Ax Sharma

Ax Sharma is a Security Researcher, Engineer, and Tech Columnist. His works and expert analyses have frequently been featured by leading media outlets like Fortune, The Register, TechRepublic, CIO, etc. Ax's expertise lies in vulnerability research, reverse engineering, software development, and web app security. He's an active community member of the OWASP Foundation and the British Association of Journalists (BAJ). Send any tips via email or Twitter DM.

Steam gamers: your Windows PC is prone to privilege escalation attacks 2 min read

Steam gamers: your Windows PC is prone to privilege escalation attacks

Ax Sharma November 25, 2020

Multiple privilege escalation vulnerabilities in Stream gaming service that remain unpatched can make it easy for malware and malicious threat actors to gain persistence and escalate permissions on Windows systems.... Read More

Canadian government site canada.gc.ca SSL certificate expires, breaks links 4 min read

Canadian government site canada.gc.ca SSL certificate expires, breaks links

Ax Sharma November 21, 2020

Government of Canada website canada.gc.ca is throwing SSL errors due to an expired certificate. Multiple Canadian government sites continue to have links to this older site which are now breaking.... Read More

Mitsubishi companies hit by cyber attack, ransomware 2 min read

Mitsubishi companies hit by cyber attack, ransomware

Ax Sharma November 21, 2020

Mitsubishi Electric and sister companies such as Mitsubishi Polycrystalline have been hit by cyberattacks, including ransomware... Read More

Feds arrest Romanian malware actors behind CyberSeal and Dataprotector 2 min read

Feds arrest Romanian malware actors behind CyberSeal and Dataprotector

Ax Sharma November 21, 2020

In a joint effort, international law enforcement authorities including the FBI, Europol, and the Romanian police have arrested a hacker duo that sold malware encryption tools.... Read More

DoS flaw lets attackers crash NodeJS apps via DNS lookups 1 min read

DoS flaw lets attackers crash NodeJS apps via DNS lookups

Ax Sharma November 20, 2020

NodeJS has released fixes for CVE-2020-8277, a DoS vulnerability that could be triggered via DNS requests.... Read More

Drupal fixes critical Remote Code Execution vulnerability, patch now 2 min read

Drupal fixes critical Remote Code Execution vulnerability, patch now

Ax Sharma November 20, 2020

Development team behind Drupal, a popular CMS and blogging platform has issued patches for a remote code execution vulnerability, CVE-2020-13671.... Read More

people walking on hallway between buildings

Chaes malware strikes Latin American e-commerce sites 2 min read

Chaes malware strikes Latin American e-commerce sites

Ax Sharma November 19, 2020

Researchers from the Cybereason Nocturnus Team have been keeping tabs on an undetected malware known as “Chaes.” The malware discovered sometime between mid-2020 and now... Read More

long exposure photography of road and cars

2021 security predictions from HackerOne’s top ethical hackers 4 min read

2021 security predictions from HackerOne’s top ethical hackers

Ax Sharma November 18, 2020

HackerOne's top security researchers and ethical hackers provide their take on what security trends to expect in 2021.... Read More

‘CursedGrabber’ Discord malware possibly linked to Russian and Ukrainian hackers 3 min read

‘CursedGrabber’ Discord malware possibly linked to Russian and Ukrainian hackers

Ax Sharma November 18, 2020

Newly discovered Discord malware "CursedGrabber" has possible links to Russia and Ukraine. It was found infiltrating the npm open source registry.... Read More

Insomnia Cookies exposes database passwords, then quietly fixes the leak 2 min read

News

Insomnia Cookies exposes database passwords, then quietly fixes the leak

Ax Sharma November 17, 2020

American bakery company remembered sweetly for its late-night warm cookie trucks and shops on college campuses was caught leaking sensitive data on its website.... Read More

You may have missed