Brute Ratel C4 Detected – 54[.]249[.]138[.]251:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Brute Ratel C4 Detected – 178[.]33[.]49[.]56:8443
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Brute Ratel C4 Detected – 167[.]172[.]140[.]210:443
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Brute Ratel C4 Detected – 94[.]102[.]49[.]64:443
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Brute Ratel C4 Detected – 107[.]148[.]27[.]54:443
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
LockBit 3.0 Ransomware Victim: floresfunza[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hmets[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
HackerOne Bug Bounty Disclosure: idor-leads-to-account-takeover-without-user-interactionbytheranger
Programme HackerOne MTN Group MTN Group Submitted by theranger theranger Report IDOR Leads To Account Takeover Without User Interaction Full...
Anonymous hacked Yandex taxi causing a massive traffic jam in Moscow
The popular collective Anonymous and the IT Army of Ukraine hacked the Yandex Taxi app causing a massive traffic jam...
BeatRev – POC For Frustrating/Defeating Malware Analysts
BeatRev Version 2Disclaimer/LiabilityThe work that follows is a POC to enable malware to "key" itself to a particular victim in...
IRS mistakenly published confidential info for roughly 120K taxpayers
The Internal Revenue Service (IRS) mistakenly leaked confidential information for approximately 120,000 taxpayers. Bad news for approximately 120,000 taxpayers who...
Alleged Iranian threat actors leak the code of their CodeRAT malware
The author of the remote access trojan (RAT) CodeRAT has leaked the source code of its malware on GitHub. The...
Daily Vulnerability Trends: Sun Sep 04 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-28799The TikTok application before 23.7.3 for Android allows account takeover. A crafted...
Security Affairs newsletter Round 382
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
HackerOne Bug Bounty Disclosure: password-disclosure-in-initial-setup-of-mail-appbyanna_larch
Programme HackerOne Nextcloud Nextcloud Submitted by anna_larch anna_larch Report Password disclosure in initial setup of Mail App Full Report A...
HackerOne Bug Bounty Disclosure: brute-force-protections-don’t-workbynickvergessen
Programme HackerOne Nextcloud Nextcloud Submitted by nickvergessen nickvergessen Report Brute force protections don't work Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: federated-share-accepting/declining-is-not-logged-in-audit-logbyrtod
Programme HackerOne Nextcloud Nextcloud Submitted by rtod rtod Report Federated share accepting/declining is not logged in audit log Full Report...
HackerOne Bug Bounty Disclosure: unauthenticated-ssrf-in-3rd-party-module-“cerdic/csstidy”byeg42
Programme HackerOne Nextcloud Nextcloud Submitted by eg42 eg42 Report Unauthenticated SSRF in 3rd party module "cerdic/csstidy" Full Report A considerable...
HackerOne Bug Bounty Disclosure: weak/auto-fill-passwordbyharrisoft
Programme HackerOne MTN Group MTN Group Submitted by harrisoft harrisoft Report Weak/Auto Fill Password Full Report A considerable amount of...
HackerOne Bug Bounty Disclosure: path-traversal-vulnerability-in-grafana-8-x-allows-“-local-file-read-“bya-heybati
Programme HackerOne MTN Group MTN Group Submitted by a-heybati a-heybati Report path traversal vulnerability in Grafana 8.x allows " local...
Google rolled out emergency fixes to address actively exploited Chrome zero-day
Google rolled out emergency fixes to address a vulnerability in the Chrome web browser that is being actively exploited in...
ApacheTomcatScanner – A Python Script To Scan For Apache Tomcat Server Vulnerabilities
A python script to scan for Apache Tomcat server vulnerabilities. FeaturesMultithreaded workers to search for Apache tomcat servers.Multiple target source...
Apache OFBiz code execution | CVE-2022-25813
NAME Apache OFBiz code execution Platforms Affected:Apache OFBiz 18.12.05Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache OFBiz could allow a remote attacker to...
Node.js lit-payment-form module code execution |
NAME Node.js lit-payment-form module code execution Platforms Affected:Node.js lit-payment-formRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js lit-payment-form module could allow a remote attacker...
