CVE-2026-3854: How the GitHub Enterprise Server RCE Works and How to Verify You’re Patched
CVE-2026-3854 (CVSS 8.7) lets any GitHub push access become RCE. Learn how the babeld injection works and verify your GHES instance is patched.
"Tutorials"
"Vulnerability Analysis"
Cybersecurity
Secure Development
GlassWorm VS Code Extensions: How to Audit Your Dev Environment for Malicious Extensions
GlassWorm self-propagating extensions are seeding Open VSX with malware. Here's how to audit your VS Code install and harden your team's extension policy.
THM Walkthrough
IDOR – Santa’s Little IDOR: THM Walkthrough
IDOR Room: The elves of Wareville are on high alert since McSkidy went missing. Recently, the support team has been receiving many calls
THM Walkthrough
AI in Security – old sAInt nick: TryHackMe Walkthrough
The lights glimmer and servers hum blissfully at The Best Festival Company (TBFC) saint, melting the snow surrounding the data centre. TBFC has
THM Walkthrough
Splunk Basics – Did you SIEM?: TryHackMe Walkthrough
It’s almost Christmas in Wareville, and the team of The Best Festival Company (TBFC) is busy preparing for the big celebration. Everything is
THM Walkthrough
Enumeration & Brute Force: TryHackMe Walkthrough
Introduction Authentication enumeration is a fundamental aspect of security testing, concentrating specifically on the mechanisms that protect sensitive aspects of web applications; this
THM Walkthrough
ORM Injection: TryHackMe Walkthrough
With advancements in cyber security, many developers have adopted object-relational mapping (ORM) to mitigate SQL injection attacks. While ORM is intended to simplify database interactions and improve
Blog
Subnetting Demystified: Learn How IP Networks Really Work
IP Subnetting is one of the most fundamental but also among the most misunderstood subjects with regard to a particular field. One popular
THM Walkthrough
LDAP Injection : TryHackMe Walkthrough
Introduction LDAP, which stands for Lightweight Directory Access Protocol, is a widely used protocol for accessing and maintaining distributed directory information services over
Blog
Hacking Methodology: A Comprehensive Guide for Cybersecurity Professionals
In this ever-changing sphere of cyber security, it becomes utmost important to understand the any hacking methodology. Such knowledge is directed not only