vulnerability • William OGOU Cybersecurity Blog

img of ServiceNow 'Counter-Strike' Flaw (CVE-2025-3648) Explained

Critical vulnerability in ServiceNow (CVE-2025-3648) allows a low-privilege user to gain full admin access. Learn how the 'Counter-Strike' attack works and how to mitigate it.

img of Critical SharePoint RCE (CVE-2025-53770)

Jul 21, 2025 7 min read

vulnerability

Critical SharePoint RCE (CVE-2025-53770) By William OGOU

Critical, actively exploited zero-day RCE vulnerability in SharePoint Server (CVE-2025-53770). This is your guide to understanding, identifying, and mitigating the threat immediately.

img of RCE in mcp-remote (CVE-2025-6514)

Jul 10, 2025 5 min read

ai-security

RCE in mcp-remote (CVE-2025-6514) By William OGOU

Critical RCE vulnerability (CVE-2025-6514) in Anthropic's mcp-remote exposes developer machines. Learn how attackers can chain exploits to take control and why securing AI agents is paramount.

img of ConfusedComposer: GCP Cloud Build vunerability via PyPI Packages

Apr 23, 2025 9 min read

vulnerability

ConfusedComposer: GCP Cloud Build vunerability via PyPI Packages By William OGOU

Unpacking ConfusedComposer: Discover how Tenable found a GCP vulnerability allowing privilege escalation via malicious PyPI packages in Cloud Composer & Cloud Build.

Apr 2, 2025 9 min read

vulnerability

ImageRunner Vulnerability: Privilege Escalation in GCP Cloud Run By William OGOU

Explore the ImageRunner vulnerability: A patched GCP Cloud Run privilege escalation flaw. See how IAM permissions allowed unauthorized image access via service agents.