Vulnerabilities (Page 144)

The Weak Bug – Exploiting a Heap Overflow in VMware

On: July 8, 2017

Introduction In march 2017, I took part in the pwn2own contest with team Chaitin Security Research Lab. The target I was focused on was VMware Workstation Pro and we managed to getRead More →

BroadPwn potentially expose to hack millions of Android devices using Broadcom Wi-Fi Chip

On: July 7, 2017

In: Incidents, Mobile Security, Vulnerabilities

Google warned of a serious flaw dubbed BroadPwn in some Broadcom Wi-Fi chipsets that potentially impacts millions of Android devices. Google published the monthly security update for Android devices, it warned ofRead More →

Perl devs fix an important flaw in DBD—MySQL that affects encryption between client and server

On: July 6, 2017

In: Vulnerabilities

Perl development team solved a flaw in DBD—MySQL in some configurations that wasn’t enforcing encryption allowing an attacker to power MiTM attacks. The security researcher Pali Rohár reported an important flawRead More →

Fourth Largest Cryptocurrency Exchange Was Hacked. Users Lose Ethereum & Bitcoin

On: July 6, 2017

In: Incidents, Vulnerabilities

Bithumb, the world’s fourth largest cryptocurrency exchange by volume, confirmed a security incident during which an unknown hacker was able to make off with an yet undetermined amount of funds.Read More →

SIEMENS PATCHES CRITICAL INTEL AMT FLAW IN INDUSTRIAL PRODUCTS

On: July 1, 2017

In: Vulnerabilities

Siemens patched two critical vulnerabilities that affected its industrial products this week. One, tied to a recently disclosed flaw in Active Management Technology – a function of certain Intel processorsRead More →

SQL Injection flaw in WordPress Plugin WP Statistics potentially exposed 300,000+ Sites

On: July 1, 2017

In: Vulnerabilities

Security experts at Sucuri have discovered a SQL Injection vulnerability in WP Statistics, one of the most popular WordPress plugins. Security experts at Sucuri have discovered a SQL Injection vulnerability in WPRead More →

Management bug can crash Cisco IOS, IOS XE

On: June 30, 2017

In: Vulnerabilities

Nine SNMP MIBs vulnerable. Cisco’s been caught out by the venerable Simple Network Management Protocol, turning up nine bugs in IOS and IOS XE that appear in all SNMP versions. ItsRead More →

Linux-fight! Dev's plan to bundle kernel patches sparks debate

A critical flaw allows hacking Linux machines with just a malicious DNS Response

On: June 29, 2017

In: Incidents, Vulnerabilities

A remote attacker can trigger the buffer overflow vulnerability to execute malicious code on affected Linux systems with just a malicious DNS response. Chris Coulson, Ubuntu developer at Canonical, has foundRead More →

Zero-day Skype flaw causes crashes, remote code execution

On: June 28, 2017

In: Vulnerabilities

The critical flaw doesn’t require any user interaction, either. A critical flaw in Microsoft’s Skype web messaging and call service allows attackers to crash systems and execute code. This week,Read More →

This Windows Defender bug was so gaping its PoC exploit had to be encrypted

On: June 27, 2017

In: Vulnerabilities

Microsoft recently patched a critical vulnerability in its ubiquitous built-in antivirus engine. The vulnerability could have allowed attackers to execute malicious code by luring users to a booby-trapped website orRead More →

Vulnerabilities (Page 144)

The Weak Bug – Exploiting a Heap Overflow in VMware

BroadPwn potentially expose to hack millions of Android devices using Broadcom Wi-Fi Chip

Perl devs fix an important flaw in DBD—MySQL that affects encryption between client and server

Fourth Largest Cryptocurrency Exchange Was Hacked. Users Lose Ethereum & Bitcoin

SIEMENS PATCHES CRITICAL INTEL AMT FLAW IN INDUSTRIAL PRODUCTS

SQL Injection flaw in WordPress Plugin WP Statistics potentially exposed 300,000+ Sites

Management bug can crash Cisco IOS, IOS XE

A critical flaw allows hacking Linux machines with just a malicious DNS Response

Zero-day Skype flaw causes crashes, remote code execution

This Windows Defender bug was so gaping its PoC exploit had to be encrypted

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

How to Use Google’s OSS Rebuild: A New Open Source Software Supply Chain Security Tool

MFA? Irrelevant. CitrixBleed 2 Lets Hackers Take Over Without Logging In

MotW Bypassed: Zero Warning, Full Control – New WinRAR Flaw Silently Bypasses Windows Security

New Vulnerability in GCP Cloud Run Shows Why Least Privilege Isn’t Enough

Hackers Can Manipulate Your Heart Rate Monitor – Unbelievable Security Flaw!

How to Use Google’s OSS Rebuild: A New Open Source Software Supply Chain Security Tool

Phishing 2.0: AI Tools Now Build Fake Login Pages That Fool Even Experts

How TokenBreak Technique Hacks OpenAI, Anthropic, and Gemini AI Filters — Step-by-Step Tutorial

Comparing Top 8 AI Code Assistants: Productivity Miracle or Security Nightmare. Can You Patent AI Code Based App?

No Login Required: How Hackers Hijack Your System with Just One Keystroke: utilman.exe Exploit Explained

How to Send DKIM-Signed, 100% Legit Phishing Emails — Straight from Google That Bypass Everything

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

WinRAR and ZIP File Exploits: This ZIP File Hack Could Let Malware Bypass Your Antivirus

5 Techniques Hackers Use to Jailbreak ChatGPT, Gemini, and Copilot AI systems

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

How Lynx Ransomware Extorts Millions from U.S. Companies

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

Top 2 Malicious Python Packages You Must Avoid! Zebo-0.1.0 & Cometlogger-0.1

This Hacker Toolkit Can Breach Any Air-Gapped System – Here’s How It Works

Hackers’ Guide to Rogue VM Deployment: Lessons from the MITRE hack

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]