S6 Blog

Security research, product updates, and field notes

Practical guidance for security leaders and practitioners building with agentic AI.

Dell RecoverPoint hard-coded credentials underline the risk hiding in resilience platforms
infrastructure-securityvulnerability-managementsoc

Dell RecoverPoint hard-coded credentials underline the risk hiding in resilience platforms

CISA listed this issue as known exploited. The useful SOC question is where the affected system sits, what it can reach, and whether logs can prove if it was touched.

S6 Security Labs
3 min read
BeyondTrust command injection is exactly the kind of remote-access risk SOCs cannot treat as routine
privileged-accessremote-accesssoc

BeyondTrust command injection is exactly the kind of remote-access risk SOCs cannot treat as routine

CISA listed this issue as known exploited. The useful SOC question is where the affected system sits, what it can reach, and whether logs can prove if it was touched.

S6 Security Labs
3 min read
React Native CLI command injection is a build-pipeline problem
application-securityvulnerability-managementsoc

React Native CLI command injection is a build-pipeline problem

CISA listed this issue as known exploited. The useful SOC question is where the affected system sits, what it can reach, and whether logs can prove if it was touched.

S6 Security Labs
3 min read
SolarWinds Web Help Desk exploitation risk shows why help desks sit in the blast path
enterprise-securityvulnerability-managementsoc

SolarWinds Web Help Desk exploitation risk shows why help desks sit in the blast path

CISA listed this issue as known exploited. The useful SOC question is where the affected system sits, what it can reach, and whether logs can prove if it was touched.

S6 Security Labs
3 min read
Fortinet authentication bypass risk puts the internet edge back under the microscope
edge-securitynetwork-securityvulnerability-management

Fortinet authentication bypass risk puts the internet edge back under the microscope

CISA listed this issue as known exploited. The useful SOC question is where the affected system sits, what it can reach, and whether logs can prove if it was touched.

S6 Security Labs
3 min read
A poisoned eslint-config-prettier package turns developer convenience into supply-chain exposure
supply-chaindeveloper-securityci-cd

A poisoned eslint-config-prettier package turns developer convenience into supply-chain exposure

CISA listed this issue as known exploited. The useful SOC question is where the affected system sits, what it can reach, and whether logs can prove if it was touched.

S6 Security Labs
3 min read
Cisco Unified Communications RCE risk belongs outside the voice-team queue
infrastructure-securityvulnerability-managementsoc

Cisco Unified Communications RCE risk belongs outside the voice-team queue

CISA listed this issue as known exploited. The useful SOC question is where the affected system sits, what it can reach, and whether logs can prove if it was touched.

S6 Security Labs
3 min read
Gogs path traversal is a reminder that source control is production infrastructure
application-securityvulnerability-managementsoc

Gogs path traversal is a reminder that source control is production infrastructure

CISA listed this issue as known exploited. The useful SOC question is where the affected system sits, what it can reach, and whether logs can prove if it was touched.

S6 Security Labs
3 min read
HPE OneView code injection belongs on the infrastructure risk board
infrastructure-securityvulnerability-managementsoc

HPE OneView code injection belongs on the infrastructure risk board

CISA listed this issue as known exploited. The useful SOC question is where the affected system sits, what it can reach, and whether logs can prove if it was touched.

S6 Security Labs
3 min read