Server-side Template Injection Leading to RCE on Google VRP

WPML Multilingual CMS Authenticated Contributor+ Remote Code Execution (RCE) via Twig Server-Side Template Injection (SSTI)

Chaining Three Bugs to Access All Your ServiceNow Data

Vulnerabilities in Open Source C2 Frameworks

[2,500$ Bug Bounty Write-Up] Remote Code Execution (RCE) via unclaimed Node package

Attacking PowerShell CLIXML Deserialization