Assetnote

Our team reverse engineered the Magento PolyShell pre-auth RCE - actively exploited in the wild. No auth needed to land a PHP webshell. RCE depends on server config, but the file persists regardless. Props to @sansecio for the heads up. slcyber.io/research-cente… @SLCyberSec

Reverse engineering large enterprise apps means wading through hundreds of vendor dependencies. We got tired of it, so we built Hyoketsu to fix it - open source, with a pre-calculated 13GB NuGet + Maven hash database. GitHub: github.com/assetnote/hyok…: slcyber.io/research-cente…

Our security research team created a high fidelity check for the Next.js/RSC RCE (CVE-2025-55182 & CVE-2025-66478). Read more on our blog here: slcyber.io/research-cente…

Our Security Research team discovered a critical vulnerability in Oracle Identity Manager, that leads to RCE without authentication. A patch was released 30 days ago by Oracle (CVE-2025-61757), and we highly recommend applying it. Our research post here: slcyber.io/research-cente…

Our Security Researcher @softpoison_ published his first research post, reverse engineering CVE-2025-54236 (SessionReaper) - a critical unauthenticated RCE in Magento. From understanding @Blaklis_'s original discovery, we wrote up our analysis here: slcyber.io/assetnote-secu…

Our Security Research team presented on Finding Critical Vulnerabilities in Adobe Experience Manager at @BSidesCbr late last month. We’ve published our research detailing the internals of AEM and how we discovered seven CVEs ranging in criticality here: slcyber.io/assetnote-secu….

Earlier this year, our Security Research team discovered a high-risk secondary context path traversal issue in Omnissa Workspace One UEM (CVE-2025-25231). We also developed a chain to RCE on instances in the wild. You can read our detailed research here: slcyber.io/assetnote-secu…

The final research blog from @SLCyberSec's Christmas in July concerns three more critical vulnerabilities that our security researchers have uncovered in Adobe Experience Manager Forms: two paths to RCE and a pre-authentication XXE slcyber.io/assetnote-secu…

Our Security Research team at @SLCyberSec found four vulnerabilities in the quality management platform ETQ Reliance, including a critical Remote Command Execution: slcyber.io/assetnote-secu…

Sometimes, SQL injection is still possible, even when prepared statements are being used. Our researcher @hash_kitten has written up a blog post about a novel technique for SQL Injection in PDO’s prepared statements: slcyber.io/assetnote-secu…

Our Security Research team at @SLCyberSec discovered a pre-authentication RCE vulnerability in Sawtooth Lighthouse Studio (CVE-2025-34300). It affects all versions up to 9.16.14. Read more here: slcyber.io/assetnote-secu…

Continuing @SLCyber’s Christmas in July posts, our Security Research team discovered a pre-authentication NTLM hash disclosure vulnerability in DNN (formerly DotNetNuke), assigned CVE-2025-52488. Read more on our blog here: slcyber.io/assetnote-secu…

For our first Christmas in July research post: How we managed to get persistent XSS on every Adobe Experience Manager Cloud instance three times! slcyber.io/assetnote-secu…

We’re trying to buck the trend of critical vulnerabilities all landing at the end of the year, much to the despair of security professionals! This July, we’ll be publishing a series of vulnerabilities across the month. Stay tuned: slcyber.io/assetnote-secu…

Our team recently used a novel technique to increase the impact of what seemed to be only a blind SSRF. This novel technique involving HTTP redirect loops and incremental status codes led to full HTTP response leakage. Read more on @SLCyberSec blog here: slcyber.io/assetnote-secu…

Our security research team discovered a critical pre-authentication SQL injection vulnerability in Halo ITSM, a popular IT support software, often externally exposed and sensitive: Read more here: slcyber.io/assetnote-secu…

Our security research team recently analyzed the authentication bypass vulnerability in Next.js (CVE-2025-29927). Our blog post details how to detect this vulnerability with more reliability. Read more here: slcyber.io/assetnote-secu…

Our security research team discovered a pre-auth RCE (CVE-2025-27218) in Sitecore XP 10.4. You can read our research here: slcyber.io/blog/sitecore-…

Our security research team discovered an authentication bypass in Palo Alto's PAN-OS management interface. Our discoveries come shortly after exploit chains were released at the end of 2024 after a deeper investigation. You can read our research here: slcyber.io/blog/nginx-apa…

We are thrilled to announce that Assetnote has been acquired by Searchlight Cyber! This is an exciting new chapter for our team as we continue our mission of providing our customers with a market-leading ASM solution. Joining forces with Searchlight Cyber means that we will be able to combine their dark web intelligence expertise and data with our Proactive Attack Surface Management capabilities to create a holistic Continuous Threat Exposure Management (CTEM) Platform. This acquisition is a testament to the hard work and dedication of the entire Assetnote team. We’re excited to continue our adventure as part of the Searchlight Cyber family, with our founders, Michael Gianarakis (CEO) and Shubham Shah (CTO), leading the ASM division. We want to send a heartfelt thank you to our customers, partners, and supporters who have been with us every step of the way. Assetnote’s platform and security research team will continue to operate and improve on this next leg of our journey. Customers can expect no service disruption through this acquisition and will soon enjoy the benefits of the additional dark web intelligence capabilities of Searchlight. To learn more about this announcement, check out the full press release here. assetnote.io/acquisition