Rhys O'Higgins
Security Consultant II
As a Security Consultant II at NetSPI, Rhys is responsible for maintaining, developing, and defining tooling and processes for External Attack Surface Management (EASM), conducting manual finding verification, and training new EASM team members. He also performs continuous external-network penetration testing as part of NetSPI’s EASM+ service, adapting traditional penetration testing tools and processes to a continuous model.
In his nearly 2-year career in cybersecurity, Rhys has focused on developing and maintaining custom tools to support network monitoring and penetration testing. He holds a BA in Mathematics and Computer Science from Macalester College and is currently pursuing his OSCP certification.
In his nearly 2-year career in cybersecurity, Rhys has focused on developing and maintaining custom tools to support network monitoring and penetration testing. He holds a BA in Mathematics and Computer Science from Macalester College and is currently pursuing his OSCP certification.
More By Rhys O'Higgins
Critical Vulnerability
CVE-2026-0300 Palo Alto Networks PAN-OS Buffer Overflow Overview & Takeaways
Palo Alto Networks has disclosed a critical zero-day vulnerability in PAN-OS, tracked as CVE-2026-0300, affecting PA-Series and VM-Series firewalls with the User-ID Authentication Portal (Captive Portal) enabled. The flaw is a pre-authentication buffer overflow that allows an unauthenticated, remote attacker to execute arbitrary code with root privileges on affected devices.
Learn More
Critical Vulnerability
CVE-2025-26399 SolarWinds Web Help Desk Overview and Takeaways
A critical vulnerability (CVE-2025-26399) has been identified in SolarWinds Web Help Desk, which allows unauthenticated remote attackers to execute arbitrary code on affected systems. Although CVE-2025-26399 was originally disclosed in 2025, recent reports confirm this vulnerability is now being actively exploited in the wild.
Learn More