Cross-site scripting (XSS)

8 critical vulnerabilities in GitLab would allow hackers to install backdoors in your code

On: June 6, 2022

In its most recent security release, GitLab announced the launching of GitLab Community Edition (CE) and GitLab Enterprise Edition (EE) versions 15.01, 14.9.4, and 14.9.5. These updates contain important securityRead More →

Critical vulnerabilities allow hacking medical surgical robots and putting lives at risk

On: April 12, 2022

In: Vulnerabilities

Engineering firm Aethon announced the correction of various vulnerabilities in its Tug hospital robots whose exploitation would allow threat actors to take remote control of compromised devices. These flaws, identifiedRead More →

CVE-2022-0757: Rapid7 Nexpose SQL injection vulnerability, also known as security console: Patch immediately

On: March 31, 2022

In: Vulnerabilities

Rapid7 security teams announced the fix of a critical SQL injection vulnerability in Nexpose, a popular local vulnerabilities management software. The flaw was tracked as CVE-2022-0757 and received a scoreRead More →

1 out of 3 WordPress plugins does not receive security updates; millions of websites at risk

On: March 9, 2022

In: Vulnerabilities

A report specialized in WordPress security points to a 150% increase in reported flaws during 2021 compared to the previous year, in addition to establishing that almost 30% of theRead More →

3 XSS vulnerabilities in IBM Security QRadar SOAR: Update immediately

On: March 8, 2022

In: Vulnerabilities

Cybersecurity specialists reported the detection of multiple vulnerabilities in IBM Security QRadar SOAR. According to the report, successful exploitation of these flaws would allow the deployment of severe attack scenarios.Read More →

Anyone can bypass the Google and AWS Web Application Firewall (WAF) with an 8 KB POST request

On: March 4, 2022

In: Vulnerabilities

Most web applications today must be protected against multiple hacking variants, such as remote code execution (RCE), SQL injections, cross-site scripting (XS) attacks, and other common security issues. The so-calledRead More →

New vulnerability on Mac provides full access to iCloud accounts, PayPal and more of the affected users, as well as granting access to their microphone, camera and screen. The greatest reward ever delivered by Apple

On: January 26, 2022

In: Vulnerabilities

This week, a young cybersecurity researcher demonstrated how to hack the webcams of Mac devices to leave the devices completely open to other attack variants. Ryan Pickren submitted his reportRead More →

2 critical vulnerabilities discovered in Cisco Prime servers

On: January 24, 2022

In: Vulnerabilities

Cisco Prime web interface is affected by a couple of security flaws whose successful exploitation would allow threat actors to deploy remote code execution (RCE) attacks. This is a networkRead More →

25 vulnerabilities in F5 firewall and other products: Patch immediately

On: January 20, 2022

In: Vulnerabilities

On Wednesday, specialists from the technology firm F5 Networks published a detailed report on the finding of 25 vulnerabilities in some of its products. According to reports, successful exploitation ofRead More →

Vulnerabilities in thousands of EVLINK electric vehicle charging stations could reduce your car to ashes

On: December 27, 2021

In: Vulnerabilities

In a security alert, Schneider Electric confirmed the detection and fix of various vulnerabilities residing in EVlink EV charging stations, which could expose these deployments to malicious hackers. To beRead More →

Cross-site scripting (XSS)

8 critical vulnerabilities in GitLab would allow hackers to install backdoors in your code

Critical vulnerabilities allow hacking medical surgical robots and putting lives at risk

CVE-2022-0757: Rapid7 Nexpose SQL injection vulnerability, also known as security console: Patch immediately

1 out of 3 WordPress plugins does not receive security updates; millions of websites at risk

3 XSS vulnerabilities in IBM Security QRadar SOAR: Update immediately

Anyone can bypass the Google and AWS Web Application Firewall (WAF) with an 8 KB POST request

New vulnerability on Mac provides full access to iCloud accounts, PayPal and more of the affected users, as well as granting access to their microphone, camera and screen. The greatest reward ever delivered by Apple

2 critical vulnerabilities discovered in Cisco Prime servers

25 vulnerabilities in F5 firewall and other products: Patch immediately

Vulnerabilities in thousands of EVLINK electric vehicle charging stations could reduce your car to ashes

TunnelCrack: Two serious vulnerabilities in VPNs discovered, had been dormant since 1996

How to easily hack TP-Link Archer AX21 Wi-Fi router

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

Compromising Cryptographic Key Security Through PuTTY: A Deep Dive into CVE-2024-31497

How to hack a LG Smart TV via vulnerabilities in LG WebOS?

How to Check if a Linux Distribution is Compromised by the XZ Utils Backdoor in 6 Steps

CVE-2023-5528: Kubernetes Flaw Jeopardizing Windows Node That Can’t Be Ignored

Hacking Debian, Ubuntu, Redhat& Fedora servers using a single vulnerability in 2024

The 11 Essential Falco Cloud Security Rules for Securing Containerized Applications at No Cost

Hack-Proof Your Cloud: The Step-by-Step Continuous Threat Exposure Management CTEM Strategy for AWS & AZURE

Web-Based PLC Malware: A New Technique to Hack Industrial Control Systems

The API Security Checklist: 10 strategies to keep API integrations secure

11 ways of hacking into ChatGpt like Generative AI systems

How to send spoof emails from domains that have SPF and DKIM protections?

Silent Email Attack CVE-2023-35628 : How to Hack Without an Email Click in Outlook

How to Bypass EDRs, AV with Ease using 8 New Process Injection Attacks

Is Your etcd an Open Door for Cyber Attacks? How to Secure Your Kubernetes Clusters & Nodes

CVSS 4.0 Explained: From Complexity to Clarity in Vulnerability Assessment

Major Python Infrastructure Breach – Over 170K Users Compromised. How Safe Is Your Code?

How to exploit Windows Defender Antivirus to infect a device with malware

Inside the Scam: How Ransomware Gangs Fool You with Data Deletion Lies!

How to Bypass EDRs, AV with Ease using 8 New Process Injection Attacks

How hrserver.dll stealthy webshell can mimic Google’s Web Traffic to hide and compromise networks

Cyber Security Channel

US Govt wants new label on secure IoT devices or wants to discourage use of Chinese IoT gadgets

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]