Matthew Mathur
Senior Security Researcher, Fastly
Matthew is a Senior Security Researcher at Fastly, focusing on vulnerability research, web application attacks, and developing protections. Matthew is an active contributor to several open source security tools including the Metasploit Framework and Nuclei, and is passionate about sharing research with the security community.
Active exploitation of unauthenticated stored XSS vulnerabilities in WordPress Plugins
We have observed active exploitation attempts targeting three high-severity CVEs: CVE-2024-2194, CVE-2023-6961, and CVE-2023-40000.
CVE-2023-30534: Insecure Deserialization in Cacti prior to 1.2.25
We have discovered two instances of insecure deserialization in Cacti versions prior to 1.2.25, tracked as CVE-2023-30534.
Back to Basics: Directory Traversal
In this post, we'll explore the application vulnerability directory traversal. What is it and how can you protect your apps from it?
Network Effect Threat Report: Uncovering the power of collective threat intelligence
Announcing the Network Effect Threat Report, Fastly’s threat intelligence report with insights based on unique data from April to June of 2023
Back to Basics: OS Command Injection
What is an OS Command Injection? In this blog, we'll explore the web application vulnerability, OS Command Injection, and how to prevent it.
CVE-2023-34362: Progress MOVEit Transfer SQL Injection Vulnerability
What you need to know about CVE-2023-34362: Progress MOVEit Transfer SQL Injection Vulnerability
Command Injection CVE-2021-25296: A Deep Dive
NagiosXI versions 5.5.6 to 5.7.5 are vulnerable to three different instances of command injection.
