicole Moine | True | | |
| Mounting memory with MemProcFS for advanced memory forensics | 2024-10-31 | True | Luke Davis | True | | |
| Airbus Navblue Flysmart LPC-NG issues | 2024-10-01 | True | PTP Aviation Team | True | | |
| Direct Memory Access (DMA) attacks. Risks, techniques, and mitigations in hardware hacking | 2024-09-26 | True | Rachel Rabin | True | | |
| Proroute H685 4G router vulnerabilities | 2024-09-19 | True | Joe Lovett | True | | |
| Smart home security advice. Ring, SimpliSafe, Swann, and Yale | 2024-09-10 | True | Adam Bromiley | True | | |
| RCE vulnerability in OpenSSH – RegreSSHion (CVE-2024-6387) | 2024-07-02 | True | Eime Adomaviciute | True | | |
| Glastonbury ticket hijack vulnerability fixed | 2024-06-28 | True | Lewis K | True | | |
| Pipedream ICS malware toolkit is a nightmare | 2024-05-09 | True | Luke Davis | True | | |
| Vulnerabilities that (mostly) aren’t: LUCKY13 | 2024-05-03 | True | David Lodge | True | | |
| Bypassing MFA on Microsoft Azure Entra ID | 2024-05-01 | True | Jack Barradell-Johns | True | | |
| Living off the land with native SSH and split tunnelling | 2024-03-06 | True | Joe Blogs | True | | |
| No fix KrbRelay VMware style | 2024-02-21 | True | Ceri Coburn | True | | |
| Ski & bike helmets protect your head, not location or voice | 2024-02-07 | True | Ceri Coburn and Joe Blogs | True | | |
| Hacking Electronic Flight Bags. Airbus NAVBLUE Flysmart+ Manager | 2024-02-01 | True | Antonio Cassidy | True | | |
| RAID Technology and the importance of disk encryption in data security | 2024-01-04 | True | Vladimir Panek-Noble | True | | |
| Mobile malware analysis for the BBC | 2024-01-02 | True | Daniel Gildersleeve | True | | |
| Helping a banking fraud victim | 2024-01-02 | True | Ken Munro | True | | |
| Helping a mobile malware fraud victim | 2024-01-02 | True | Ken Munro | True | | |
| Intercepting MFA. Phishing and Adversary in The Middle attacks | 2023-12-12 | True | Adam Harwood | True | | |
