Get the latest updates!

Dr. Yunfei Ge

Palo Alto Networks GlobalProtect Authentication Bypass: What Security Teams Should Know About CVE-2026-0257

by Dr. Yunfei Ge | Jun 9, 2026 | Blog

Background Palo Alto Networks GlobalProtect is widely used by enterprises to provide secure remote access to internal systems and applications. Because VPN gateways often sit at the edge of corporate networks, vulnerabilities in these systems can quickly...

Anonymous PostgreSQL Injection in Drupal Core (CVE-2026-9082)

by Dr. Yunfei Ge | Jun 2, 2026

Background Drupal powers millions of websites worldwide, including government portals,...

Exploited Vulnerabilities in Cisco Catalyst SD-WAN Manager

by Dr. Yunfei Ge | Apr 23, 2026

Cisco recently disclosed several critical vulnerabilities in Catalyst SD-WAN Manager,...

SmarterMail Security Alert: Multiple CVEs Actively Exploited in the Wild

by Dr. Yunfei Ge | Feb 24, 2026

SmarterTools recently confirmed that the Warlock (aka Storm-2603) ransomware group breached...

Is Your Git Service Safe? How a Gogs Path Traversal Vulnerability Enables Remote Code Execution (CVE‑2025‑8110)

by Dr. Yunfei Ge | Feb 9, 2026

Background Gogs Path Traversal and Remote Code Execution is a critical vulnerability...

Fortra GoAnywhere MFT: Deserialization Flaw Opens the Door to Remote Code Execution (CVE-2025-10035)

by Dr. Yunfei Ge | Oct 14, 2025

In September 2025, security researchers warned of CVE-2025-10035, a critical remote code execution...

When API Tokens Go Wrong: Lessons from the Salesforce Breach

by Dr. Yunfei Ge | Sep 22, 2025

Background The Salesforce breach occurred when attackers obtained OAuth tokens through...

« Older Entries