Security

Magic mushroom website Shroomery is down and we don’t know why 2 min read

• News
• Security

Magic mushroom website Shroomery is down and we don’t know why

Ax Sharma April 12, 2021

The "world's oldest magic mushroom website," Shroomery has been down this week without any good reason.... Read More

Samsung Email bug could let attackers access your attachments 3 min read

• News
• Security

Samsung Email bug could let attackers access your attachments

Ax Sharma April 11, 2021

This month, Samsung has fixed multiple high severity vulnerabilities across multiple Samsung apps including Samsung Email. By exploiting this vulnerability (CVE-2021-25375), a remote attacker could access email attachments from your Samsung Email app.... Read More

Git remote code execution vulnerability patched, upgrade now 1 min read

• News
• Security

Git remote code execution vulnerability patched, upgrade now

Ax Sharma March 10, 2021

The Git project has released patches for a severe remote code execution (RCE) vulnerability, CVE-2021-21300 that can be exploited by attackers when their malicious repos are cloned.... Read More

WooCommerce fixes critical Upload Files vulnerability 3 min read

• News
• Security

WooCommerce fixes critical Upload Files vulnerability

Ax Sharma March 5, 2021

A critical vulnerability CVE-2021-24171 in WooCommerce Upload Files plugin can be exploited through multiple routes like double extension and path traversal attacks.... Read More

Grayhat pollutes npm, PyPI with thousands of fake supply chain dependencies 2 min read

• News
• Security

Grayhat pollutes npm, PyPI with thousands of fake supply chain dependencies

Ax Sharma March 4, 2021

A gray hat hacker has published over 7,000 dependency confusion packages to npm and PyPI repositories, and continues to post thousands more, in real time.... Read More

ThyssenKrupp suffers ransomware attack for the third time 3 min read

• News
• Security

ThyssenKrupp suffers ransomware attack for the third time

Ax Sharma February 1, 2021

ThyssenKrupp has again been hit by a cyber attack from the NetWalker ransomware group, after previously having been stricken by two other ransomware groups.... Read More

Hacker claims to sell 1.3 million Hyundai Russia customer records 1 min read

• News
• Security

Hacker claims to sell 1.3 million Hyundai Russia customer records

Ax Sharma January 14, 2021

Hacker claims to sell 1.3 million records of Hyundai Russia customers on hacker forum... Read More

Source code revealed for malware that locks IoT male chastity devices 2 min read

• Malware
• News
• Security

Source code revealed for malware that locks IoT male chastity devices

Ax Sharma January 5, 2021

The ChastityLock malware locks your tool up and has got you by the balls, literally. ... Read More

Cloudflare WAF bypass exploits revealed 3 min read

• News
• Security

Cloudflare WAF bypass exploits revealed

Ax Sharma January 4, 2021

A Cross-Site Scripting (XSS) protection bypass technique has been revealed for Cloudflare Web Application Firewall (WAF). The exploit has been publicly known since 2019 but remains unpatched.... Read More

Backdoor master password for thousands of Zyxel firewalls revealed 3 min read

• News
• Security

Backdoor master password for thousands of Zyxel firewalls revealed

Ax Sharma January 1, 2021

Thousands of Zyxel firewalls and access point controllers contain a secret, undocumented hardcoded password giving anyone admin access through this zero-day.... Read More