Cobalt Stike Beacon Detected – 45[.]32[.]123[.]131:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2022
Cobalt Stike Beacon Detected – 188[.]166[.]118[.]212:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 52[.]13[.]167[.]227:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
CVE-2021-44731 Linux privilege escalation bug affects Canonical’s Snap Package Manager
Qualys experts found a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment...
Researchers created a PoC exploit for recently disclosed critical Magento CVE-2022-24086 bug
Researchers developed an exploit code for CVE-2022-24086 vulnerability affecting Adobe Commerce and Magento Open Source. Positive Technologies researchers have created a working...
Threat actors leverage Microsoft Teams to spread malware
Attackers compromise Microsoft Teams accounts to attach malicious executables to chat and spread them to participants in the conversation. While...
Njsscan – A Semantic Aware SAST Tool That Can Find Insecure Code Patterns In Your Node.js Applications
njsscan is a static application testing (SAST) tool that can find insecure code patterns in your node.js applications using simple...
Firefox and Chrome reaching major versions 100 may break some websites
Mozilla has issued a warning about the upcoming versions 100 for both Chrome and Firefox. The change in the version...
Specially crafted emails could crash Cisco ESA devices
Cisco warns of a DoS issue affecting its Email Security Appliance (ESA) product that could be exploited using specially crafted...
European Data Protection Supervisor call for bans on surveillance spyware like Pegasus
The European Data Protection Supervisor authority called for a ban on the development and the use of Pegasus-like commercial spyware....
Snaffler – A Tool For Pentesters To Help Find Delicious Candy
Snaffler is a tool for pentesters to help find delicious candy needles (creds mostly, but it's flexible) in a bunch...
Cobalt Stike Beacon Detected – 114[.]29[.]255[.]45:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]233[.]39[.]195:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
New Kraken botnet is allowing operators to earn USD 3,000 every month
Researchers spotted a new Golang-based botnet called Kraken that is under active development and supports a lot of backdoor capabilities. Kraken is...
Vicidial cross-site scripting | CVE-2021-46557
NAME Vicidial cross-site scripting Platforms Affected:Vicidial Vicidial 2.14-783aRisk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Vicidial is vulnerable to multiple cross-site scripting, caused by...
crossbeam-utils code execution | CVE-2022-23639
NAME crossbeam-utils code execution Platforms Affected:crossbeam-utils crossbeam-utils 0.8.6Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION crossbeam-utils could allow a remote attacker to execute arbitrary...
Jenkins Team Views Plugin cross-site scripting | CVE-2022-25203
NAME Jenkins Team Views Plugin cross-site scripting Platforms Affected:Jenkins Team Views Plugin 0.9.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Team Views Plugin...
Jenkins Pipeline: Shared Groovy Libraries Plugin code execution | CVE-2022-25182
NAME Jenkins Pipeline: Shared Groovy Libraries Plugin code execution Platforms Affected:Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
Jenkins Generic Webhook Trigger Plugin cross-site scripting | CVE-2022-25185
NAME Jenkins Generic Webhook Trigger Plugin cross-site scripting Platforms Affected:Jenkins Generic Webhook Trigger Plugin 1.81Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Generic...
Flatpress cross-site scripting | CVE-2022-24588
NAME Flatpress cross-site scripting Platforms Affected:Flatpress Flatpress 1.2.1Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Flatpress is vulnerable to multiple cross-site scripting, caused by...
Jenkins Pipeline: Groovy Plugin code execution | CVE-2022-25183
NAME Jenkins Pipeline: Groovy Plugin code execution Platforms Affected:Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Jenkins Pipeline:...
Jenkins Pipeline: Shared Groovy Libraries Plugin code execution | CVE-2022-25181
NAME Jenkins Pipeline: Shared Groovy Libraries Plugin code execution Platforms Affected:Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
Jenkins Pipeline: Shared Groovy Libraries Plugin command execution | CVE-2022-25174
NAME Jenkins Pipeline: Shared Groovy Libraries Plugin command execution Platforms Affected:Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
VMware NSX Data Center for vSphere code execution | CVE-2022-22945
NAME VMware NSX Data Center for vSphere code execution Platforms Affected:VMware NSX Data Center for vSphereRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION VMware...
