Caitlin Condon

@[email protected]
1.3K Followers
713 Following
931 Posts
Adventurer. Takes a lot of photos, calls many places home. VP of research @vulncheck. Previously vulnerability research director @ Rapid7 + @metasploit. Opinions mine, etc. She/her.
Websitecaitlincondon.com
Show threadCaitlin Condon2h ago
@apicultor 🤷🏻‍♀️
Caitlin Condon4h ago

It's a day ending in "y", which means I'm #hiring senior exploit developers around Cheltenham, UK. If you're based near Cheltenham and love RCE exploits, hit me up!

[Must be within reasonable distance of Cheltenham. No relocation, no sponsorship, sorry!]

https://job-boards.greenhouse.io/vulncheck/jobs/4009149009

Caitlin Condon5h ago
Frey has a free writing Patreon11h ago
This quote from Apollo 14 astronaut Edgar Mitchell has been in my head the last few days
Caitlin Condon5h ago
How did Google Drive get *so goddamn bad*? Drive is absolutely the place to send a file you never want to find again.
Caitlin CondonMar 26

After 2+ weeks of semi-painful exploit development, @yeslikethefood and team have a full RCA out for Cisco Secure Firewall Management Center (FMC) CVE-2026-20079.

The bug is a CVSS 10, but there are significant prerequisites that may limit exploitability in real-world scenarios. There are between 300 and 700 FMC systems on the public internet as of today.

https://www.vulncheck.com/blog/cisco-fmc-auth-bypass-cve-2026-20079

CVE-2026-20079 - Cisco FMC Authentication Bypass RCE Analysis | Blog | VulnCheck

VulnCheck's Initial Access Intelligence team analysis of CVE-2026-20079, an authentication bypass and remote code execution vulnerability in Cisco Secure Firewall Management Center.

VulnCheck
Caitlin CondonMar 23

I'm terrible at social media these days, but our research team put out a pretty neat report on #EOL network edge devices, who's exploiting them, and why they get missed sometimes in more "enterprise"-focused threat intel lists.

Full report via VulnCheck researcher Patrick Garrity: https://wwv.vulncheck.com/2026-network-edge-device-report

2026 Exploring the Network Edge Report | VulnCheck

Download Exploring the Network Edge research report to understand how network edge devices may impact cyber risk.

Caitlin CondonFeb 26
We created a data-driven, multi-dimensional list of 2025's Top Routinely Targeted Vulnerabilities based on public exploits, ransomware, threat actor, and botnet data. Explore the 2025 top 50 here: https://www.vulncheck.com/2025-routinely-targeted-vulnerabilities
VulnCheck - Outpace Adversaries

Vulnerability intelligence that predicts avenues of attack with speed and accuracy.

VulnCheck
Caitlin CondonFeb 25

A ton of new research out today from the VulnCheck crew 📈

We just released our 2026 Exploit Intelligence Report, which has in-depth analysis of the public exploit ecosystem, various critical CVE timelines, threat actor and botnet deep dives, and plenty more!

https://wwv.vulncheck.com/2026-vulncheck-exploit-intelligence-report

...but what I expect most folks will focus on (because everyone loves a list) is our new annual list of Routinely Targeted Vulnerabilities, which we're releasing to the public along with select metadata here: https://www.vulncheck.com/2025-routinely-targeted-vulnerabilities

We're also doing a webcast on the windfall of recent research from our team TODAY! https://wwv.vulncheck.com/in-the-wild-with-vulncheck-webinar-series

2026 VulnCheck Exploit Intelligence Report | VulnCheck

Discover key insights from the 2026 VulnCheck report on exploited vulnerabilities, highlighting attacker behavior and operational timing that left organizations vulnerable in 2025.

Caitlin CondonFeb 25
The best part of not owning a house is not owning a house in a snowstorm.
Caitlin CondonFeb 19
poptartFeb 19
There's been a comical increase in fake PoCs in GitHub that have hallucinated the completely incorrect CVE ID. Pretty representative of the care that people do with these things.