IEEE

VulKiller: Java Web Vulnerability Detection with Code Property Graph and Large Language Models

Abstract: In recent years, web application development has become more efficient, yet vulnerabilities still pose significant risks. Traditional static and dynamic detection techniques are prone to ...
IEEE

LiteCobra: Enhancing Java Deserialization Vulnerability Detection with Call Graph Pruning

Abstract: Java deserialization vulnerabilities have become a critical security threat, challenging to detect and even harder to exploit due to deserialization's flexible and customizable nature.
GitHub

Network & Web Pentest Automation Framework

Jok3r is a Python3 CLI application which is aimed at helping penetration testers for network infrastructure and web black-box security tests. The goal is to save as much time as possible during ...
CSOonline

SolarWinds WHD zero-days from January are under attack

SolarWinds Web Help Desk (WHD) is under attack, with recent incidents exploiting a chain of zero-day and patched vulnerabilities dating back to late 2025, an analysis of customer reports by security ...
Redmond Magazine

Microsoft Warns of Active SolarWinds Web Help Desk Exploitation

Microsoft observed active exploitation of internet-exposed SolarWinds Web Help Desk vulnerabilities enabling lateral movement. Attackers abused legitimate tools, PowerShell, and RMM software to ...
The Hacker News

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Microsoft has revealed that it observed a multi‑stage intrusion that involved the threat actors exploiting internet‑exposed SolarWinds Web Help Desk (WHD) instances to obtain initial access and move ...