NETGEAR routers vulnerable to “root” code execution, no patch yet
In a recently released vulnerability disclosure from d4rkn3ss from VNPT ISC as well as Adam Nichols of GRIMM, we learn of an unpatched vulnerability impacting... Read More
Ax Sharma
Ax Sharma is a Security Researcher, Engineer, and Tech Columnist. His works and expert analyses have frequently been featured by leading media outlets like Fortune, BleepingComputer, The Register, TechRepublic, CIO, etc.
Ax's expertise lies in vulnerability research, reverse engineering, software development, and web app security. He's an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).
News tips welcome via Twitter DM (@Ax_Sharma) or email (ax@hey.ax).
Operation In(ter)ception targeted European Space and Military Companies via LinkedIn
In a new report published by ESET’s researchers, we learn of Operation In(ter)ception which heavily targeted aerospace and military organizations. “To compromise their targets, the... Read More
Indian hacker-for-hire firm wanted by FBI targeted ExxonMobil and others
Last week we reported on CloudEyE which was a legitimate Italian business helping hackers with spreading malware. Now, Citizen Lab has unveiled a major... Read More
WordPress Block Editor could let even most basic users exploit XSS vulns!
WordPress 5.4.2 release announcement stated the update shipped with multiple fixes for Cross-Site Scripting (XSS) vulnerabilities. Out of this the most significant fix is... Read More
Patient video consultations leaked in medical data breach: Babylon Health UK
In an a unfortunate incident, video consultants of some patients using the Babylon Health app were leaked to other users of the app. It... Read More
The SSL issue: your smart TVs, fridges and devices may stop working soon
On May 30th, Roku streaming channels experienced an unexplained disruption, leaving impacted customers clueless with no idea what was wrong. The company advised those customers to update... Read More
Security firm admits to exposure of 5 billion records, after attempting to censor researchers
4 min read
In March 2020, Bob Diachenko reported discovering an unprotected, publicly accessible Elasticsearch instance which exposed two collections of records: first set with over 5... Read More
Keepnet Labs case study: how NOT to handle a data breach
We just released news on this one but here’s a summary of what happened: In March 2020, Bob Diachenko, cyber threat intelligence director of... Read More
Italian business operation CloudEye actually aids hackers in spreading GuLoader
Conservative estimates put company’s monthly income at a minimum $500,000. According to a recently released report, researchers at Checkpoint blame an Italian “company” CloudEyE for... Read More
Google’s indexing of WhatsApp numbers raises privacy concerns
Google is indexing the phone numbers used on WhatsApp, and a researcher is concerned that it could cause privacy issues or be used for malicious... Read More
Theme park giant Parques Reunidos hit by a ransomware cyber attack 
Phishing kit screenshots your email domain on the fly to appear real 
Royal Mail online tracking returns — with a frustrating captcha that works half the time 
New convincing phishing campaign targets Booking.com and Blockchain.com customers