REW-sploitThe tool has been presented at Black-Hat Arsenal USA 2021 https://www.blackhat.com/us-21/arsenal/schedule/index.html#rew-sploit-dissecting-metasploit-attacks-24086 Slides of presentation are available at https://github.com/REW-sploit/REW-sploit_docs Need help...
Allstar is a GitHub App installed on organizations or repositories to set and enforce security policies. Its goal is to...
Threat actors breached the servers of US Census Bureau on January 11, 2020, exploiting an unpatched Citrix ADC zero-day vulnerability,...
North Korea-linked InkySquid group leverages two Internet Explorer exploits to deliver a custom implant in attacks aimed at a South...
Researchers conducted a new analysis of the Diavol ransomware and found new evidence of the link with the gang behind...
T-Mobile has confirmed that hackers have stolen records belonging to 48.6 million of current and former customers. Recently T-Mobile has...
Summary: think-helper defines a set of helper functions for ThinkJS. In versions of think-helper prior to 1.1.3, the software receives...
Summary: An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free...
Summary: chatwoot is vulnerable to Inefficient Regular Expression Complexity Reference Links(if available): https://github.com/chatwoot/chatwoot/commit/aa7db90cd2d23dbcf22a94f1e4c100dd909e2172 https://huntr.dev/bounties/1625088985607-chatwoot/chatwoot CVSS Score (if available) v2: /...
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in `tf.raw_ops.QuantizeV2`,...
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in MKL...
Following an announcement by Blackberry the U.S. Food & Drug Administration (FDA) and the Cybersecurity & Infrastructure Security Agency (CISA)...
Phishing scammers love well known brand names, because people trust them, and their email designs are easy to rip off....
A deep dive into macOS 11’s internals reveals some security surprises that deserve to be more widely known. Contents IntroductionDisclaimersmacOS...
Cybersecurity experts have unearthed critical security flaws in Realtek chips that affect more than 65 hardware vendors and several wireless...
The Institute AV-TEST records around 450,000 new critical programmings (malware) every day with several potentially unwanted applications (PUA). These are...
T-Mobile announced a data breach on Monday after a hacking organization claimed to have gotten records of 100 million T-Mobile...
jsleak is a tool to identify sensitive data in JS files through regex patterns. Although it's built for this, you...
AuraBorealis is a web application for visualizing anomalous and potentially malicious code in Python package registries. It uses security audit...
NOTE: The information on this page is fully automated and scraped directly from the Xing .onion Dark Web Tor Blog...
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a read...
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can trigger a crash...
Summary: Due to insufficient input validation in Kyma, authenticated users can pass a Header of their choice and escalate privileges....
Summary: TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation for `tf.raw_ops.FractionalAvgPoolGrad` can be...
