Websec / Blog
Securing Today. Tomorrow could be too late.

Join us as we explore the ever-evolving world of cyber threats and arm yourself with knowledge to defend against potential breaches.

Get Consultation

Discover whats new

Posted 16 Apr

CVE-2026-33032: Unauthenticated nginx-ui MCP takeover

English, Dutchnginx-ui <= 2.3.5 exposes an unauthenticated MCP endpoint that can invoke privileged tools and take over Nginx service management.

cve-2026-33032auth-bypassinitial-access

Posted 02 Apr

CVE-2026-29014, MetInfo CMS unauthenticated PHP code injection

English, DutchMetInfo CMS 7.9.0 through 8.1.0 is affected by an unauthenticated PHP code injection flaw that can lead to remote code execution via the WeChat module.

cve-2026-29014rceinitial-access

Posted 15 Mar

Ophion: Building a Stealth Intel VT-x Hypervisor for Windows

English, DutchOphion is a stealth Intel VT-x hypervisor that virtualizes Windows while passing AC, AV, and VM-detection checks. This article covers how it works and how it evades detection.

Security EvasionHypervisorExploitation

Malware Analysis example. Classic case: Stuxnet. Part 2

EnglishIn this part 2 of our reverse engineering article of the stuxnet malware we will continue where we left off last time and take a deeper dive into the how and the what in regards to its functionality.

Posted 17 December, 22

Reverse shells and cats (netCAT, soCAT)

EnglishIn this post, we will investigate the concept of a reverse shell and examine some examples of its application in practice by making use of netcat and socat.

Posted 16 December, 22

Classic Malware: Carbanak

EnglishThis little analysis is based on leaked banking malware Carbanak's source codes.

Posted 15 December, 22

Malware Analysis example. Classic case: Stuxnet

EnglishStuxnet, as it came to be known, was unlike any other virus or worm that came before. In today's article we will reverse engineer this malware in order to better understand its code.

Posted 14 December, 22

Static malware analysis of PDF files

EnglishWe will do static analysis on PDF documents, including analysis of embedded strings.

Posted 25 November, 22

Intro to static malware analysis

EnglishStatic code analysis is the technique of studying the source code of a program without running it. This can be valuable for malware reverse engineering, as it can assist discover dangerous code.

Posted 10 November, 22

What is DLL Hijacking? And How Does it Work?

EnglishDLL hijacking is a method in which a trusted and legit program is tricked into loading a malicious DLL.

Posted 09 November, 22

How to Get Into Cybersecurity

English, DutchLooking to learn how to break into cybersecurity? Search no further! This article covers everything you need to know about getting into cybersecurity.

Posted 14 October, 22

Need Security?

Are you really sure your organization is secure?

At WebSec we help you answer this question by performing advanced security assessments.

Want to know more? Schedule a call with one of our experts.

Schedule a call

Websec / Blog Securing Today. Tomorrow could be too late.