News
11 March 2024
Ethical Hacking Report 2023: Web, Cloud, and Infrastructure Top the Risk Chart
Citadelo’s Ethical Hacking Report 2023 reveals 2,795 vulnerabilities found in 384 simulated attacks. Web, Cloud, and Infrastructure remain the most exposed areas — highlighting the urgent need for proactive security testing to close critical gaps.
1 March 2024
CVE Alert: Python API Library Allowed Remote Code Execution
A small configuration slip. A rarely used content type. One well-placed payload — and your Python app is under someone else’s control. This CVE proves it.
12 February 2024
CI/CD Misconfigurations That Could Break Your Production
What happens when your CI/CD pipeline skips one too many security checks? In our latest assessment, we chained multiple vulnerabilities—from GitHub misconfigurations to OpenShift exposure—and landed a webshell in production.
29 January 2024
CVE Hat-trick: 3 Major Vulnerabilities Found by Our Hacker
At Citadelo, discovering CVEs isn’t just a badge of honor — it’s how we keep systems safe. Here’s the story behind a triple find: one hacker, three vulnerabilities, and critical insights for anyone serious about cybersecurity.
16 October 2023
The Beginnings of Citadelo: The First Bank and a Hacked Dam
Before we were a trusted cybersecurity partner with clients across Europe, we were just a couple of hackers in a borrowed meeting room with no coffee machine and a Windows phone. This is the story of how Citadelo got started—from our first hacked bank to a hacked dam and beyond.
5 September 2023
NIS2 Explained: The New Cybersecurity Rules in the EU
NIS2 isn’t just an update—it’s a major step forward in EU-wide cybersecurity regulation. Whether you’re an essential entity or flying just under the radar, this directive likely affects you. Here’s what to expect—and how to prepare.