Websec / Blog
Securing Today. Tomorrow could be too late.

Join us as we explore the ever-evolving world of cyber threats and arm yourself with knowledge to defend against potential breaches.

Get Consultation

Discover whats new

Posted 30 Apr

CVE-2026-31431, Linux algif_aead page-cache write to root

English, DutchCVE-2026-31431 is a high severity Linux kernel flaw in algif_aead that can let an unprivileged local user gain root via AF_ALG and splice.

cve-2026-31431rce

Posted 25 Apr

NIS2 Pentest: The Critical Burden of Proof under the Cybersecurity Act (Cbw)

English, DutchHow do you comply with the Cbw duty of care? Discover why an NIS2 pentest is essential for offensive validation and your burden of proof. Learn more about the strategy.

Cbw Duty of Careoffensive validationcybersecurity audit

Posted 16 Apr

CVE-2026-33032: Unauthenticated nginx-ui MCP takeover

English, Dutchnginx-ui <= 2.3.5 exposes an unauthenticated MCP endpoint that can invoke privileged tools and take over Nginx service management.

cve-2026-33032auth-bypassinitial-access

Critical Vulnerability in Vision Helpdesk Allows Unauthorized Session Access

English, DutchA Serialized IDOR vulnerability in Vision Helpdesk enables session prediction, allowing attackers to impersonate users without authentication.

Posted 02 November, 24

AttackForge vs PlexTrac Comparison: Differences, Similarities and Alternatives

English, DutchLearn the differences and similarities between AttackForge vs PlexTrac for pentesting management and reporting, including alternatives to make an informed choice.

Posted 02 August, 24

Critical IDOR Vulnerability in LatePoint Plugin Exposes Sensitive Data

English, DutchThe LatePoint Plugin plugin for WordPress was vulnerable to unauthorized access of data through Insecure Direct Object Reference, allowing for the exposure of customer payment data such as creditcards

Posted 13 June, 24

An Introductory Guide to Pentesting Azure: Benefits and Tools: Part 2

EnglishIn this guide to pentesting Azure, we discuss the benefits of cloud penetration tests and the best Azure tools to identify & fix vulnerabilities.

Posted 14 April, 24

Hack ZTE router's admin panel

EnglishLet's say that you are connected to a public Wi-Fi. How difficult is it to crack the password to the admin panel of the router?

Posted 12 April, 24

An Introductory Guide to Pentesting Azure: Part 1

EnglishMeta Description: Here's a guide to pentesting Azure, adapting approaches to different cloud environments, and best practices to identify & fix vulnerabilities.

Posted 09 April, 24

Mobile pentesting series part 2: reversing Android application

EnglishYou may be curious, as a penetration tester, as to how a particular app feature operates or what library it utilizes. Otherwise, you may be interested in the underlying architectures or components of

Posted 19 January, 24

Mobile Pentesting Series - part 1: bypass SSL pinning in Android

EnglishThe purpose of this article is to demonstrate how to circumvent SSL pinning on Android.

Posted 27 October, 23

Need Security?

Are you really sure your organization is secure?

At WebSec we help you answer this question by performing advanced security assessments.

Want to know more? Schedule a call with one of our experts.

Schedule a call

Websec / Blog Securing Today. Tomorrow could be too late.