Naveen Sunkavally
Filter Content:
Categories:
Tags:
August 20, 2025 | Blogs
NodeZero autonomously compromised GOAD in 14 mins by exploiting common Active Directory misconfigurations.
August 14, 2025 | Blogs
GOAD (Game Of Active Directory) is an intentionally vulnerable cyber range used by pentesters and defenders to explore common attack…
April 9, 2025 | Attack Blogs, Disclosures
CVE-2025-3248 is a critical code injection vulnerability affecting Langflow, a popular tool used for building out agentic AI workflows. This…
January 13, 2025 | Attack Blogs, Disclosures
SimpleHelp remote support software is susceptible to critical vulnerabilities that could allow full takeover of SimpleHelp servers. Users of SimpleHelp…
August 23, 2024 | Attack Blogs, Disclosures
This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces…
August 23, 2024 | Attack Blogs, Disclosures
This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces…
June 14, 2024 | Attack Blogs, Disclosures
This post walks through the vulnerabilities we disclosed affecting Gradio, and our work with Hugging Face to harden the Spaces…
March 11, 2024 | Attack Blogs, Disclosures
NextChat a.k.a ChatGPT-Next-Web, a popular Gen AI ChatBot, is vulnerable to a critical server-side request forgery (SSRF) vulnerability.
January 29, 2024 | Attack Blogs
CVE-2024-23897: Assessing the Impact of the Jenkins Arbitrary File Leak Vulnerability.
