Mon. Sep 15th, 2025

Security

Hacker selling Vodafone’s Ho Mobile database of 2.5M users 3 min read

Hacker selling Vodafone’s Ho Mobile database of 2.5M users

Ax Sharma December 29, 2020
The database contains ICCID that can be used in SIM swapping attacks. Other information in the leaked dump includes mobile number, customer PII, SIM PUK, IMSI and security hashes.... Read More
joomla logo Joomla fixes ACL violation vulnerability after 2 years 2 min read

Joomla fixes ACL violation vulnerability after 2 years

Ax Sharma December 29, 2020
Joomla! CMS project has fixed an access control violation flaw, CVE-2020-35616 nearly after 2 years of its reporting.... Read More
Google ‘Send Feedback’ bug could expose your sensitive data to attackers 3 min read

Google ‘Send Feedback’ bug could expose your sensitive data to attackers

Ax Sharma December 28, 2020
Google Docs "Send Feedback" feature vulnerability which could expose your sensitive files to attackers earns researcher a $3,134 bounty.... Read More
Insecure QR codes on COVID-19 test results come with data exposure risks 4 min read

Insecure QR codes on COVID-19 test results come with data exposure risks

Ax Sharma December 26, 2020
Medical labs appointed by governments to test incoming international passengers for COVID-19 contain insecure QR code implementations that may lead to data exposure.... Read More
Facebook fixes Instagram bug that leaked user’s private email address and birthday 2 min read

Facebook fixes Instagram bug that leaked user’s private email address and birthday

Ax Sharma December 21, 2020
Facebook has fixed an Instagram bug which leaked users' private email address and date of birth. The company awarded the researcher a $13,125 bug bounty for the report.... Read More
Source code used by Central Banks and Stock Exchanges leaked online 1 min read

Source code used by Central Banks and Stock Exchanges leaked online

Ax Sharma December 1, 2020
This week, the source code of CMA, a software provider relied on by leading central banks across nations and stock exchanges has been exposed online.... Read More
Steam gamers: your Windows PC is prone to privilege escalation attacks 2 min read

Steam gamers: your Windows PC is prone to privilege escalation attacks

Ax Sharma November 25, 2020
Multiple privilege escalation vulnerabilities in Stream gaming service that remain unpatched can make it easy for malware and malicious threat actors to gain persistence and escalate permissions on Windows systems.... Read More
Canadian government site canada.gc.ca SSL certificate expires, breaks links 4 min read

Canadian government site canada.gc.ca SSL certificate expires, breaks links

Ax Sharma November 21, 2020
Government of Canada website canada.gc.ca is throwing SSL errors due to an expired certificate. Multiple Canadian government sites continue to have links to this older site which are now breaking.... Read More
DoS flaw lets attackers crash NodeJS apps via DNS lookups 1 min read

DoS flaw lets attackers crash NodeJS apps via DNS lookups

Ax Sharma November 20, 2020
NodeJS has released fixes for CVE-2020-8277, a DoS vulnerability that could be triggered via DNS requests.... Read More
Drupal fixes critical Remote Code Execution vulnerability, patch now 2 min read

Drupal fixes critical Remote Code Execution vulnerability, patch now

Ax Sharma November 20, 2020
Development team behind Drupal, a popular CMS and blogging platform has issued patches for a remote code execution vulnerability, CVE-2020-13671.... Read More

You may have missed

black and white turtle Sea Turtle Cyber Espionage Campaign Targets Telecommunication and IT Companies in the Netherlands 3 min read

Sea Turtle Cyber Espionage Campaign Targets Telecommunication and IT Companies in the Netherlands

Security Report News January 7, 2024
person holding debit card Rogue WordPress plugin: Threat hunters uncover credit card skimming campaign targeting e-commerce sites 3 min read

Rogue WordPress plugin: Threat hunters uncover credit card skimming campaign targeting e-commerce sites

Security Report News December 31, 2023
a close up of a red and black flag Albanian Parliament and telco ‘One Albania’ suffer cyber attacks 2 min read

Albanian Parliament and telco ‘One Albania’ suffer cyber attacks

Security Report News December 30, 2023
man wearing red hoodie Carbanak Banking Malware Resurfaces with Updated Tactics in Ransomware Attacks 2 min read

Carbanak Banking Malware Resurfaces with Updated Tactics in Ransomware Attacks

Security Report News December 29, 2023