ZEE5 allegedly hacked by ‘Korean hackers’, customer info at risk
A hacker identifying themselves as “John Wick” and “Korean Hackers” claim to have breached the systems for Indian video on demand giant ZEE5 and are threatening... Read More
Ax Sharma
Ax Sharma is a Security Researcher, Engineer, and Tech Columnist. His works and expert analyses have frequently been featured by leading media outlets like Fortune, BleepingComputer, The Register, TechRepublic, CIO, etc.
Ax's expertise lies in vulnerability research, reverse engineering, software development, and web app security. He's an active community member of the OWASP Foundation and the British Association of Journalists (BAJ).
News tips welcome via Twitter DM (@Ax_Sharma) or email (ax@hey.ax).
Joomla data breach leaks 2,700 user records via exposed backups
A Joomla database leak has exposed the personal information, including hashed passwords, of 2,700 individuals registered on the Joomla Resources Directory (JRD). The Joomla Resources Directory... Read More
“Sign in with Apple” vulnerability earns researcher $100,000
Remember seeing that slick “Sign in with Apple” button across many websites and apps? It turns out that a vulnerability allowed attackers to log in to... Read More
Microsoft IIS servers hacked by Blue Mockingbird to mine Monero
This month news broke about a hacker group, namely Blue Mockingbird, exploiting a critical vulnerability in Microsoft IIS servers to plant Monero (XMR) cryptocurrency miners on compromised machines.... Read More
NHS contact-tracing app code hints at security and privacy bugs early on
London, UK. NHS recently announced plans to unveil their own coronavirus contact-tracing app, as opposed to joining leagues of Apple and Google, to have better visibility into citizen movements.... Read More
Experts Warn: Amid Budget Cuts, The Pandemic Calls for Stepping Up Security Efforts
These unprecedented times have pushed us to adapt distinctive lifestyles contrary to what we’ve been used to for a millenia. Industries like finance, law, banking and the... Read More
“Zoombombing” — an exaggerated phenomenon, not a vulnerability.
Why is the exclusive focus on Zoom, when the same “flaw” impacts almost all popular video conferencing apps? In this Coronavirus era, as if daily... Read More
Facebook’s reluctance to feedback is putting millions of WhatsApp users at risk of malware
4 min read
Workarounds aimed at hiding ‘online’ activity on WhatsApp can seriously compromise user security and privacy. But, Facebook doesn’t care. The internet is filled with articles such... Read More
In an exclusive story reported on my blog about a month ago and on no mainstream media outlet, credentials of some 1,023 Premium accounts were found floating on the... Read More
The apps named DEFENSOR ID and Defensor Digital rely mainly on Android's Accessibility Service to conduct malicious activities, and go undetected. The attacker controlled C&C domains are still up - well at least one of them, and that's problematic.... Read More
Theme park giant Parques Reunidos hit by a ransomware cyber attack 
Phishing kit screenshots your email domain on the fly to appear real 
Royal Mail online tracking returns — with a frustrating captcha that works half the time 
New convincing phishing campaign targets Booking.com and Blockchain.com customers