Ivan SpiridonovOffensive Security Consultant
Specialized in discovering and exploiting security vulnerabilities in web applications, networks, and infrastructure to help organizations improve their security posture.
Expertise
Web Application Security
Identifying and exploiting vulnerabilities in web applications to prevent potential security breaches.
Exploit Development
Creating proof-of-concept exploits for discovered vulnerabilities and developing custom security tools for specialized testing scenarios.
Security Research
Discovering and responsibly disclosing vulnerabilities in software and systems with published CVEs.
Latest Research
View all posts →Tracing a Smishing Triad Fake-Fine Campaign Targeting Bulgaria (МВР)
This one didn't start as an engagement. It started when my girlfriend got a text message claiming she had an unpaid fine from МВР (the Bulgarian Ministry of Interior), with a link to "pay" it. It w...
Read: Tracing a Smishing Triad Fake-Fine Campaign Targeting Bulgaria (МВР) →From /monaco to k8s Full Cluster Compromise
I've done a lot of web application assessments over the years, but this one stands out. The client pointed me at a single URL — https://www.target-platform.com/monaco — a browser-based code editor ...
Read: From /monaco to k8s Full Cluster Compromise →Extracting a Dead Cult Leader's AI Mind
In February 2026, six people died across two crime scenes in Bulgaria's western mountains — three in a group suicide, three more in what prosecutors called two murders followed by a suicide — all l...
Read: Extracting a Dead Cult Leader's AI Mind →