Vulnerability Analysis
In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.
568 articles
Log4Shell (Log4j Vulnerability) Explained
A deep dive into Log4Shell (CVE-2021-44228): how the critical Log4j2 RCE flaw worked, its timeline, affected versions, and how to remediate it.
What Was the Heartbleed Bug
A deep dive into CVE-2014-0160 (Heartbleed): the OpenSSL heartbeat flaw, its severity, exploitation timeline, and how to remediate it today.
What Was the Shellshock Vulnerability
Shellshock (CVE-2014-6271) let attackers run code on millions of Bash-based systems via a single crafted header. Here's the full breakdown and fix.
What is EternalBlue
EternalBlue (CVE-2017-0144) turned a patched SMBv1 flaw into WannaCry and NotPetya. Here is the exploit, timeline, and remediation, explained.
The SolarWinds Supply Chain Attack Explained
How Russian intelligence hijacked SolarWinds' build system to backdoor Orion updates for 18,000 customers, and what security teams must do now.
The XZ Utils Backdoor Explained
A trusted maintainer, years of quiet social engineering, and one hidden SSH backdoor: how CVE-2024-3094 nearly compromised the global Linux supply chain.
The Shai-Hulud npm Supply Chain Attack Explained
How the Shai-Hulud worm turned compromised npm maintainer tokens into a self-replicating supply chain attack, and how to detect and remediate it.
VMware ESXi CVE-2024-37085 Auth Bypass by Ransomware
CVE-2024-37085 abuses ESXi's AD domain join to grant admin via a specially named group. Exploitation by Akira and Black Basta, detection, and fix.
The event-stream npm Attack Explained
In 2018, a hijacked npm maintainer account turned event-stream into a supply chain weapon against crypto wallets. Here's the full CVE-style breakdown.
The Codecov Supply Chain Attack Explained
A breakdown of the 2021 Codecov breach: how the Bash Uploader was compromised, what CI secrets were exposed, and the remediation steps teams need now.
The Kaseya VSA Ransomware Attack Explained
A deep dive into the 2021 Kaseya VSA supply chain ransomware attack: the CVE chain, CVSS/KEV context, full timeline, and remediation steps.
What is Spring4Shell
Spring4Shell (CVE-2022-22965) let attackers gain unauthenticated RCE on Java apps via Spring data binding. Here's the full breakdown and fix.