News

CVE-2026-48907: Unauthenticated RCE in Joomla Content Editor

‘AI a force multiplier not a replacement’, small vs large models, the state of vibe-coded security – ethical hacker news roundup

Read More ->

‘AI a force multiplier not a replacement’, small vs large models, the state of vibe-coded security – ethical hacker news roundup

Read More ->

The Mythos moment, accelerating exploits, CVE Program under pressure – offsec roundup for CISOs

Read More ->

The Mythos moment, accelerating exploits, CVE Program under pressure – offsec roundup for CISOs

Read More ->

BUG BREAKDOWN: AUTH BYPASS, WORDPRESS AZURE AD SSO PLUGIN

Critical auth bypass in WordPress Azure AD SSO plugin due to missing OIDC id_token validation

Read More ->

Critical auth bypass in WordPress Azure AD SSO plugin due to missing OIDC id_token validation

Read More ->

Notepad++ hijack, pwning Claude Code, top web hacking techniques of 2025 – ethical hacker news roundup

Read More ->

Notepad++ hijack, pwning Claude Code, top web hacking techniques of 2025 – ethical hacker news roundup

Read More ->

An LLM or robot vulnerability researcher lacks intuition, looks confused

LLM bug hunters lack intuition, ‘security teams will consolidate visibility’ in 2026, EU Cyber Act vuln disclosure revisions – offsec roundup for CISOs

Read More ->

LLM bug hunters lack intuition, ‘security teams will consolidate visibility’ in 2026, EU Cyber Act vuln disclosure revisions – offsec roundup for CISOs

Read More ->

YesWeHack report 2026: the trends, insights and strategic shifts shaping offensive security

Read More ->

YesWeHack report 2026: the trends, insights and strategic shifts shaping offensive security

Read More ->

News

CVE-2026-48907: Unauthenticated RCE in the Joomla Content Editor extension

YesWeHack is now available in AWS Marketplace

CVE-2026-9082: PostgreSQL SQL Injection in Drupal

‘AI a force multiplier not a replacement’, small vs large models, the state of vibe-coded security – ethical hacker news roundup

‘AI a force multiplier not a replacement’, small vs large models, the state of vibe-coded security – ethical hacker news roundup

The Mythos moment, accelerating exploits, CVE Program under pressure – offsec roundup for CISOs

The Mythos moment, accelerating exploits, CVE Program under pressure – offsec roundup for CISOs

Critical auth bypass in WordPress Azure AD SSO plugin due to missing OIDC id_token validation

Critical auth bypass in WordPress Azure AD SSO plugin due to missing OIDC id_token validation

‘AI a force multiplier not a replacement’, small vs large models, the state of vibe-coded security – ethical hacker news roundup

Map, test, fix, comply: unveiling our unified approach to offensive security

Map, test, fix, comply: unveiling our unified approach to offensive security

Continuous Pentesting with zero false positives: a fully managed, platform-driven approach

Continuous Pentesting with zero false positives: a fully managed, platform-driven approach

Introducing Autonomous Pentest: identify actively exploited vulnerabilities across your attack surface

Introducing Autonomous Pentest: identify actively exploited vulnerabilities across your attack surface

Map, test, fix, comply: unveiling our unified approach to offensive security

Notepad++ hijack, pwning Claude Code, top web hacking techniques of 2025 – ethical hacker news roundup

Notepad++ hijack, pwning Claude Code, top web hacking techniques of 2025 – ethical hacker news roundup

LLM bug hunters lack intuition, ‘security teams will consolidate visibility’ in 2026, EU Cyber Act vuln disclosure revisions – offsec roundup for CISOs

LLM bug hunters lack intuition, ‘security teams will consolidate visibility’ in 2026, EU Cyber Act vuln disclosure revisions – offsec roundup for CISOs

YesWeHack report 2026: the trends, insights and strategic shifts shaping offensive security

YesWeHack report 2026: the trends, insights and strategic shifts shaping offensive security

Notepad++ hijack, pwning Claude Code, top web hacking techniques of 2025 – ethical hacker news roundup

Products

Researchers

Resources

Company

Follow us