Blog

CVE-2025-47812 is a critical vulnerability affecting Wing FTP Server versions prior to 7.4.4. This severe security flaw enables unauthenticated attackers to execute arbitrary code remotely (RCE) by exploiting inadequate validation of input containing null bytes (%00) in the authentication process

The Exploit Prediction Scoring System (EPSS) is a data-driven model that predicts the likelihood a given software vulnerability will be exploited in the wild.

Most security tools today, static analyzers, fuzzers, even single-agent LLMs, struggle to find complex, multi-step vulnerabilities. But the emerging model of multi-agent collaboration can fundamentally transform vulnerability discovery. Argusee’s recent results are just a glimpse of what's possible.

The Beginning of AI-Native Security Research

Application Detection and Response (ADR) technologies are essential for identifying and mitigating runtime attacks. Yet, many existing approaches struggle to detect nuanced, logic-based vulnerabilities effectively.

Understanding domestic and international regulatory landscapes is crucial to ensuring compliance and enhancing security postures. This blog post explores key software security mandates worldwide, including those from the United States, European Union, and Asia-Pacific, providing a comprehensive guide on navigating these complex regulations for a secure software development lifecycle.

By someone who used to review every PR, and now reviews AI-generated diffs. Software development is about to look very different.

Application Detection and Response (ADR) is emerging as the next evolution in application security, aiming to catch and stop attacks from within the application itself at runtime. Recent incidents like the Next.js middleware vulnerability CVE-2025-29927 – an authentication bypass triggered by a single HTTP header – underscore why traditional approaches often fall short.

Product enhancements that empower entire teams to simplify their application security processes, prioritize issues based on impact and remediate vulnerabilities more precision.

Kodem unified data model allows reasoning about “what’s happening” in the app—at every layer, in every stage—at once.

Agentic red teams, AI-powered multi-agent systems capable of offensive security testing, have arrived as a timely and necessary innovation to fill this critical gap in the cybersecurity landscape.

Pinpoint real exposure with Kodem’s unique approach, as seen in real-world example of CVE-2025-29927 in Next.js.