Intelligence Archive

Technical Blog

CVE writeups, offensive tooling analysis, red teaming methodology and field notes from the SPECTROSEC team.

CVE Writeup 14 Apr 2026 8 min

CVE-2026-0740 | Ninja Forms File Uploads Exposes 50,000 WordPress Sites to RCE

Technical analysis of CVE-2026-0740, a critical flaw (CVSS 9.8) in the Ninja Forms File Uploads plugin. Validation bypass, path traversal, and active in-the-wild exploitation.

Read →

Web Security 05 Apr 2026 7 min

OWASP Top 10 2025 | What Changed and Why It Matters

Analysis of the new OWASP Top 10 categories, focused on BOLA, SSRF and Software Supply Chain. Field notes from a team that runs pentests every week.

Read →