n-day-exploitation
2 posts
Article
NetScaler trusts snprintf, leaks adjacent heap memory
Why 'silent' vulnerabilities like Citrix Bleed (CVE-2023-4966) are already exploited at the network edge, what they produce in telemetry, and where defenders are blind.
Article
Mandiant clocked 5 days in 2023
Mean time-to-exploit for critical CVEs has collapsed to days. The mechanism is patch diffing, n-day industrialisation, and telemetry gaps on appliances.