Cybersecurity glossary
Short, self-contained definitions of the technical terms we use every day in the newsletter. Designed to be quoted: one paragraph for what it is, another for why it matters and how it's used.
CVE
See CVE newsletter →- CVECommon Vulnerabilities and Exposures
Unique identifier in the form CVE-YYYY-NNNN, assigned by MITRE to a publicly disclosed vulnerability. Industry standard for referencing specific security flaws.
Read full entry → - CVSSCommon Vulnerability Scoring System
Industry standard to score vulnerability severity on a 0–10 scale. Combines attack vector, complexity, privileges required, user interaction, and impact on C, I, A.
Read full entry → - RCERemote Code Execution
Vulnerability that lets a remote attacker run arbitrary code on the vulnerable system. The highest-severity category — and the most-hunted in bug bounty.
Read full entry → - LPELocal Privilege Escalation
Vulnerability that lets a user with local access (shell, regular user) elevate privileges — typically to root/SYSTEM. Critical in multi-tenant and post-compromise scenarios.
Read full entry → - Zero-day
Publicly unknown vulnerability with no patch available. The name comes from the vendor having 'zero days' to react before the first attack.
Read full entry →
Bug Bounty
See Bug Bounty newsletter →- XSSCross-Site Scripting
Vulnerability where attacker-controlled JavaScript executes in a victim's browser under a trusted domain's context. Session theft, account takeover, and targeted phishing.
Read full entry → - SQLiSQL Injection
Injection of malicious SQL into a backend query via unsafe concatenation of user input. Allows reading/modifying the database, and sometimes RCE via xp_cmdshell or load_file.
Read full entry → - SSRFServer-Side Request Forgery
Vulnerability where an attacker tricks the server into issuing HTTP requests to attacker-chosen targets. Allows reaching cloud metadata, internal networks, and localhost services.
Read full entry → - IDORInsecure Direct Object Reference
Access control vulnerability: the server exposes guessable or predictable IDs and doesn't validate that the requester is authorised to access that resource.
Read full entry →
Cyberattacks
See Ciberataques newsletter →- Ransomware
Malware that encrypts a victim's files and demands ransom (typically in crypto) for the decryption key. Organised criminal business model.
Read full entry → - Phishing
Social engineering technique where the attacker impersonates a trusted identity (bank, support, colleague) to steal credentials, OTPs, money, or trigger malware execution.
Read full entry → - APTAdvanced Persistent Threat
Threat actor with significant resources, long-term objectives, and sophisticated techniques. Often state-sponsored or backed by high-tier organised crime.
Read full entry → - Supply Chain Attack
Attack that compromises a software supply-chain component (dependency, build pipeline, vendor) to infect all of its consumers with a single intrusion.
Read full entry →