12 February 2024

CI/CD Misconfigurations That Could Break Your Production

What happens when your CI/CD pipeline skips one too many security checks? In our latest assessment, we chained multiple vulnerabilities—from GitHub misconfigurations to OpenShift exposure—and landed a webshell in production.

29 January 2024

CVE Hat-trick: 3 Major Vulnerabilities Found by Our Hacker

At Citadelo, discovering CVEs isn’t just a badge of honor — it’s how we keep systems safe. Here’s the story behind a triple find: one hacker, three vulnerabilities, and critical insights for anyone serious about cybersecurity.

16 October 2023

The Beginnings of Citadelo: The First Bank and a Hacked Dam

Before we were a trusted cybersecurity partner with clients across Europe, we were just a couple of hackers in a borrowed meeting room with no coffee machine and a Windows phone. This is the story of how Citadelo got started—from our first hacked bank to a hacked dam and beyond.

5 September 2023

NIS2 Explained: The New Cybersecurity Rules in the EU

NIS2 isn’t just an update—it’s a major step forward in EU-wide cybersecurity regulation. Whether you’re an essential entity or flying just under the radar, this directive likely affects you. Here’s what to expect—and how to prepare.

1 August 2023

Azure Functions Privilege Escalation

Azure Functions Privilege Escalation Vulnerability - A Wake-Up Call for Security Professionals

26 April 2023

Citadelo vulnerability stats 2022

Our hackers analyzed 388 client projects. Here's what they found.