The Log4j vulnerability crisis that erupted in late-2021 heightened the security world’s awareness of supply chain risks in free and universally deployed open-source software....
By: Ravie Lakshmanan
The infamous ransomware group known as Conti has continued its onslaught against entities despite suffering a massive data leak of its own...
By: Tara Seals
The attack featured a unique, multistage malware and a likely PulseSecure VPN exploit.
A federal agency has suffered a successful espionage-related cyberattack that...
By: Tina Martin
Why You Need Cybersecurity to Protect Your Greatest Assets
When it comes to cybersecurity, you can never be too careful. After all, not...
Europeans are known to enjoy fine wine, a cultural characteristic that's been used against them by attackers behind a recent threat campaign. The cyber...
Authored by Jann Horn, Google Security Research
On Qualcomm Adreno/KGSL builds where CONFIG_QCOM_KGSL_USE_SHMEM is not set (or on older KGSL versions without CONFIG_QCOM_KGSL_USE_SHMEM), KGSL allocates...
Follow these tips for an effective and positive experience for both the maintainer and external vulnerability reporter.Vulnerability reports come at open source project maintainers...
I Can Haz Domain Admin?
Active Directory security is notoriously difficult. Small organizations generally have no idea what they're doing, and way too many people...
domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.
Usage
Flags
This...
Sniffle is a sniffer for Bluetooth 5 and 4.x (LE) using TI CC1352/CC26x2 hardware.
Sniffle has a number of useful features, including:
Support for BT5/4.2 extended...
Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future other network services.
COMING SOON: SMB,...
This project builds virtual machine which can be used for analytics of tshark -T ek (ndjson) output. The virtual appliance is built using vagrant, which builds...
Authored by SoSPiro
Doctor Appointment Management System version 1.0 suffers from a cross site scripting vulnerability.
advisories | CVE-2024-4293
Change Mirror Download
# Application Name: Doctor Appointment Management...
Authored by Dave Yesland | Site metasploit.com
This Metasploit module exploits an unauthenticated command injection vulnerability in Progress Kemp LoadMaster in the authorization header after...
Authored by CraCkEr
osCommerce version 4 suffers from a cross site scripting vulnerability. This finding is another vector of attack for this issue already discovered...