XSS

Hacker published 1 million payment cards data for free; users of 1000 banks in 100 countries, including India, Mexico, US, Australia & Brazil affected

On: August 10, 2021

In early August, Group-IB researchers began tracking unusual activity on a hacking forum specializing in selling stolen payment cards. According to the researchers, the user AW_cards posted a link thatRead More →

How to block Conti ransomware and how it works. Hacker leaks the entire group’s detail

On: August 6, 2021

In: Incidents

Ransomware as a Service (RaaS) has become one of the most prolific models of cybercriminal operation, although this does not mean that there are no disputes between the various threatRead More →

Get XSS bug bounty with XSSfinder

On: March 7, 2020

In: Tutorials

Introduction “Extended XSS Search” is based on initial ideas of XSSfinder. XSS is also called a Cross Site Scripting, it is a type of security vulnerability found in web application.Read More →

How to hack PayPal and steal other people’s money like a pro

On: February 19, 2020

In: Vulnerabilities

Researchers at cybersecurity firm Cybernews released a report detailing the finding of six vulnerabilities in the electronic payment system PayPal that, if exploited, would allow threat actors to carry outRead More →

Critical vulnerabilities in phpMyAdmin

On: December 12, 2018

In: Vulnerabilities

Admins of thousands of websites are waiting for the update launching According to reports of specialists in digital forensics from the International Institute of Cyber Security, the administrators ofRead More →

Vulnerabilities in DJI drone manufacturer

On: November 10, 2018

In: Vulnerabilities

Security bugs could expose details about drone owners Researchers at a cybersecurity and digital forensics firm identified a couple vulnerabilities in the website and apps of the popular drone manufacturerRead More →

Opsview publishes new vulnerabilities report

On: September 5, 2018

In: Vulnerabilities

The flaws could allow code execution Ethical hacking specialists have recently published a vulnerability report jointly with the enterprise systems monitoring software provider Opsview. The publication is related to five vulnerabilities in theRead More →

Critical vulnerabilities present in smart city systems

On: August 10, 2018

In: Vulnerabilities

Researchers have discovered countless zero-day vulnerabilities that can be used to disrupt critical systems Experts in enterprise network security from the International Institute of Cyber Security reported the finding ofRead More →

Stealing Amazon EC2 Keys via an XSS Vulnerability

On: October 30, 2017

In: Vulnerabilities

On a recent engagement, our testers were faced with a single page web application which was used to generate PDF documents. This web application contained a multi-step form that ultimatelyRead More →

SQL Injection & more via XSS in pgAdmin 4

On: April 17, 2017

In: Vulnerabilities

This is the story of how I found and exploited XSS (content injection) in the pgAdmin4 1.3 desktop client. (Before I get too much further if you use pgAdmin 4Read More →

XSS

How to block Conti ransomware and how it works. Hacker leaks the entire group’s detail

Get XSS bug bounty with XSSfinder

How to hack PayPal and steal other people’s money like a pro

Critical vulnerabilities in phpMyAdmin

Vulnerabilities in DJI drone manufacturer

Opsview publishes new vulnerabilities report

Critical vulnerabilities present in smart city systems

Stealing Amazon EC2 Keys via an XSS Vulnerability

SQL Injection & more via XSS in pgAdmin 4

24,649,096,027 (24.65 billion) account usernames and passwords have been leaked by cyber criminals till now in 2022

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

Nigeria spends more than any other African country in spying its citizens

How to Hack Bank’s Voice Recognition System – Voice Biometrics with DeepFake Voice Cloning

Step by step process of hacking ATMs using black box. ATM jackpotting

Critical XXS & CSRF vulnerability allows full account take over of daloRADIUS app

Patch this Internet Explorer zero day vulnerability (CVE-2022-41128) before North Korean hackers exploit it

7 security vulnerabilities in Sophos Firewall version < 19.5.0. Patch immediately

CVE-2022-23093 FreeBSD vulnerability allows remote execution of malware on devices including PlayStation, WhatsApp etc

Zero day Privilege escalation flaw CVE-2022-4139 (CVSS score: 7.0), impacts Linux kernel

Top 8 Free Tools for security testing and audit of your Kubernetes cluster in 2022

3 Techniques that allow bypassing phishing emails through Cisco Secure Email Gateway and are being actively used by ransomware gangs

RedEye: A great opensource cyber security Log Visualization tool for Red and Blue teams

How to easily spoof mac address automatically and be more anonymous

How to Use Advanced Network Intelligence Toolkit for Pentesting: badKarma

Tutorial for pentesting Android apps using the free ZANTI toolkit

5 best free API security testing tools. Protecting your cloud CI/CD Pipeline

How to find zero-day vulnerabilities with Fuzz Faster U Fool (ffuf): Detailed free fuzzing tool tutorial

How to do professional vulnerability assessment on your website for free using Juice Shop?

How to do local privilege escalation attacks on Windows to brute force the local administrator account?

Zerobot botnet can hack into TOTOLink, Zyxel, Realtek, D-Link , F5, Huawei, MEGApix, Telesquare, Zivif, Tenda & Hikvision devices

Wiper malware destroyed data of multiple Russian government agencies

KmsdBot, new botnet infects systems via an SSH & targets the gaming industry, technology industry, and luxury car manufacturers

This ransomware can steal your Veeam credentials and encrypt your backups

Ransomware LockBit 3.0 code leaked on GitHub. Now Anyone can start their ransomware business

Cyber Security Channel

Nigeria spends more than any other African country in spying its citizens

How to Hack Bank’s Voice Recognition System – Voice Biometrics with DeepFake Voice Cloning

Step by step process of hacking ATMs using black box. ATM jackpotting