Brangus ITBrangus IT
Research

Original research from the Brangus IT labs.

Vulnerability research, malware analysis, and threat pattern studies conducted by our offensive security and threat intelligence teams.

CVE Disclosure May 12, 2026

Authentication Bypass in a Popular Self-Hosted File Sharing Platform

Our labs identified and responsibly disclosed an authentication bypass affecting a widely deployed self-hosted file sharing platform, resulting in a coordinated patch release.

Threat Research April 2, 2026

Analysis of Push-Bombing MFA Bypass Techniques in the Wild

A technical breakdown of MFA fatigue attack patterns observed across incident response engagements in the past year.

Research March 8, 2026

Supply Chain Risk in Open-Source CI/CD Actions

An audit of commonly used CI/CD marketplace actions revealed several with excessive permissions scopes and unpinned dependencies.

Malware Analysis February 14, 2026

Reverse Engineering a Commodity Infostealer's C2 Protocol

Detailed protocol analysis enabling detection signature development for a widely distributed infostealer family.

Cloud Security January 22, 2026

Cloud Metadata Service Abuse Patterns Across IaaS Providers

A comparative study of SSRF-to-credential-theft paths via cloud instance metadata services across AWS, Azure, and GCP.

Do not wait for an attacker to show you where your weaknesses are.

Talk to a Brangus IT security engineer about a tailored assessment for your environment — no obligation, no generic sales pitch.