Vulnerabilities (Page 167)

Two new Mac backdoors discovered

On: March 1, 2017

On Valentine’s Day, Mac users got a special “treat” in the form of new malware. Then, later that same week, there were signs of yet another piece of malware looming. These threatsRead More →

XSS flaws in Zscaler Cloud management software allow logged attackers to hack coworkers

On: March 1, 2017

In: Important, Incidents, Malware, Vulnerabilities

Zscaler has fixed persistent XSS vulnerabilities affecting Zscaler Cloud management software that allow logged attackers to hack coworkers. Serious cross-site scripting (XSS) flaws in the Zscaler Cloud management software could be exploitedRead More →

ESET antivirus cracks opens Apple Macs to remote root execution via man-in-middle diddle

On: March 1, 2017

In: Incidents, Vulnerabilities

Bored hacker looking for fun? We couldn’t possibly suggest you attack the latest vulnerability in ESET’s antivirus software, because it’s too basic to offer any challenge at all. As outlinedRead More →

Critical SQL Injection Vulnerability Found in NextGEN Gallery WordPress Plugin

On: February 28, 2017

In: Vulnerabilities

The vulnerability can lead to attackers grabbing data from website database or user sensitive information. A new SQL Injection vulnerability was discovered in the NextGen Gallery plugin for WordPress, allowingRead More →

Web Cache Deception Attack

On: February 28, 2017

In: Important, Incidents, Malware, Vulnerabilities

A few words about caching and reactions Websites often tend to use web cache functionality (for example over a CDN, a load balancer, or simply a reverse proxy). The purposeRead More →

DNS attacks: How they try to direct you to fake pages

On: February 27, 2017

In: Incidents, Vulnerabilities

DNS servers are essential to the normal functioning of the internet as we know and love it, but they tend to go unnoticed by most users. At least, that is, until someRead More →

Stolen EHR data is flooding criminal underground communities in the Deep Web

On: February 27, 2017

In: Important, Vulnerabilities

EHR data are precious commodities in the cyber criminal underground because of the lack of cyber security of healthcare industry. Electronic health record databases are becoming the most precious commoditiesRead More →

Vulnerability Deep Dive – Ichitaro Office Excel File Code Execution Vulnerability

On: February 25, 2017

In: Important, Vulnerabilities

Vulnerabilities in word processing and office productivity suites are useful targets for exploitation by threat actors. Users frequently encounter file types used by these software suites in their day toRead More →

Database Ransom Attacks Have Now Hit MySQL Servers

On: February 25, 2017

In: Malware, Vulnerabilities

After the ransacking of MongoDB, ElasticSearch, Hadoop, and CouchDB servers, attackers are now hijacking hundreds of MySQL databases, deleting their content, and leaving a ransom note behind asking for aRead More →

Google Goes Public with Unpatched Microsoft Edge and IE Vulnerability

On: February 25, 2017

In: Vulnerabilities

Google has gone public with details of a second unpatched vulnerability in Microsoft products, this time in Edge and Internet Explorer, after last week they’ve published details about a bugRead More →

Vulnerabilities (Page 167)

Two new Mac backdoors discovered

ESET antivirus cracks opens Apple Macs to remote root execution via man-in-middle diddle

Critical SQL Injection Vulnerability Found in NextGEN Gallery WordPress Plugin

Web Cache Deception Attack

DNS attacks: How they try to direct you to fake pages

Stolen EHR data is flooding criminal underground communities in the Deep Web

Vulnerability Deep Dive – Ichitaro Office Excel File Code Execution Vulnerability

Database Ransom Attacks Have Now Hit MySQL Servers

Google Goes Public with Unpatched Microsoft Edge and IE Vulnerability

How Hackers Intercept Mobile OTP and Calls Without ‘Hacking’ — The Shocking Power of SIM Boxes

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

This Hidden Comet/Atlas AI Browser Flaw That Hackers Are Exploiting

How to Use Google’s OSS Rebuild: A New Open Source Software Supply Chain Security Tool

MFA? Irrelevant. CitrixBleed 2 Lets Hackers Take Over Without Logging In

MotW Bypassed: Zero Warning, Full Control – New WinRAR Flaw Silently Bypasses Windows Security

New Vulnerability in GCP Cloud Run Shows Why Least Privilege Isn’t Enough

Forget Metasploit: Inside Predator’s Zero-Click Advertising-Driven Phone Hacking System

How Hackers Intercept Mobile OTP and Calls Without ‘Hacking’ — The Shocking Power of SIM Boxes

13 Insanely Easy Techniques to Hack & Exploit Agentic AI Browsers

How to Use Google’s OSS Rebuild: A New Open Source Software Supply Chain Security Tool

Phishing 2.0: AI Tools Now Build Fake Login Pages That Fool Even Experts

How TokenBreak Technique Hacks OpenAI, Anthropic, and Gemini AI Filters — Step-by-Step Tutorial

Comparing Top 8 AI Code Assistants: Productivity Miracle or Security Nightmare. Can You Patent AI Code Based App?

No Login Required: How Hackers Hijack Your System with Just One Keystroke: utilman.exe Exploit Explained

How to Send DKIM-Signed, 100% Legit Phishing Emails — Straight from Google That Bypass Everything

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

Live Malware Code Mutation: How AI Generates Evasive Malware

Backdooring ATMs via Bootloader? These Hackers Showed It’s Still Possible in 2025”

How Lynx Ransomware Extorts Millions from U.S. Companies

A Malware That EDR Can’t See?If You Rely on Antivirus for Protection, Read This Before It’s Too Late!

Top 2 Malicious Python Packages You Must Avoid! Zebo-0.1.0 & Cometlogger-0.1

Cyber Security Channel

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022