Apple SSH privacy bug “exploited at large” remains unpatched after 2 years
A privacy bug lurking around in Apple Mac OS X since at least 2018 continues to remain unpatched and exploited at large.... Read More
vulnerability
Hacker Noon fixes leaky drafts: what about your blog?
Update Aug-13-2020: Hacker Noon has fixed the issue and a reply via a tweet provided more information: “URL removal request went through https://google.com/search?q=site%3Aapp.hackernoon.com%2Fdrafts%2F… . all... Read More
Does your CMS leak drafts? I don’t know about you but I’d be pretty concerned if I found out an unfinished work or report I... Read More
Smart lock bug could let hackers locate you and unlock your door, remotely
A new report published this week sheds light on a vulnerability in smart lock models that hackers could exploit to crack them open remotely. Not... Read More
20,000 GitHub projects at risk from Node.js ‘standard-version’ library vulnerability
More than 20,000 GitHub projects rely on the Node.js standard-version utility to implement semantic versioning (semver) and for generating CHANGELOG files for their builds. A... Read More
PlayStation discloses “severe” Use-After-Free kernel vulnerability
PlayStation has disclosed a severe use-after-free vulnerability, after over three months since it was reported. The vulnerability discovered by researcher Andy Nguyen exists in PS4... Read More
Hacking the antivirus: BitDefender remote code execution vulnerability
What happens when the very antivirus designed to keep you and your organization safe becomes a threat vector for the attackers to exploit? Yesterday, I... Read More
NETGEAR routers vulnerable to “root” code execution, no patch yet
In a recently released vulnerability disclosure from d4rkn3ss from VNPT ISC as well as Adam Nichols of GRIMM, we learn of an unpatched vulnerability impacting... Read More
WordPress Block Editor could let even most basic users exploit XSS vulns!
WordPress 5.4.2 release announcement stated the update shipped with multiple fixes for Cross-Site Scripting (XSS) vulnerabilities. Out of this the most significant fix is... Read More
“Sign in with Apple” vulnerability earns researcher $100,000
Remember seeing that slick “Sign in with Apple” button across many websites and apps? It turns out that a vulnerability allowed attackers to log in to... Read More
Sea Turtle Cyber Espionage Campaign Targets Telecommunication and IT Companies in the Netherlands 
Rogue WordPress plugin: Threat hunters uncover credit card skimming campaign targeting e-commerce sites 
Albanian Parliament and telco ‘One Albania’ suffer cyber attacks 
Carbanak Banking Malware Resurfaces with Updated Tactics in Ransomware Attacks
Share this: