CVE-2019-18818 – Strapi / Strapi – Unspecified
Summary: CVE-2019-18818 is an unspecified vulnerability impacting multiple versions of Strapi. An exploit was observed in open source and a...
Year: 2021
CVE-2019-19609 – Strapi / Strapi – OS command injection
Summary: CVE-2019-19609 is an OS command injection vulnerability impacting multiple versions of Strapi. An exploit was observed in open source...
Tor vs VPN—What is the difference?
Our data is a precious commodity and there are plenty of people who would like to get their hands on...
Patch now! Netgear fixes serious smart switch vulnerabilities
In a security advisory, NetGear has announced it has fixed three vulnerabilities in firmware updates for several network devices. Most...
ProtonMail hands user’s IP address and device info to police, showing the limits of private email
They say there’s two sides to every story. Depending on your point of view, you may have heard a recent...
Apple delays plans to search devices for child abuse imagery
After the uproar from users and privacy advocates about Apple’s controversial plans to scan users’ devices for photos and messages...
Cyber-Attack on Dotty’s Exposed Personal Data of Customers
Customers' personal data was revealed as a result of a cyber-attack on Dotty's, a fast food and gaming franchise in...
Alleged TrickBot Gang Member Arrested While Leaving South Korea
A Russian native – on accusations of being associated with the TrickBot cybercrime gang – was recently arrested by the...
NFT Collector Scammed into Buying Fake Banksy Bidding
A hacker compromised a site of famed street artist Banksy and sold an NFT (non-fungal token) of artist's art for...
The largest banks in Russia were subjected to a large-scale DDoS attack
A new large-scale DDoS attack carried out late in the evening on September 2 led to the system failure of...
Irish Regulator Fines WhatsApp $266 Million for Breaching EU Privacy Regulations
Facebook-owned WhatsApp has been directed to pay a 225 million euros ($266 million) fine for violating the EU’s General Data...
TIGMINT – OSINT (Open Source Intelligence) GUI Software Framework
An OSINT (Open Source Intelligence) software framework with an objective of making cyber investigations more convinient by implementing abstraction mechanisms...
Penelope – Shell Handler
Penelope is an advanced shell handler. Its main aim is to replace netcat as shell catcher during exploiting RCE vulnerabilities....
A server of the Jenkins project hacked by exploiting a Confluence flaw
The development team behind the Jenkins server disclose a security breach, threat actors deployed a cryptocurrency miner on one of its...
Ragnar Locker gang threatens to leak data if victim contacts law enforcement
The Ragnar Locker ransomware operators threaten to leak stolen data if the victims attempt to contact law enforcement agencies. The...
ProtonMail logged IP address of French activist after foreign request approved by Swiss authorities
A police report revealed that the popular encrypted email service provider ProtonMail shared the IP address of a French activist with the...
TrickBot gang developer arrested at the Seoul international airport
A Russian man accused of being a member of the infamous TrickBot gang was arrested while trying to leave South...
CVE-2018-14576
Summary: The mintTokens function of a smart contract implementation for SunContract, an Ethereum token, has an integer overflow via the...
CVE-2019-12264
Summary: Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the...
CVE-2019-12259
Summary: Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component....
CVE-2019-12263
Summary: Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There...
CVE-2019-12258
Summary: Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability:...
CVE-2021-39608 – flatCore / flatCore CMS – Unrestricted file upload
Summary: CVE-2021-39608 is an unrestricted file upload vulnerability impacting FlatCore-CMS version 2.0.7. An exploit was observed in open source and...
A week in security (August 30 – September 5)
Last week on Malwarebytes Labs ProxyToken: another nail-biter from Microsoft ExchangeMacs turn on apps signed by Symantec, treat them as...
