CyStack logo
  • Products & Services
  • Solutions
  • Pricing
  • Company
  • Resources
En

en

CyStack image\

Our Research

Welcome to our research page, where we provide you with the latest news, trends, and insights in the fast-paced world of tech. Join us on this exciting journey and discover the transformative power of technology today.

February 4 2026|Threats & Research

Analysis of Suspected Malware Linked to APT-Q-27 Targeting Financial Institutions

Reading Time: 12 minutesĐọc bản tiếng Việt tại đây Overview Context In mid-January 2026, CyStack’s security team observed anomalous activity on a corporate […]

Analysis of Suspected Malware Linked to APT-Q-27 Targeting Financial Institutions
CVE-2025-59837 Analysis: How I Bypassed an Astro Security Patch

Reading Time: 2 minutes  CyStack Advisory ID CSA-2025-01 CVE IDs CVE-2025-59837 Severity High CVSS v3 Base 7.2   Recently, I analyzed a security […]

Stored XSS leads to account takeover in Flarum

Reading Time: 2 minutesCyStack Advisory ID CSA-2022-01 CVE IDs CVE-2022-41938 Severity Critical CVSS v3 Base 9.0 Synopsis CyStack’s researchers recently discovered a Stored […]

Flash Loan Attack
Flash Loan Attack
June 27 2022|Threats & Research

Reading Time: 7 minutesMở đầu Flash Loan Attack là một hình thức tấn công DeFi đã xuất hiện từ lâu, gây ra rất […]

Advisories

View all
February 4 2026|Advisories

CVE-2025-59837 Analysis: How I Bypassed an Astro Security Patch

Reading Time: 2 minutes  CyStack Advisory ID CSA-2025-01 CVE IDs CVE-2025-59837 Severity High CVSS v3 Base 7.2   Recently, I analyzed a security […]

CVE-2025-59837 Analysis: How I Bypassed an Astro Security Patch
Stored XSS leads to account takeover in Flarum

Reading Time: 2 minutesCyStack Advisory ID CSA-2022-01 CVE IDs CVE-2022-41938 Severity Critical CVSS v3 Base 9.0 Synopsis CyStack’s researchers recently discovered a Stored […]

Cyclos < 4.14.15 – Remote code execution

Reading Time: 3 minutesCyStack Advisory ID CSA-2021-01 CVE IDs CVE-2021-44832 Severity Critical CVSS v3 Base 10.0 Synopsis Cyclos is a payment software created […]

macOS Rootkit Emulation
macOS Rootkit Emulation
June 24 2022|Advisories

Reading Time: 4 minutesKernel rootkit is considered the most dangerous malware that may infect computers. Operating at ring 0, the highest privilege level […]

Threats & Research

View all
February 4 2026|Threats & Research

Analysis of Suspected Malware Linked to APT-Q-27 Targeting Financial Institutions

Reading Time: 12 minutesĐọc bản tiếng Việt tại đây Overview Context In mid-January 2026, CyStack’s security team observed anomalous activity on a corporate […]

Analysis of Suspected Malware Linked to APT-Q-27 Targeting Financial Institutions
Flash Loan Attack
Flash Loan Attack
June 27 2022|Threats & Research

Reading Time: 7 minutesMở đầu Flash Loan Attack là một hình thức tấn công DeFi đã xuất hiện từ lâu, gây ra rất […]

Static binary injection with high-level code
Static binary injection with high-level code
April 5 2023|Threats & Research

Reading Time: 8 minutesGiới thiệu Static binary injection là một kỹ thuật dùng để chèn những đoạn code từ ngoài vào trong một […]

Subdomain takeover – Chapter two: Azure Services
Subdomain takeover – Chapter two: Azure Services
September 27 2023|Threats & Research

Reading Time: 4 minutesAs I described in the chapter one, we can control the content of a sub-domain d by  controlling the content […]