Welcome to Cenobe's Tech Intelligence Hub. Here, we share our expertise in offensive cybersecurity through in-depth technical analyses, research & development findings, and compliance insights.
In 2020, SAP disclosed CVE-2020-6219, a deserialization-based Remote Code Execution (RCE) vulnerability in the Crystal Report Viewer. Fast forward to 2025, and we revisited this flaw developing a practical exploitation path that highlights just how dangerous it remains in real-world scenarios.
Learn how a collaborative security assessment approach helped Gitpod transform their vulnerability management and build greater confidence in their products.
CVE-2025-24813 has been making headlines with a critical 9.8 CVSS score, raising concerns across the industry. But after diving deep into its internals, our R&D team came to a different conclusion: this vulnerability is far harder to exploit than it seems.
How a popular Ruby gem exposed thousands of applications to remote code execution. A technical analysis of the vulnerability that affected major platforms worldwide.