Ax Sharma

Ax Sharma is a Security Researcher, Engineer, and Tech Columnist. His works and expert analyses have frequently been featured by leading media outlets like Fortune, BleepingComputer, The Register, TechRepublic, CIO, etc. Ax's expertise lies in vulnerability research, reverse engineering, software development, and web app security. He's an active community member of the OWASP Foundation and the British Association of Journalists (BAJ). News tips welcome via Twitter DM (@Ax_Sharma) or email (ax@hey.ax).

Magic mushroom website Shroomery is down and we don’t know why 2 min read

Magic mushroom website Shroomery is down and we don’t know why

Ax Sharma April 12, 2021

The "world's oldest magic mushroom website," Shroomery has been down this week without any good reason.... Read More

Samsung Email bug could let attackers access your attachments 3 min read

Samsung Email bug could let attackers access your attachments

Ax Sharma April 11, 2021

This month, Samsung has fixed multiple high severity vulnerabilities across multiple Samsung apps including Samsung Email. By exploiting this vulnerability (CVE-2021-25375), a remote attacker could access email attachments from your Samsung Email app.... Read More

assorted-title of books piled in the shelves

Internet Archive Wayback Machine is generating broken snapshot links 1 min read

Internet Archive Wayback Machine is generating broken snapshot links

Ax Sharma April 1, 2021

For quite some weeks now Internet Archive's Wayback Machine has been acting buggy. Here's what you can do.... Read More

aerial photography of city during night time

Oracle Cloud went down in global outage 2 min read

Oracle Cloud went down in global outage

Ax Sharma March 11, 2021

A few hours ago reports of Oracle Cloud services going down surfaced on the internet. The outage that appears to have lasted about two hours,... Read More

Git remote code execution vulnerability patched, upgrade now 1 min read

Git remote code execution vulnerability patched, upgrade now

Ax Sharma March 10, 2021

The Git project has released patches for a severe remote code execution (RCE) vulnerability, CVE-2021-21300 that can be exploited by attackers when their malicious repos are cloned.... Read More

WooCommerce fixes critical Upload Files vulnerability 3 min read

WooCommerce fixes critical Upload Files vulnerability

Ax Sharma March 5, 2021

A critical vulnerability CVE-2021-24171 in WooCommerce Upload Files plugin can be exploited through multiple routes like double extension and path traversal attacks.... Read More

Grayhat pollutes npm, PyPI with thousands of fake supply chain dependencies 2 min read

Grayhat pollutes npm, PyPI with thousands of fake supply chain dependencies

Ax Sharma March 4, 2021

A gray hat hacker has published over 7,000 dependency confusion packages to npm and PyPI repositories, and continues to post thousands more, in real time.... Read More

ThyssenKrupp suffers ransomware attack for the third time 3 min read

ThyssenKrupp suffers ransomware attack for the third time

Ax Sharma February 1, 2021

ThyssenKrupp has again been hit by a cyber attack from the NetWalker ransomware group, after previously having been stricken by two other ransomware groups.... Read More

Hacker claims to sell 1.3 million Hyundai Russia customer records 1 min read

Hacker claims to sell 1.3 million Hyundai Russia customer records

Ax Sharma January 14, 2021

Hacker claims to sell 1.3 million records of Hyundai Russia customers on hacker forum... Read More

Data of 500,000 Betway gambling customers being allegedly sold on hacker forum 2 min read

News

Data of 500,000 Betway gambling customers being allegedly sold on hacker forum

Ax Sharma January 12, 2021

A hacker is allegedly selling data of 500,000 Betway UK customers, with 10,000 records leaked at almost no cost. The data can be abused in sophisticated spear-phishing attacks to target online gambling players.... Read More

You may have missed