News
24 April 2025
Ethical Hacking Report 2024: Six Vulnerabilities in Almost Every Tested System
Web, cloud, mobile, and infrastructure projects all revealed the same pattern: overlooked basics, repeat mistakes, and too many systems left wide open.
11 March 2024
Ethical Hacking Report 2023: Web, Cloud, and Infrastructure Top the Risk Chart
Citadelo’s Ethical Hacking Report 2023 reveals 2,795 vulnerabilities found in 384 simulated attacks. Web, Cloud, and Infrastructure remain the most exposed areas — highlighting the urgent need for proactive security testing to close critical gaps.
1 March 2024
CVE Alert: Python API Library Allowed Remote Code Execution
A small configuration slip. A rarely used content type. One well-placed payload — and your Python app is under someone else’s control. This CVE proves it.
12 February 2024
CI/CD Misconfigurations That Could Break Your Production
What happens when your CI/CD pipeline skips one too many security checks? In our latest assessment, we chained multiple vulnerabilities—from GitHub misconfigurations to OpenShift exposure—and landed a webshell in production.
29 January 2024
CVE Hat-trick: 3 Major Vulnerabilities Found by Our Hacker
At Citadelo, discovering CVEs isn’t just a badge of honor — it’s how we keep systems safe. Here’s the story behind a triple find: one hacker, three vulnerabilities, and critical insights for anyone serious about cybersecurity.
1 August 2023
Azure Functions Privilege Escalation
Azure Functions Privilege Escalation Vulnerability - A Wake-Up Call for Security Professionals