// PRESS & PUBLICATIONS

Press & Publications

Our security research and proof-of-concept development work has been featured in leading industry publications, technical blogs, and security news outlets. This recognition reflects our commitment to advancing the security industry through technical expertise and in-depth vulnerability analysis.

CVE-2025-32433: Erlang/OTP SSH Remote Code Execution Vulnerability

Our team developed a proof-of-concept exploit for this critical vulnerability in Erlang/OTP's SSH implementation, demonstrating its impact and helping drive rapid patching across the industry.

April 2025•GitHub Repository

Picus Security Blog

www.picussecurity.com

Openwall Announcement

www.openwall.com

SecLists Disclosure

seclists.org

BleepingComputer: Public Exploits Released

www.bleepingcomputer.com

Low Code Youtube Video (100k views)

www.youtube.com

Tenable Security Blog

pt-br.tenable.com

The Hacker News

thehackernews.com

TLDR Sec Newsletter

tldrsec.com

TryHackMe Room

tryhackme.com

The Register News

www.theregister.com

Tenable CVE Page

www.tenable.com

Arctic Wolf Blog

arcticwolf.com

GreyNoise Labs Analysis

www.labs.greynoise.io

Help Net Security

www.helpnetsecurity.com

Forescout Research: AI Cyber Attacks

www.forescout.com

Success Quarterly: AI Revolutionizes Cybersecurity

successquarterly.com

Impact Summary

After the initial disclosure of this vulnerability in Erlang/OTP, our team developed a comprehensive proof-of-concept exploit that demonstrated its real-world impact. This PoC was widely referenced in security advisories and industry publications, helping organizations understand the severity of the issue and prioritize patching. Our technical analysis contributed to the broader security community's understanding of the vulnerability, which affected thousands of systems running Erlang-based applications.

Hawk: SSH & Linux Credential Harvesting

Hawk is our lightweight Golang tool that intercepts SSH, su, and sudo credentials on Linux in real time via ptrace—without modifying target processes. Our blog post "Hawk's Prey: Snatching SSH Credentials" and the tool have been cited by industry research on vulnerability scanner risks and Linux EDR blind spots.

September 2025•GitHub Repository

Praetorian: Your Vulnerability Scanner Might Be Your Weakest Link

www.praetorian.com

Hawk's Prey: Snatching SSH Credentials (PlatformSecurity Blog)

platformsecurity.com

Impact Summary

Praetorian cited our Hawk tool and companion blog post in their research on how vulnerability scanners using password-based authentication can become credential-theft targets. Their article highlights ptrace-based credential interception techniques and notes that Linux EDR often fails to detect such methods—underscoring the relevance of tools like Hawk for both red team operations and defensive awareness.

More Publications Coming Soon

Our security research team is continuously working on vulnerability research and exploit development. Check back for updates on our latest findings and industry contributions.

Work with our research team

Interested in leveraging our security expertise for your organization? Our team can help identify vulnerabilities before attackers do.

Get in Touch