Security Research Lab
You Can Trust

Expert security audits and incident analysis from a team of industrial researchers specializing in Software Systems, Cloud Servers, Blockchain Protocols, Cryptography, and Digital Asset Protection.

View Subscription Plans Request Audit

ISO 27001 Readiness Assessments

EU-Based Security Compliance Services

Specialized readiness assessments for European organizations seeking ISO 27001 certification. We evaluate your information security management systems, identify compliance gaps, and provide actionable recommendations to achieve certification faster. Our assessments cover all 114 controls across 14 domains, including risk assessment, access control, cryptography, and incident management.

Gap Analysis

Comprehensive evaluation of current security posture against ISO 27001 requirements with detailed remediation roadmap.

Control Assessment

Systematic review of all 114 security controls with evidence collection and documentation support.

Implementation Support

Practical guidance on implementing missing controls and building compliant security management systems.

Security Training & Awareness

Human-Layer Security for European Organizations

Technical controls only go so far — most breaches start with a human. We deliver hands-on security awareness programs, phishing simulations, and ISMS policy reviews for organizations operating under EU, German, UK, and US compliance frameworks. Available in English and German.

Phishing Simulation Campaigns

Realistic phishing scenarios tailored to your industry. We simulate credential harvesting, spear phishing, and pretexting attacks — then deliver per-employee reporting to identify your highest-risk users.

Security Awareness Workshops

Live and async workshops covering phishing, social engineering, password hygiene, and incident reporting. Delivered in English or German, adapted for technical and non-technical staff.

ISMS Policy Review

Review and gap analysis of your existing information security policies against ISO 27001, BSI IT-Grundschutz, NIS2, DORA, or Cyber Essentials requirements. Includes remediation recommendations and updated policy drafts.

Supported Compliance Frameworks

ISO 27001
Global
Information security management
BSI IT-Grundschutz
Germany
Federal security baseline
NIS2 Directive
European Union
Critical infrastructure
DORA
European Union
Financial sector resilience
Cyber Essentials
United Kingdom
UK government-backed scheme
NIST CSF
United States
Enterprise risk framework
SOC 2 Type II
United States
SaaS trust criteria
GDPR Art. 32
EU / UK
Data processor obligations
Request a Training Quote Ask a Question

Recent Security Incidents

April 10, 2026

Resolv Labs Security Incident

Resolv Labs - RektTuesday, April 7, 2026Resolv Labs - Private Key Leak - Supply Chain Attack Three hundred thousand dollars walked into a protocol holding $141 million. Eighty million unbacked stablecoins walked out. The official post-mortem would later reveal a supply chain attack; the breach began not inside Resolv, but at a third-party project where a contractor had previously worked.

April 7, 2026

Russia Hacked Routers to Steal Microsoft Office Tokens

Hackers linked to Russia's military intelligence units are using known flaws in older Internet routers to mass harvest authentication tokens from Microsoft Office users, security experts warned today. The spying campaign allowed state-backed Russian hackers to quietly siphon authentication tokens from users on more than 18,000 networks without deploying any malicious software or code.

April 6, 2026

Germany Doxes “UNKN,” Head of RU Ransomware Gangs REvil, GandCrab

An elusive hacker who went by the handle "UNKN" and ran the early Russian ransomware groups GandCrab and REvil now has a name and a face. Authorities in Germany say 31-year-old Russian Daniil Maksimovich Shchukin headed both cybercrime gangs and helped carry out at least 130 acts of computer sabotage and extortion against victims across the country between 2019 and 2021.

March 23, 2026

‘CanisterWorm’ Springs Wiper Attack Targeting Iran

A financially motivated data theft and extortion group is attempting to inject itself into the Iran war, unleashing a worm that spreads through poorly secured cloud services and wipes data on infected systems that use Iran's time zone or have Farsi set as the default language.

March 20, 2026

Feds Disrupt IoT Botnets Behind Huge DDoS Attacks

The U.S. Justice Department joined authorities in Canada and Germany in dismantling the online infrastructure behind four highly disruptive botnets that compromised more than three million hacked Internet of Things (IoT) devices, such as routers and web cameras. The feds say the four botnets -- named Aisuru, Kimwolf, JackSkid and Mossad -- are responsible for a series of recent record-smashing distributed denial-of-service (DDoS) attacks capable of knocking nearly any target offline.

March 18, 2026

Venus Protocol Rekt4

Venus Protocol - Rekt IVWednesday, March 18, 2026Venus Protocol - Supply Cap Manipulation Nine months of patience. One dismissed audit finding. And a protocol that had already absorbed $717,000 in bad debt from a donation-style exploit on its own ZKSync deployment twelve months earlier. On March 15, 2026, an attacker who had spent nine months quietly accumulating 84% of Venus Protocol's supply cap for the Thena token executed a Mango Markets-style price manipulation attack on BNB Chain, bypassing the cap entirely through a technique called a donation attack, running a recursive borrow loop against thin liquidity, and extracting $3.7 million in borrowed assets before the position imploded into $2.15 million in bad debt.

March 13, 2026

Aave Security Incident

Aave - RektFriday, March 13, 2026Aave - Liquidation - Configuration Error $27.78 million (10,938 wstETH) in healthy positions liquidated - not by a hacker, not by a market crash, by Aave's own anti-manipulation system, misfiring on the people it was built to protect.

March 11, 2026

Microsoft Patch Tuesday, March 2026 Edition

Microsoft Corp. today pushed security updates to fix at least 77 vulnerabilities in its Windows operating systems and other software. There are no pressing "zero-day" flaws this month (compared to February's five zero-day treat), but as usual some patches may deserve more rapid attention from organizations using Windows. Here are a few highlights from this month's Patch Tuesday.

March 11, 2026

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker

A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technology company based in Michigan. News reports out of Ireland, Stryker's largest hub outside of the United States, said the company sent home more than 5,000 workers there today. Meanwhile, a voicemail message at Stryker's main U.S. headquarters says the company is currently experiencing a building emergency.

March 10, 2026

Solv Security Incident

DeFi / Crypto - $2.73 million drained from Solv's BRO vault, a callback fired before the books balanced, minting the same deposit twice across 22 loops and turning 135 BRO into 567 million, all inside a single transaction. An unaudited contract with no bug bounty coverage, losses covered by the team, attacker exited to Tornado Cash.

Security Research

vorbis-tools — oggenc 1.4.3

CVE Pending: SIGSEGV in oggenc 1.4.3 (vorbis-tools) via Crafted WAV File

Medium Public
April 10, 2026

A crafted WAV file triggers a null pointer dereference / segmentation fault (SIGSEGV) in oggenc 1.4.3, crashing the encoder unconditionally. Reproducible with a single Python command. No user interaction beyond passing the file to oggenc is required. CVE requested — assignment pending.

CVE — pending assignment
Wings3D 3D Modelling Software — v2.4.1

CVE Unhandled IEEE754 Special Values in Wings3D 2.4.1 OBJ Parser

Medium Public
March 31, 2026

A crafted Wavefront OBJ file containing IEEE754 special float values (nan, inf, -inf) or overflow exponents (1e999) in vertex coordinate fields causes Wings3D to crash immediately on import. Root cause: the Erlang function str2float_2/2 in e3d_obj.erl (line 391) uses pattern matching with no clause for IEEE754 special value strings, raising an unhandled function_clause exception that unwinds the BEAM VM call stack and terminates the import. All unsaved user work is lost. Vendor notified: sourceforge.net/p/wings/bugs/252/

CVE
Scribus Desktop Publishing Software — v1.6.5

CVE : Uncontrolled Resource Consumption in Scribus 1.6.5

Medium Public
March 26, 2026

A crafted .sla project file with extreme numeric geometry values (PAGEWIDTH, HEIGHT, BORDERLEFT, etc.) causes Scribus to enter an infinite loop during layout containment checking, consuming 99% CPU and triggering a system-wide memory pressure cascade. No user interaction beyond opening the file is required. Root cause: geometry fields are read directly into Qt structures (QRect, QRegion) without upper or lower bounds enforcement.

CVE
Actions Semiconductor — USB VID 10D6

CVE: Unsigned Firmware Update in Actions Semiconductor Platform

Medium Public
February 24, 2026

The firmware update tool (RdiskUpgrade.exe / Production.dll) for all devices using Actions Semiconductor VID 10D6 performs zero cryptographic verification before flashing firmware over USB. An attacker with physical access can permanently compromise any affected device. Covers 12 USB Product IDs across multiple consumer brands. CVE submitted to MITRE — pending assignment.

CVE
Shotcut / MLT Framework

CVE-2025-65834: Buffer Overflow in Shotcut 25.10.31

Medium Public
December 14, 2025

Buffer overflow in Shotcut video editor's MLT Framework image processing pipeline. An attacker can trigger out-of-bounds memory access via a crafted media file. CVE assigned by MITRE.

CVE-2025-65834 — assigned by MITRE

Our Services

Smart Contract Audits

Comprehensive security analysis of blockchain smart contracts, covering re-entrancy, access control, logic errors, and economic vulnerabilities.

DeFi Security Reviews

Specialized audits for DeFi protocols including oracle manipulation, flash loan attacks, AMM vulnerabilities, and token economics.

Web Application Security

OWASP Top 10 assessments, API security testing, authentication bypass, injection attacks, and XSS vulnerabilities.

Cloud Security Audits

AWS, Azure, and GCP security assessments covering IAM, network security, data protection, and compliance.

Penetration Testing

Black-box and white-box penetration testing for web applications, APIs, and infrastructure.

Incident Analysis

Post-breach forensics, root cause analysis, and remediation guidance based on real-world attack patterns.

Security Subscription Plans

🔒 Professional Security Monitoring & Expert Reviews

Choose from three comprehensive security plans designed for all technology stacks - from automated protection to dedicated security teams. Plans start at $199/month with 15% savings on annual billing.

View All Subscription Plans →

Not ready for a subscription? We offer one-time security audits starting at €2,500 for smart contracts and €3,500 for full-stack applications.

Request Custom Quote
Get Started

Request a Security Audit

Tell us about your project. We scope every engagement individually — no fixed packages, no cookie-cutter reports.

24h Response
Custom quote turnaround
NDA First
Confidentiality guaranteed
Fixed Price
No surprise billing
audit@bytescan.net

We typically respond within 24 hours with a custom quote based on your project scope and requirements.

Frequently Asked Questions

What types of smart contracts do you audit?
We audit all types of smart contracts including DeFi protocols (DEXs, lending platforms, yield farms), NFT marketplaces, DAOs, bridges, staking contracts, and more. We work with Solidity (Ethereum), Rust (Solana), and other blockchain languages.
How long does a typical audit take?
A standard smart contract audit takes 1-2 weeks depending on complexity. Small contracts (< 500 lines) can be completed in 3-5 days, while large DeFi protocols may require 3-4 weeks for comprehensive analysis.
What's included in a security audit?
Our audits include: manual code review, automated vulnerability scanning, logic verification, economic security analysis, gas optimization recommendations, detailed findings report with severity ratings, and remediation guidance. We test for common vulnerabilities like re-entrancy, access control issues, oracle manipulation, and more.
Do you offer bug bounty management?
Yes, our Enterprise plan includes bug bounty program setup and management. We help structure reward tiers, triage submissions, and coordinate with whitehats. We can also integrate with platforms like Immunefi and Code4rena.
What's your responsible disclosure policy?
We follow industry-standard responsible disclosure: 90-day private disclosure period, coordinated public disclosure with the project team, and proper CVE assignment when applicable. We never publicly disclose vulnerabilities without vendor coordination.
Can you help with incident response?
Yes, we provide emergency incident response for active exploits. Our Professional and Enterprise plans include incident response consultation. For non-subscribers, we offer emergency retainer agreements with 24/7 availability.

Contact Us

General inquiries, partnerships, or media requests.

Email
audit@bytescan.net
Reply within 24 hours
X / Twitter
@Bytescan_
Latest research & updates
Based in
Berlin, Germany
Serving EU, UK & US clients
Response time
Under 24 hours
Mon–Fri, CET timezone