OctoPrint ≤1.11.2 Authenticated RCE via File Upload
CVE-2025-58180 is a critical remote code execution vulnerability (CVSS 7.5) in OctoPrint versions ≤ 1.11.2 (patched in 1.11.3, released September 2025)....
Expert analysis, threat intelligence, and practical guidance from Red Secure Tech's security specialists — covering penetration testing, vulnerability assessment, incident response, and secure development for UK businesses.
CVE-2025-58180 is a critical remote code execution vulnerability (CVSS 7.5) in OctoPrint versions ≤ 1.11.2 (patched in 1.11.3, released September 2025). It allows an authenticated attacker with fil...
Read Full ArticleCVE-2025-58180 is a critical remote code execution vulnerability (CVSS 7.5) in OctoPrint versions ≤ 1.11.2 (patched in 1.11.3, released September 2025)....
Apple has released emergency security updates across its entire operating system lineup to patch a actively exploited zero-day vulnerability in the dyld (d...
Process ancestry monitoring tracks the parent-child relationships between processes (who spawned what). This is one of the most reliable ways to detect liv...
Today, attackers have transitioned from using traditional fixed payloads in cyber campaigns (ransomware attacks, espionage, infostealer operations, and phi...
GPO (Group Policy Object) is one of the most effective, but also underused, tools for providing security to Windows networks as well as providing centraliz...
A serious remote code execution vulnerability (CVE-2025-32023) was identified in Redis HyperLogLog (HLL) for all versions greater than (>=) 8.0.0 but le...
Local privilege escalation vulnerability in the glibc library affects versions 2.35 to 2.38 (build tested: 2.35-0ubuntu3.3) and allows an unprivileged user...
Modern software applications continue to fuel a significant increase in zero-day vulnerabilities and their associated exploitation. Zero-day vulnerabilitie...
Our blog insights are backed by hands-on service delivery. Whether you need a penetration test, vulnerability assessment, emergency website recovery, or secure web development — our UK cybersecurity specialists are ready to help.
Emergency malware removal, backdoor elimination, blacklist delisting, and full post-incident hardening for compromised websites.
Authorised simulated attacks exposing real vulnerabilities in your web applications, networks, and infrastructure before attackers do.
Systematic identification and prioritisation of security weaknesses across your digital estate — with actionable remediation guidance.
OWASP-aligned web application development with security engineered in from architecture through to penetration-tested deployment.
Advanced adversary simulation testing your organisation's detection and response capabilities against real-world threat actor behaviour.
Actionable intelligence on threat actors, attack vectors, and emerging risks targeting your sector — enabling proactive defensive decisions.
© 2016 – 2026 Red Secure Tech Ltd. Registered in England and Wales — Company No: 15581067