P
PT SWARM
06.07.2026 11:49 · 👁 1.9K
🐘 PHP PDO layer exposed! Aleksey Solovev & Nikita Sveshnikov uncovered 2 flaws: SQL Injection in pdo_firebird (CVE-2025-14179) and DoS in PDO via pdo_pgsql (CVE-2025-14180).
https://swarm.ptsecurity.com/hack-the-elephant-one-bite-at-a-time-nul-byte-sql-injection-in-pdo_firebird-and-null-pointer-dereference-in-pdo-pgsql/
P
PT SWARM
05.06.2026 11:23 · 👁 3.8K
👨🏻💻 Did you know that it’s possible to perform RCE in Internet Explorer via clickjacking? Igor Sak-Sakovsky's new article will explain how!
https://swarm.ptsecurity.com/the-click-that-shouldnt-have-worked-rce-via-clickjacking-in-internet-explorer/
P
PT SWARM
15.05.2026 09:13 · 👁 4.9K
🐘 PHP JPEG bugs: how image parsing leads to memory corruption.
Our researcher Nikita Sveshnikov discovered two JPEG-related memory-safety bugs in PHP’s ext/standard: CVE-2025-14177 in getimagesize and a heap buffer overflow in iptcembed.
https://swarm.ptsecurity.com/hack-the-elephant-one-bite-at-a-time-jpeg-related-memory-safety-bugs-in-php/
P
PT SWARM
30.04.2026 09:05 · 👁 34.7K
🧑🚒 Our researcher Mikhail Sukhov shares his knowledge and experience in analyzing FreeIPA environments.
He also introduces his new tool, IPAHound 💪
Go ’n see the details ➡️ https://swarm.ptsecurity.com/thinking-in-graphs-with-ipahound/
P
PT SWARM
15.04.2026 14:35 · 👁 5.8K
🔥 Read the new article by our researcher Timofey Duditsky.
The write-up dives into the AMD Platform Configuration Blobs mechanism, shows how it works, and reveals the vulnerability CVE-2025-54502.
https://swarm.ptsecurity.com/slowburn-looking-through-amd-platform-configuration-blobs-infrastructure/
P
PT SWARM
23.03.2026 13:46 · 👁 6.3K
Two bugs. One chain. Full RCE.
New research by Aleksandr Zhurnakov on Dell Wyse Management Suite shows how business logic flaws can be chained into complete system compromise.
Read the full writeup!
https://swarm.ptsecurity.com/business-logic-and-chains-unauthenticated-rce-in-dell-wyse-management-suite/
P
PT SWARM
10.03.2026 14:03 · 👁 6.2K
🐘 Attack arithmetic: how an integer overflow in PostgreSQL libpq leads to denial of service.
Our researcher Aleksey Solovev discovered the vulnerability CVE-2025-12818, which may cause a product using the libpq PostgreSQL library to crash.
https://swarm.ptsecurity.com/attack-arithmetic-how-an-integer-overflow-in-postgresql-libpq-leads-to-denial-of-service/
P
PT SWARM
02.03.2026 13:45 · 👁 6.1K
🚨 Our researcher Alexander Zhurnakov identified two vulnerabilities in Dell Wyse Management Suite prior to version 5.5.
In certain configurations, they can be chained to achieve unauthenticated remote code execution.
Upgrade now → https://www.dell.com/support/kbdoc/en-us/000429141/dsa-2026-103
P
PT SWARM
21.01.2026 11:39 · 👁 6.9K
🏆 Two of our research articles are nominated for PortSwigger's Top 10 Web Hacking Techniques of 2025!
1️⃣ Impossible XXE in PHP
2️⃣ Blind trust: what is hidden behind the process of creating your PDF file?
Last day to vote if you found them useful!
https://portswigger.net/polls/top-10-web-hacking-techniques-2025
P
PT SWARM
19.01.2026 13:04 · 👁 6.6K
📞 Microsoft fixed an authenticated RCE in Windows Telephony Service (CVE-2026-20931), discovered by our researcher Sergey Bliznyuk.
Read the write-up: https://swarm.ptsecurity.com/whos-on-the-line-exploiting-rce-in-windows-telephony-service/