Exploits
Blog Archive Category
The Exploit articles categorized as Exploits
-
Bypassing a WAF and a CSP with Google Tag Manager: An Attacker’s Perspective and Remediation Advice
By Ryan Chaplin Ryan Chaplin takes an in-depth look at how attackers can use unsafe directives to bypass CSP, notably in Google Tag Manager, and how to remediate the issue. February 10, 2026 -
CVE-2025-59886 Eaton Exploit Code Published
By Jason Taylor With exploit code available for the vulnerabilities in Eaton’s xComfort Ethernet Communication Interface, Jason Taylor recommends replacing or isolating. February 5, 2026 -
Publicly Accessible Database Discovered Hosting 149 Million Credentials
By Andrew Trexler Andrew Trexler looks at a recently discovered public database of stolen usernames and passwords and what you can do now to protect your access and information. February 2, 2026 -
The Growing Threat: Attackers Using GitHub Repositories as Malware Staging Mechanisms
By Brian Tant Recent attacks, including GitVenom and Lumma Stealer, underscore the threat of Attackers using GitHub repositories as malware staging mechanisms. January 21, 2026 -
CVE‑2020‑12812 and Why It’s Still an Issue Five Years Later
By Scottie Cole Principal Penetration Tester Scottie Cole explains why Fortinet released a new security advisory about CVE‑2020‑12812 and what your organization should check. January 16, 2026 -
Data Theft Exploit Part 2: DNS Exfiltration Attack
By Jason Taylor Raxis’ Jason Taylor is back with a detailed tutorial on performing both manual and automated DNS exfiltration attacks for pentesting. January 13, 2026
