Emerging React and Next.js vulnerabilities (CVE-2025-55182, CVE-2025-66478): what Sprocket Security is seeing, current detection coverage, and guidance for teams.
Resources
Blog
Exploitation
Keep up to date with the latest offensive security news, knowledge, and resources.
Explore a security expert's take on validating the Next.js CVE-2025-29927 exploit, its impact, and techniques for assessing and mitigating the risk.
Social engineering is a method used to manipulate people into divulging confidential information, enabling unauthorized access, or deploying malware.
Get ready to learn the importance of LLM (Large Language Model) security testing, a vital process for identifying vulnerabilities in AI models, especially those integrated into web applications. The need for early detection of potential risks like unauthorized data access, prompt injection attacks, and remote code execution is more crucial than ever.
Our approach to mass exploitation of the latest and greatest vulnerability. On the chopping block, this time around: CVE-2024-3400.
Did you know you can interact with LDAP using cURL? How about NTLM, proxy tunneling, or domain sockets?
A deep dive into some less common and advanced features of cURL, including sending POST requests with a payload file, uploading files to a server, exploiting Spring4Shell, and exploiting SQL injection vulnerabilities using cURL.
