Hacking 2025: A Pen Tester’s Take on Today’s Cybersecurity Chaos

Signed, Trusted, Exploited: Inside the Codesys Backdoor Playbook A trusted industrial automation platform turned silent entry point, the latest findings around Codesys backdoored applications reveal a dangerous evolution in cyber attacks. As an independent blogger and part-time penetration tester, this shift stands out immediately. Attackers are no longer just breaching systems, they are embedding themselves into the operational logic that drives real-world processes. This is not about malware sitting on endpoints. This is about manipulating the very instructions that control industrial environments, while everything appears legitimate. Attack Vector: Weaponised Industrial Control Applications Threat actors are modifying Codesys applications directly, inserting malicious logic into otherwise legitimate automation workflows. These backdoored applications allow attackers to: Maintain persistent access within PLC environments Execute remote commands without triggering traditional alerts B...