📄 LibreChat MCP 0.8.2-rc2 Remote Code Execution

This proof of concept exploit targets the LibreChat MCP remote code execution vulnerability known as CVE-2026-22252. It provides a comprehensive and professional framework for detecting, testing, and exploiting the vulnerability with multiple extraction modes...

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets

Since February 2023, Microsoft has observed password spray activity against thousands of organizations carried out by an actor we track as Peach Sandstorm HOLMIUM. Peach Sandstorm is an Iranian nation-state threat actor who has recently pursued organizations in the satellite, defense, and...

Docker for Pentest - Image With The More Used Tools To Create A Pentest Environment Easily And Quickly

Docker for pentest is an image with the more used tools to create an pentest environment easily and quickly. Features OS, networking, developing and pentesting tools installed. Connection to HTB Hack the Box vpn to access HTB machines. Popular wordlists installed: SecLists, dirb, dirbuster, fuzzd...

IT Asset Inventory Systems and CMDBs: A Marriage Made in InfoSec Heaven

A key capability of an IT asset inventory system is being able to exchange data with CMDBs Configuration Management Databases. In fact, a common misconception is that organizations with CMDBs don’t need an IT asset inventory system because their functions overlap. While they have similar roles,...