
12 February 2024
What happens when your CI/CD pipeline skips one too many security checks? In our latest assessment, we chained multiple vulnerabilities—from GitHub misconfigurations to OpenShift exposure—and landed a webshell in production.

29 January 2024
At Citadelo, discovering CVEs isn’t just a badge of honor — it’s how we keep systems safe. Here’s the story behind a triple find: one hacker, three vulnerabilities, and critical insights for anyone serious about cybersecurity.

16 October 2023
Before we were a trusted cybersecurity partner with clients across Europe, we were just a couple of hackers in a borrowed meeting room with no coffee machine and a Windows phone. This is the story of how Citadelo got started—from our first hacked bank to a hacked dam and beyond.

5 September 2023
NIS2 isn’t just an update—it’s a major step forward in EU-wide cybersecurity regulation. Whether you’re an essential entity or flying just under the radar, this directive likely affects you. Here’s what to expect—and how to prepare.

1 August 2023
Azure Functions Privilege Escalation Vulnerability - A Wake-Up Call for Security Professionals

26 April 2023
Our hackers analyzed 388 client projects. Here's what they found.