Blog
Technical Deep Dive
When the Heat Gets to Your Database: A Refreshing SQL Injection Discovery in Z-Push
Javier GilSecurity Research
Finding XSS in Salesforce Aura Components: How XBOW Got Creative
Diego JuradoSecurity Research
CVE-2025-49493: XML External Entity (XXE) Injection in Akamai CloudTest
Diego JuradoSecurity Research
Breaking the Shield: How XBOW Discovered Multiple XSS Vulnerabilities in Palo Alto’s GlobalProtect VPN
Alvaro MuñozCompany News
The Road to Top 1: How XBOW Did It
Nico WaismanSecurity Research
The Nightmare Before Christmas: An Arbitrary File Download on Zoo-Project
Nico WaismanSecurity Research
Stored Cross-Site Scripting (XSS) in 2FAuth
Diego JuradoSecurity Research
LabsAI’s EDDI Project Path Traversal
Diego JuradoSecurity Research