Ax Sharma

Codecov hack aftermath: hundreds breached, many more to follow 3 min read

• Breaches
• News

Codecov hack aftermath: hundreds breached, many more to follow

Ax Sharma April 27, 2021

Attackers who breached Codecov for over 2 months also reportedly hacked into hundreds of networks. The full extent of this incident is yet to unfold in the upcoming weeks.... Read More

Where did these mysterious PrismJS npm versions come from? 4 min read

• Editor's Pick
• News
• Security

Where did these mysterious PrismJS npm versions come from?

Ax Sharma April 15, 2021

Shedding light on mysterious 9000.0.x versions of PrismJS that had left everyone puzzled in 2015, and weren't removed until 2019.... Read More

Magic mushroom website Shroomery is down and we don’t know why 2 min read

• News
• Security

Magic mushroom website Shroomery is down and we don’t know why

Ax Sharma April 12, 2021

The "world's oldest magic mushroom website," Shroomery has been down this week without any good reason.... Read More

Samsung Email bug could let attackers access your attachments 3 min read

• News
• Security

Samsung Email bug could let attackers access your attachments

Ax Sharma April 11, 2021

This month, Samsung has fixed multiple high severity vulnerabilities across multiple Samsung apps including Samsung Email. By exploiting this vulnerability (CVE-2021-25375), a remote attacker could access email attachments from your Samsung Email app.... Read More

Internet Archive Wayback Machine is generating broken snapshot links 1 min read

• News
• Technology

Internet Archive Wayback Machine is generating broken snapshot links

Ax Sharma April 1, 2021

For quite some weeks now Internet Archive's Wayback Machine has been acting buggy. Here's what you can do.... Read More

Oracle Cloud went down in global outage 2 min read

• News
• Technology

Oracle Cloud went down in global outage

Ax Sharma March 11, 2021

A few hours ago reports of Oracle Cloud services going down surfaced on the internet. The outage that appears to have lasted about two hours,... Read More

Git remote code execution vulnerability patched, upgrade now 1 min read

• News
• Security

Git remote code execution vulnerability patched, upgrade now

Ax Sharma March 10, 2021

The Git project has released patches for a severe remote code execution (RCE) vulnerability, CVE-2021-21300 that can be exploited by attackers when their malicious repos are cloned.... Read More

WooCommerce fixes critical Upload Files vulnerability 3 min read

• News
• Security

WooCommerce fixes critical Upload Files vulnerability

Ax Sharma March 5, 2021

A critical vulnerability CVE-2021-24171 in WooCommerce Upload Files plugin can be exploited through multiple routes like double extension and path traversal attacks.... Read More

Grayhat pollutes npm, PyPI with thousands of fake supply chain dependencies 2 min read

• News
• Security

Grayhat pollutes npm, PyPI with thousands of fake supply chain dependencies

Ax Sharma March 4, 2021

A gray hat hacker has published over 7,000 dependency confusion packages to npm and PyPI repositories, and continues to post thousands more, in real time.... Read More

ThyssenKrupp suffers ransomware attack for the third time 3 min read

• News
• Security

ThyssenKrupp suffers ransomware attack for the third time

Ax Sharma February 1, 2021

ThyssenKrupp has again been hit by a cyber attack from the NetWalker ransomware group, after previously having been stricken by two other ransomware groups.... Read More