Pen Test Partners

Carlsberg… probably not the best cybersecurity in the world

TL;DR The exhibition My Wife and I visited the Carlsberg exhibition in Copenhagen in August 2025 and we were given wristbands ...
Pen Test Partners

Compromising a multi-cloud environment from a single exposed secret

TL;DR Introduction In practice, it is still hard to keep secrets safe in the cloud. All major cloud service providers have ...
Pen Test PartnersOpinion

AI noise and the effect it’s having on vulnerability disclosure programs

Managing vulnerability reports is difficult for an organisation.  In an ideal world, something like this happens: Everyone is ...
Pen Test Partners

PCI London Summit 2026

Our Paul Brennecker and Charles Hunter will be attending.
Pen Test Partners

2025, the year of the Infostealer

TL;DR Introduction Infostealers are not new malware. They have been around for decades. What has changed is how effective ...
pentestpartners.com

eyeDisk. Hacking the unhackable. Again

Last year, about the time we were messing around with a virtually unheard-of hardware wallet we got a bit excited about the word “unhackable”. Long story short, I ended up supporting a selection of ...
pentestpartners.com

Pwning WordPress GraphQL

Third-party plugins are often the security Achilles heel of Content Management Systems (CMS). It seems like not a month goes by without one security researcher or another uncovers a vulnerability in a ...