2024-04-26 |
Registration confirmations attack |
www.kaspersky.com 0 |
|
2024-04-26 |
oss-security - libksieve (used by kmail/kontact) sent password as username |
www.openwall.com 0 |
|
2024-04-26 |
Talos IR trends: BEC attacks surge, while weaknesses in MFA persist |
Cisco Talos Blog 0 |
|
2024-04-26 |
Cyber Attack Defenders Up For Battle: Huge Uptick In Timely Detections |
gbhackers.com 0 |
|
2024-04-26 |
CoralRaider Hacker Evade Antivirus Detections Using Malicious LNK File |
gbhackers.com 0 |
|
2024-04-26 |
Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks |
arstechnica.com 0 |
|
2024-04-26 |
Sifting through the spines: identifying (potential) Cactus ransomware victims |
research.nccgroup.com 0 |
|
2024-04-26 |
What information can be extracted from intercepted AI chatbot messages? |
www.kaspersky.com 0 |
|
2024-04-25 |
oss-security - PowerDNS Recursor Security Advisory 2024-02: if recursive forwarding is configured, crafted responses can lead to a denial of service i... |
www.openwall.com 0 |
|
2024-04-25 |
GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining |
decoded.avast.io 0 |
|
2024-04-25 |
Nation-State Threat Actors Renew Publications to npm |
blog.phylum.io 0 |
|
2024-04-25 |
C isn’t a Hangover; Rust isn’t a Hangover Cure |
medium.com 0 |
|
2024-04-25 |
C2-Tracker - Live Feed Of C2 Servers, Tools, And Botnets |
www.kitploit.com 0 |
|
2024-04-25 |
Social engineering for open-source supply chain attack profit |
securelist.com 0 |
|
2024-04-25 |
oss-security - CVE-2024-0582 - Linux kernel use-after-free vulnerability in io_uring, writeup and exploit strategy |
www.openwall.com 0 |
|
2024-04-24 |
GitHub - login-securite/lsassy: Extract credentials from lsass remotely |
github.com 0 |
|
2024-04-24 |
Oracle VirtualBox Elevation of Privilege Vulnerability (CVE-2024-21111): PoC Published |
securityonline.info 0 |
|
2024-04-24 |
How we escalated a DOM XSS to a sophisticated 1-click Account Takeover for $8000 - Part 1 |
thefrogsec.github.io 0 |
|
2024-04-24 |
No, LLM Agents can not Autonomously Exploit One-day Vulnerabilities |
struct.github.io 0 |
|
2024-04-24 |
Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers |
thehackernews.com 0 |
|
2024-04-24 |
EDR as an Offensive Tool |
www.safebreach.com 0 |
|
2024-04-24 |
Sorry, you have been blocked |
www.theregister.com 0 |
|
2024-04-24 |
BlackBerry MDM Has Some Authentication Flaws |
emptynebuli.github.io 0 |
|
2024-04-23 |
Cookie-Monster - BOF To Steal Browser Cookies & Credentials |
www.kitploit.com 0 |
|
2024-04-23 |
The Invisible Battleground: Essentials of EASM |
SpiderLabs Blog 0 |
|
2024-04-23 |
EDR – The Multi-Tool of Security Defenses |
SpiderLabs Blog
0 |
|
2024-04-23 |
CVE-2024-27348: Apache HugeGraph-Server: Command execution in gremlin |
Open Source Security
0 |
|
2024-04-23 |
Re: Linux: Disabling network namespaces |
Open Source Security
0 |
|
2024-04-23 |
oss-security - The GNU C Library security advisories update for 2024-04-17: GLIBC-SA-2024-0004/CVE-2024-2961: ISO-2022-CN-EXT: fix out-of-bound writes... |
www.openwall.com
0 |
|
2024-04-23 |
Sorry, you have been blocked |
www.theregister.com
0 |
|
2024-04-23 |
www.bleepingcomputer.com |
www.bleepingcomputer.com
0 |
|
2024-04-22 |
How Did I Easily Find Stored XSS at Apple and earn $5000 ? |
medium.com
0 |
|
2024-04-22 |
oss-security - Make your own backdoor: CFLAGS code injection, Makefile injection, pkg-config |
www.openwall.com
0 |
|
2024-04-22 |
PAN-OS CVE-2024-3400: Patch Your Palo Alto Firewalls |
bishopfox.com 0 |
|
2024-04-22 |
How I Discovered an RCE Vulnerability in Tesla, Securing a $10,000 Bounty |
medium.com 0 |
|
2024-04-22 |
pgAdmin 8.3 Remote Code Execution |
packetstormsecurity.com 0 |
|
2024-04-22 |
How I Prevented a Mass Data Breach - $15,000 bounty - @bxmbn |
bxmbn.medium.com 0 |
|
2024-04-22 |
WINELOADER: A Tool for Espionage and Disruption |
securityonline.info 0 |
|
2024-04-22 |
How Antithesis finds bugs (with help from the Super Mario Bros.) |
antithesis.com 0 |
|
2024-04-22 |
The Windows Registry Adventure #1: Introduction and research results |
Project Zero 0 |
|
2024-04-19 |
DOM element relationships - Shazzer |
shazzer.co.uk 0 |
|
2024-04-19 |
CVE-2024-24576 Windows 下多语言命令注入漏洞分析 |
程序人生 0 |
|
2024-04-19 |
Ray OS 2.6.3 Command Injection |
packetstormsecurity.com 0 |
|
2024-04-19 |
Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - "sort" parameter |
www.exploit-db.com 0 |
|
2024-04-19 |
Online Fire Reporting System OFRS - SQL Injection Authentication Bypass |
www.exploit-db.com 0 |
|
2024-04-19 |
How a Race Condition Vulnerability Could Cast Multiple Votes |
www.hackerone.com 0 |
|
2024-04-19 |
Non-Deterministic Nature of Prompt Injection |
research.nccgroup.com 0 |
|
2024-04-19 |
libreswan: IKEv1 default AH/ESP responder can crash and restart |
Open Source Security 0 |
|
2024-04-19 |
flatpak CVE-2024-32462 : Sandbox escape via RequestBackground portal and CWE-88 |
Open Source Security 0 |
|
2024-04-19 |
Re: Make your own backdoor: CFLAGS code injection, Makefile injection, pkg-config |
Open Source Security 0 |
|
2024-04-19 |
Terrapin vulnerability in Jenkins CLI client |
Open Source Security 0 |
|
2024-04-19 |
CVE-2024-31869: Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used |
Open Source Security 0 |
|
2024-04-19 |
CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability |
Zero Day Initiative - Blog 0 |
|
2024-04-19 |
Passbolt: a bold use of HaveIBeenPwned |
Quarkslab's blog 0 |
|
2024-04-19 |
SoumniBot: the new Android banker’s unique techniques |
Securelist 0 |
|
2024-04-19 |
Fake Dialog Boxes to Make Malware More Convincing |
SpiderLabs Blog 0 |
|
2024-04-17 |
A quick post on Chen’s algorithm |
blog.cryptographyengineering.com 1 |
|
2024-04-17 |
PoC Exploit Released for 0-day Windows Kernel Elevation of Privilege Vulnerability (CVE-2024-21338) |
securityonline.info 1 |
|
2024-04-17 |
Building a model from scratch |
docs.rev.ng 0 |
|
2024-04-17 |
NoArgs - Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected |
www.kitploit.com 0 |
|
2024-04-17 |
rhinosecuritylabs.com |
rhinosecuritylabs.com 0 |
|
2024-04-17 |
Microsoft’s ‘AI Watchdog’ defends against new LLM jailbreak method |
www.scmagazine.com 0 |
|
2024-04-17 |
Nullcon Berlin 2024 | Open Sesame - Or How Secure Is Your Stuff In Electronic Lockers - Dennis Giese |
www.youtube.com 0 |
|
2024-04-17 |
Re: New Linux LPE via GSMIOC_SETCONF_DLCI? |
Open Source Security 0 |
|
2024-04-16 |
Catcher(捕手) |
github.com 0 |
|
2024-04-16 |
Sniping at web applications to discover input-handling vulnerabilities |
link.springer.com 0 |
|
2024-04-16 |
Jenkins 2.441 - Local File Inclusion |
www.exploit-db.com 0 |
|
2024-04-16 |
oss-security - Linux: Disabling network namespaces |
www.openwall.com 0 |
|
2024-04-16 |
Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking |
www.kitploit.com 0 |
|
2024-04-16 |
OpenClinic GA 5.247.01 - Path Traversal (Authenticated) |
www.exploit-db.com 0 |
|
2024-04-16 |
Exploits Explained: ZIP embedding attack on Google Chrome extensions |
readme.synack.com 0 |
|
2024-04-16 |
Using the LockBit builder to generate targeted ransomware |
Securelist 0 |
|
2024-04-16 |
Re: [RESEND RFC] kernel/ksysfs.c: restrict /sys/kernel/notes to root access - Kees Cook |
lore.kernel.org 0 |
|
2024-04-15 |
oss-security - Re: Fwd: X.Org Security Advisory: Issues in X.Org X server prior to 21.1.12 and Xwayland prior to 23.2.5 |
www.openwall.com 0 |
|
2024-04-15 |
The Worst (But Only) Claude 3 Tokenizer | Javier Rando |
javirando.com 0 |
|
2024-04-15 |
PentestGPT solves Jarvis - Part 1 |
www.youtube.com 0 |
|
2024-04-15 |
Re: New Linux LPE via GSMIOC_SETCONF_DLCI? |
Open Source Security 0 |
|
2024-04-15 |
Bypassing UAC using App Paths |
posts.specterops.io 0 |
|
2024-04-15 |
DEF CON 24 - Vulnerabilities 101: How to Launch or Improve Your Vulnerability Research Game |
www.youtube.com 0 |
|
2024-04-15 |
Objective-See |
objective-see.org 0 |
|
2024-04-12 |
Azure misconfiguration exposes Microsoft's internal data |
www.scmagazine.com 0 |
|
2024-04-12 |
[PATCH] package/skeleton-init-sysv: Set sticky bit on /dev/shm |
Open Source Security 0 |
|
2024-04-12 |
“All Your Secrets Are Belong To Us” — A Delinea Secret Server AuthN/AuthZ Bypass |
straightblast.medium.com 0 |
|
2024-04-12 |
Palo Alto Networks fixed multiple DoS bugs in its firewalls |
securityaffairs.com
0 |
|
2024-04-12 |
CVE-2024-27980: Critical Node.js Update Patches Windows Command Injection Flaw |
securityonline.info
0 |
|
2024-04-12 |
umair9747/Genzai: The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities. |
github.com
0 |
|
2024-04-12 |
HTB Sherlock: Unit42 |
0xdf.gitlab.io
0 |
|
2024-04-12 |
[BRLY-2024-002] OOB Read in Lighttpd 1.4.45 used in Intel M70KLP series firmware |
binarly-io.webflow.io
0 |
|
2024-04-11 |
KDMapper |
github.com
0 |
|
2024-04-11 |
April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution |
blog.talosintelligence.com
0 |
|
2024-04-11 |
Telegram Users Warned of Potential Security Risk |
www.bitdegree.org 0 |
|
2024-04-11 |
Sicat - The Useful Exploit Finder |
www.kitploit.com 0 |
|
2024-04-11 |
Shazzer - Shared online fuzzing |
shazzer.co.uk 0 |
|
2024-04-11 |
reverst: HTTP reverse tunnels over QUIC |
github.com 0 |
|
2024-04-11 |
KatWalk C2: p.5: overclocking and bugfixing |
medium.com 0 |
|
2024-04-10 |
Zygisk-based reFlutter |
Tinyhack.com 0 |
|
2024-04-09 |
OpenSSL Security Advisory |
Open Source Security 0 |
|
2024-04-09 |
oss-security - PoC for fdroidserver AllowedAPKSigningKeys certificate pinning bypass |
www.openwall.com 0 |
|
2024-04-09 |
Many-shot jailbreaking |
www.anthropic.com
0 |
|
2024-04-09 |
AnyDesk 7.0.15 Unquoted Service Path |
packetstormsecurity.com
0 |
|