| 2024-04-19 |
DOM element relationships - Shazzer |
shazzer.co.uk 0 |
|
| 2024-04-19 |
CVE-2024-24576 Windows 下多语言命令注入漏洞分析 |
程序人生 0 |
|
| 2024-04-19 |
Ray OS 2.6.3 Command Injection |
packetstormsecurity.com 0 |
|
| 2024-04-19 |
Moodle 3.10.1 - Authenticated Blind Time-Based SQL Injection - "sort" parameter |
www.exploit-db.com 0 |
|
| 2024-04-19 |
Online Fire Reporting System OFRS - SQL Injection Authentication Bypass |
www.exploit-db.com 0 |
|
| 2024-04-19 |
How a Race Condition Vulnerability Could Cast Multiple Votes |
www.hackerone.com 0 |
|
| 2024-04-19 |
Non-Deterministic Nature of Prompt Injection |
research.nccgroup.com 0 |
|
| 2024-04-19 |
libreswan: IKEv1 default AH/ESP responder can crash and restart |
Open Source Security 0 |
|
| 2024-04-19 |
flatpak CVE-2024-32462 : Sandbox escape via RequestBackground portal and CWE-88 |
Open Source Security 0 |
|
| 2024-04-19 |
Re: Make your own backdoor: CFLAGS code injection, Makefile injection, pkg-config |
Open Source Security 0 |
|
| 2024-04-19 |
Terrapin vulnerability in Jenkins CLI client |
Open Source Security 0 |
|
| 2024-04-19 |
CVE-2024-31869: Apache Airflow: Sensitive configuration for providers displayed when "non-sensitive-only" config used |
Open Source Security 0 |
|
| 2024-04-19 |
CVE-2024-20697: Windows Libarchive Remote Code Execution Vulnerability |
Zero Day Initiative - Blog 0 |
|
| 2024-04-19 |
Passbolt: a bold use of HaveIBeenPwned |
Quarkslab's blog 0 |
|
| 2024-04-19 |
SoumniBot: the new Android banker’s unique techniques |
Securelist 0 |
|
| 2024-04-19 |
Fake Dialog Boxes to Make Malware More Convincing |
SpiderLabs Blog 0 |
|
| 2024-04-17 |
A quick post on Chen’s algorithm |
blog.cryptographyengineering.com 1 |
|
| 2024-04-17 |
PoC Exploit Released for 0-day Windows Kernel Elevation of Privilege Vulnerability (CVE-2024-21338) |
securityonline.info 1 |
|
| 2024-04-17 |
Building a model from scratch |
docs.rev.ng 0 |
|
| 2024-04-17 |
NoArgs - Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected |
www.kitploit.com 0 |
|
| 2024-04-17 |
rhinosecuritylabs.com |
rhinosecuritylabs.com 0 |
|
| 2024-04-17 |
Microsoft’s ‘AI Watchdog’ defends against new LLM jailbreak method |
www.scmagazine.com 0 |
|
| 2024-04-17 |
Nullcon Berlin 2024 | Open Sesame - Or How Secure Is Your Stuff In Electronic Lockers - Dennis Giese |
www.youtube.com 0 |
|
| 2024-04-17 |
Re: New Linux LPE via GSMIOC_SETCONF_DLCI? |
Open Source Security 0 |
|
| 2024-04-16 |
Catcher(捕手) |
github.com 0 |
|
| 2024-04-16 |
Sniping at web applications to discover input-handling vulnerabilities |
link.springer.com 0 |
|
| 2024-04-16 |
Jenkins 2.441 - Local File Inclusion |
www.exploit-db.com 0 |
|
| 2024-04-16 |
oss-security - Linux: Disabling network namespaces |
www.openwall.com 0 |
|
| 2024-04-16 |
Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking |
www.kitploit.com 0 |
|
| 2024-04-16 |
OpenClinic GA 5.247.01 - Path Traversal (Authenticated) |
www.exploit-db.com 0 |
|
| 2024-04-16 |
Exploits Explained: ZIP embedding attack on Google Chrome extensions |
readme.synack.com 0 |
|
| 2024-04-16 |
Using the LockBit builder to generate targeted ransomware |
Securelist 0 |
|
| 2024-04-16 |
Re: [RESEND RFC] kernel/ksysfs.c: restrict /sys/kernel/notes to root access - Kees Cook |
lore.kernel.org 0 |
|
| 2024-04-15 |
oss-security - Re: Fwd: X.Org Security Advisory: Issues in X.Org X server prior to 21.1.12 and Xwayland prior to 23.2.5 |
www.openwall.com 0 |
|
| 2024-04-15 |
The Worst (But Only) Claude 3 Tokenizer | Javier Rando |
javirando.com 0 |
|
| 2024-04-15 |
PentestGPT solves Jarvis - Part 1 |
www.youtube.com 0 |
|
| 2024-04-15 |
Re: New Linux LPE via GSMIOC_SETCONF_DLCI? |
Open Source Security 0 |
|
| 2024-04-15 |
Bypassing UAC using App Paths |
posts.specterops.io 0 |
|
| 2024-04-15 |
DEF CON 24 - Vulnerabilities 101: How to Launch or Improve Your Vulnerability Research Game |
www.youtube.com 0 |
|
| 2024-04-15 |
Objective-See |
objective-see.org 0 |
|
| 2024-04-12 |
Azure misconfiguration exposes Microsoft's internal data |
www.scmagazine.com 0 |
|
| 2024-04-12 |
[PATCH] package/skeleton-init-sysv: Set sticky bit on /dev/shm |
Open Source Security 0 |
|
| 2024-04-12 |
“All Your Secrets Are Belong To Us” — A Delinea Secret Server AuthN/AuthZ Bypass |
straightblast.medium.com 0 |
|
| 2024-04-12 |
Palo Alto Networks fixed multiple DoS bugs in its firewalls |
securityaffairs.com
0 |
|
| 2024-04-12 |
CVE-2024-27980: Critical Node.js Update Patches Windows Command Injection Flaw |
securityonline.info
0 |
|
| 2024-04-12 |
umair9747/Genzai: The IoT security toolkit to help identify IoT related dashboards and scan them for default passwords and vulnerabilities. |
github.com
0 |
|
| 2024-04-12 |
HTB Sherlock: Unit42 |
0xdf.gitlab.io
0 |
|
| 2024-04-12 |
[BRLY-2024-002] OOB Read in Lighttpd 1.4.45 used in Intel M70KLP series firmware |
binarly-io.webflow.io
0 |
|
| 2024-04-11 |
KDMapper |
github.com
0 |
|
| 2024-04-11 |
April’s Patch Tuesday includes 150 vulnerabilities, 60 which could lead to remote code execution |
blog.talosintelligence.com
0 |
|
| 2024-04-11 |
Telegram Users Warned of Potential Security Risk |
www.bitdegree.org 0 |
|
| 2024-04-11 |
Sicat - The Useful Exploit Finder |
www.kitploit.com 0 |
|
| 2024-04-11 |
Shazzer - Shared online fuzzing |
shazzer.co.uk 0 |
|
| 2024-04-11 |
reverst: HTTP reverse tunnels over QUIC |
github.com 0 |
|
| 2024-04-11 |
KatWalk C2: p.5: overclocking and bugfixing |
medium.com 0 |
|
| 2024-04-10 |
Zygisk-based reFlutter |
Tinyhack.com 0 |
|
| 2024-04-09 |
OpenSSL Security Advisory |
Open Source Security 0 |
|
| 2024-04-09 |
oss-security - PoC for fdroidserver AllowedAPKSigningKeys certificate pinning bypass |
www.openwall.com 0 |
|
| 2024-04-09 |
Many-shot jailbreaking |
www.anthropic.com
0 |
|
| 2024-04-09 |
AnyDesk 7.0.15 Unquoted Service Path |
packetstormsecurity.com
0 |
|
| 2024-04-09 |
Table of Contents |
github.com
0 |
|
| 2024-04-09 |
Genzai: The IoT security toolkit |
securityonline.info
0 |
|
| 2024-04-09 |
JumpServer 远程代码执行 CVE-2024-29201&&CVE-2024-29202 漏洞分析 - 先知社区 |
xz.aliyun.com
0 |
|
| 2024-04-09 |
Bypassing anti-reversing defences in iOS applications - Twelvesec |
twelvesec.com
0 |
|
| 2024-04-08 |
CVE-2023-38709: Apache HTTP Server: HTTP response splitting |
Open Source Security
0 |
|
| 2024-04-08 |
DJI Mavic 3 Drone Research Part 2: Vulnerability Analysis |
www.nozominetworks.com 0 |
|
| 2024-04-08 |
It’ll be back: Attackers still abusing Terminator tool and variants |
www.scmagazine.com
0 |
|
| 2024-04-08 |
YubiKey Manager Flaw (CVE-2024-31498): Patch Now To Prevent Admin Privilege Escalation on Windows |
securityonline.info
0 |
|
| 2024-04-08 |
Great, Now Write an Article About That:
The Crescendo Multi-Turn LLM Jailbreak Attack |
crescendo-the-multiturn-jailbreak.github.io
0 |
|
| 2024-04-08 |
Best Alternative of Netcat Listener |
www.hackingarticles.in
0 |
|
| 2024-04-08 |
Diving Deeper into AI Package Hallucinations |
www.lasso.security
0 |
|
| 2024-04-08 |
Re: Just a reminder to never run ldd or strings on untrusted binaries |
Open Source Security
0 |
|
| 2024-04-08 |
GhostMapperUM |
github.com
0 |
|
| 2024-04-07 |
Don’t Trust the Cache: Exposing Web Cache Poisoning and Deception vulnerabilities |
anasbetis023.medium.com
0 |
|
| 2024-04-07 |
OPC-UA Deep Dive Series (Part 10): Security Tips for Asset Owners |
claroty.com 0 |
|
| 2024-04-07 |
New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks |
thehackernews.com 0 |
|
| 2024-04-07 |
AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks |
thehackernews.com 0 |
|
| 2024-04-07 |
Bing ad for NordVPN leads to SecTopRAT |
www.malwarebytes.com 0 |
|
| 2024-04-07 |
OSTE-Web-Log-Analyzer: automate the process of analyzing web server logs |
securityonline.info 0 |
|
| 2024-04-07 |
CVE-2024-3273: D-Link NAS Vulnerability Threatens 92,000 Devices |
securityonline.info 0 |
|
| 2024-04-07 |
Google Public DNS’s approach to fight against cache poisoning attacks |
Google Online Security Blog 0 |
|
| 2024-04-07 |
Sorry, you have been blocked |
www.theregister.com 0 |
|
| 2024-04-03 |
Timeline of the xz open source attack Posted on Monday, April 1, 2024. Updated Tuesday, April 2, 2024. |
research.swtch.com 0 |
|
| 2024-04-03 |
web-traffic-generator |
github.com
1 |
|
| 2024-04-03 |
Apache Pulsar Patches Authorization Flaw (CVE-2024-29834) – Update Now to Protect Sensitive Data |
securityonline.info
0 |
|
| 2024-04-03 |
The xz attack shell script
Posted on Tuesday, April 2, 2024. |
research.swtch.com
1 |
|
| 2024-04-03 |
Re: finding similar compromises (was Re: From xz to ibus: ... |
Open Source Security
1 |
|
| 2024-04-03 |
CVE-2024-29201 & CVE-2024-29202 Flaws Expose JumpServer Users to RCE Attacks |
securityonline.info
0 |
|
| 2024-04-03 |
Spoofing git commits to change history |
medium.com
0 |
|
| 2024-04-02 |
www.bleepingcomputer.com |
www.bleepingcomputer.com
0 |
|
| 2024-04-02 |
GoFetch: Apple CPU encryption hack |
www.kaspersky.com
0 |
|
| 2024-04-02 |
Sorry, you have been blocked |
www.theregister.com
0 |
|
| 2024-04-02 |
Chaining N-days to Compromise All: Part 2 — Windows Kernel LPE (a.k.a Chrome Sandbox Escape) |
blog.theori.io 2 |
|
| 2024-04-02 |
Tapping into the potential of Memory Dump Emulation |
blahcat.github.io 0 |
|
| 2024-04-02 |
SeeSeeYouExec: Windows Session Hijacking via CcmExec | Google Cloud Blog |
cloud.google.com 0 |
|
| 2024-04-02 |
ImageIO, the infamous iOS Zero Click Attack Vector. |
r00tkitsmm.github.io 0 |
|
| 2024-04-02 |
DinodasRAT Linux variant targets users worldwide |
securityaffairs.com 0 |
|
| 2024-03-29 |
Stories from the SoC Part 1: IDAT Loader to BruteRatel |
Rapid7 Cybersecurity Blog 0 |
|
| 2024-03-29 |
From JavaScript to AsyncRAT |
isc.sans.edu 0 |
|
| 2024-03-29 |
MySQL2: Dangers of User-Defined Database Connections |
blog.slonser.info
0 |
|
