Offensive
Security Blog

Technical Research

strongSwan CVE-2026-25075: Integer Underflow in VPN Authentication

Mar 26, 2026

Bishop Fox researchers took a deep dive into a new strongSwan vulnerability that allows unauthenticated attackers to take VPN services offline. We created an easy tool to test your strongSwan deployment & recommend upgrading to version 6.0.5 and later.

By Jon Williams

Security Perspective

Accidental Engineer: Building My First Hardware Tool the Hard Way

Mar 17, 2026

I set out to build a rugged badge-cloning tool for field use, with zero hardware background. This is the story of learning electrical engineering from scratch, navigating bad assumptions, and discovering that curiosity, persistence, and hands-on testing can take you further than you think.

By Raf Marconi

Security Perspective

Winning CTFs: A Proving Ground at HackMex & Ekoparty

Mar 13, 2026

CTF competitions push offensive security skills to their limits. In 2025, the Bishop Fox Mexico team claimed first place at both HackMex Finals and EkoParty Red Team Space. Discover how the team navigated web exploitation, infrastructure compromise, and AWS attack paths to win.

By Luis De la Rosa Hernandez

Technical Research

Pre-Authentication SQL Injection in FortiClient EMS 7.4.4 - CVE-2026-21643

Mar 9, 2026

FortiClient EMS 7.4.4 contains a pre-authentication SQL injection vulnerability (CVSS 9.1) in its multi-tenant site routing middleware. An unauthenticated attacker can inject arbitrary SQL by sending a crafted Site HTTP header to any pre-auth endpoint.

By John Untz

Technical Research

Beyond Electron: Attacking Alternative Desktop Application Frameworks

Mar 3, 2026

Tauri promises a lighter, security-first future beyond Electron—but does it actually reduce risk? Carlos Yanez uncovers how XSS and permissive configs can still be chained into RCE, walking through real-world exploitation techniques every appsec team should understand.

By Carlos Yanez

Security Perspective

Introducing CloudFox GCP: Attack Path Identification for Google Cloud

Feb 26, 2026

Meet CloudFox GCP, an offensive security tool built to map identities, enumerate resources, and uncover real attack paths in Google Cloud. Designed for practitioners, it exposes privilege escalation, lateral movement, and data exfiltration risks so you can secure GCP before attackers exploit it.

By Joseph Barcia

Advisory

Samsung Tizen OS | Version Through 9.0

Feb 24, 2026

Bishop Fox identified a low-risk command injection flaw in Samsung Tizen OS (through 9.0) that allows OS-level code execution on smart TVs with developer mode enabled. Exploitation requires local access and the configured developer IP. Organizations should disable developer mode or use kiosk mode.

By Bishop Fox

Security Perspective

AI & Security Risks: Reviewing Governance and Guardrails

Feb 19, 2026

Moving fast with AI is easy. Governing it isn’t. In this discussion, security and AI leaders share real-world lessons on inventory, least privilege, measurable outcomes, and building guardrails before scaling adoption.

By Bishop Fox

Product

Most Security Programs Test a Fraction of Their Applications. That Changes Today.

Feb 9, 2026

Bishop Fox's Rob Ragan explores how Cosmos AI transforms application security testing from a logistical bottleneck into a scalable service—enabling organizations to test entire portfolios.

By Rob Ragan

Advisory

Deep Dive into Arista NG Firewall Vulnerabilities

Feb 9, 2026

Bishop Fox identified six vulnerabilities in Arista NG Firewall version 17.4, including critical command injection flaws allowing root-level code execution with some exploitable by chaining attacks through a single malicious link.

By Ronan Kervella

Security Perspective

Get the Most from Testing Your Applications

Feb 4, 2026

Pen tests don’t fail because testers miss bugs. They fail when no one agrees what questions the test should answer. In today’s cloud- and AI-driven apps, scoping, execution, and follow-through determine whether results drive real decisions or just become another filed report.

By Bishop Fox Researchers

Security Perspective

Why the Board Belongs in the War Room: The Untapped Value of Crisis Readiness

Jan 22, 2026

Boards may not be on the front lines, but they’re always in the blast radius. Crisis simulations help directors experience uncertainty firsthand, strengthening governance, trust, and decision-making before headlines hit.

By Justin Greis

Technical Research

The Total Cost of AI Ownership: The Costs Not on Your Budget Sheet

Jan 13, 2026

AI looks affordable at first, licenses, cloud, headcount. But once it’s in production, costs spread across teams, systems, and decisions in ways most models miss. Here’s what we’ve learned about the hidden costs of owning AI long-term.

By Kelly Albrink

Security Perspective

What to Look for in a Red Team Vendor

Jan 8, 2026

Red team proposals often look the same. The outcomes rarely are. If you’re trying to avoid surprises, defend security decisions, and gain real confidence, choosing the right red team partner matters more than ever. Here’s what separates signal from noise.

By Bishop Fox

Technical Research

GenAI DevOps: More Code, More Problems

Dec 30, 2025

GenAI has made it possible for anyone to ship production code, but security hasn’t caught up. The real risk isn’t bad AI code, it’s how quickly unsafe behavior reaches production. Here’s how to build guardrails so speed doesn’t become liability.

By Derek Rush

Security Perspective

Bishop Fox Wrapped: Research Worth Replaying

Dec 23, 2025

This is Bishop Fox Wrapped. A snapshot of the research, blogs, virtual sessions, and tools that security teams kept coming back to, and what that tells us about what they needed this year.

By Bishop Fox

Technical Research

MITRE AADAPT Framework as a Red Team Roadmap

Dec 17, 2025

MITRE’s AADAPT framework exposes how attackers target digital-asset systems but the real value comes from testing those threats. Learn how red teaming turns AADAPT into evidence-driven detection, stronger controls, and measurable protection against economic loss.

By Bishop Fox

Security Perspective

A Hacker Holiday Gift Guide: 2025 Edition

Dec 10, 2025

Shopping for a hacker? Skip the gimmicks. Here are the tools, training, and books they actually want: Flipper Zero, Proxmark3, Shodan, HTB, and must-read vuln research picks, perfect for deal-season lab upgrades.

By Bishop Fox

Technical Research

Arista NextGen Firewall XSS to RCE Chain

Dec 4, 2025

Arista flagged three NG Firewall bugs as “limited.” Our researchers proved otherwise: real-world remote code execution is possible, and current patches don’t fully fix the root issues. Here’s what’s vulnerable, what we validated, and the steps to cut exposure now.

By Jon Williams, Ronan Kervella, Bishop Fox Researchers

Security Perspective

What Will Shape Cybersecurity in 2026: AI Speed, Expanding Attack Surfaces, and Specialized Red Teams

Dec 3, 2025

2026 will hit cybersecurity like a fast-forward button: AI moves quicker than governance, attack surfaces sprawl into the physical world, and red teams get hyper-specialized. Here’s what’s coming—and how to stay ahead before “optional” becomes “too late.”

By Vincent Liu, Christie Terrill, Kelly Albrink, Trevin Edgeworth, Dan Petro

Security Perspective

A Note on AI from Christie Terrill, CISO, Bishop Fox

Nov 25, 2025

After a month of conferences and CISO conversations, one thing is clear: AI is reshaping security—fast. But the excitement comes with uncertainty, risk, and big unanswered questions. Here’s what leaders are really saying.

By Christie Terrill

Technical Research

Fortinet FortiWeb Authentication Bypass – CVE-2025-64446

Nov 19, 2025

Bishop Fox researchers discovered an authentication bypass in FortiWeb that lets attackers add their own admin accounts, take over the device, and erase evidence. Organizations can quickly check if they’re exposed using a new Bishop Fox scanner and should remove public access and update immediately.

By Jon Williams, John Untz

Security Perspective

Ready to Hack an LLM? Our Top CTF Recommendations

Nov 5, 2025

The best way to understand LLM vulnerabilities isn’t by reading, it’s by hacking. Explore our top CTF and sandbox picks to safely test prompt injections, jailbreaks, and model exploits while sharpening your AI security skills.

By Luke Sheppard

Security Perspective

Invasion of the Face Changers: Halloween Hijinks with Bluetooth LED Masks

Oct 30, 2025

This Halloween, Bluetooth LED masks promise eerie fun — until anyone with a pocket-sized controller can change your face. I built one. Read how a common BLE flaw turns glowing costumes into prankable (and revealing) security lessons.

By Nathan Elendt