Vincent Qi, Author at Ridge Security

Stop Active Oracle EBS Exploitation

by Vincent Qi | Oct 21, 2025 | What do recent CVEs reveal about the most common mistakes in vulnerability management?

Ridge Security’s Immediate Response CISA has recently added two critical vulnerabilities, CVE-2025-61882 and CVE-2025-61884, to its Known Exploited Vulnerabilities (KEV) Catalog, both affecting Oracle E-Business Suite. CVE-2025-61882 is a critical, unauthenticated...

Browser-to-Backdoor: CVE-2025-49596 Turned Anthropic’s MCP Developer Tools Into Attack Vectors

by Vincent Qi | Oct 7, 2025

In July 2025, security researchers uncovered CVE-2025-49596, a critical remote code execution...

When Trust Becomes a Weapon: Inside the UNC6040 & UNC6395 Salesforce Attack Campaigns

by Vincent Qi | Sep 25, 2025

In today's interconnected business environment, platforms like Salesforce have become the backbone...

Threat Analysis: Unpacking the “ToolShell” Zero-Day in Microsoft SharePoint

by Vincent Qi | Aug 13, 2025

In July 2025, multiple critical vulnerabilities collectively known as “ToolShell” and tracked as...

Reflections on 2024: Strengthening Defenses for Palo Alto Networks and Fortinet

by Vincent Qi | Jan 29, 2025

In the dynamic world of cybersecurity, where new vulnerabilities emerge faster than ever,...

JetBrains TeamCity Auth Bypass: Safeguarding Against Cozy Bear Exploits

by Vincent Qi | Feb 29, 2024

In the ever-evolving landscape of cybersecurity threats, another significant vulnerability has...

Critical vulnerabilities in PaperCut NG/MF, the leading print management software

by Vincent Qi | Dec 13, 2023

PaperCut MF is a cost-effective, multi-platform software solution designed for schools, libraries,...

Get the latest updates!

Vincent Qi