Pax – CLI Tool For PKCS7 Padding Oracle Attacks
Exploit padding oracles for fun and profit!Pax (PAdding oracle eXploiter) is a tool for exploiting padding oracles in order to:Obtain...
hacking
Sophos warns of a new actively exploited flaw in Firewall product
Sophos warns that a critical code injection security vulnerability in its Firewall product is actively exploited in the wild. Sophos...
Anonymous claims to have hacked the website of the Russian Ministry of Defense
The popular collective Anonymous claims to have hacked the website of the Russian Ministry of Defense and leaked data of...
CISA adds Zoho ManageEngine flaw to its Known Exploited Vulnerabilities Catalog
CISA added a security flaw in Zoho ManageEngine, tracked as CVE-2022-35405, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and...
Surge in Magento 2 template attacks exploiting the CVE-2022-24086 flaw
Sansec researchers warn of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Sansec researchers...
SCodeScanner – Stands For Source Code Scanner Where The User Can Scans The Source Code For Finding The Critical Vulnerabilities
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities. The...
Australian Telecoms company Optus discloses security breach
Australian telecoms company Optus disclosed a data breach, threat actors gained access to former and current customers. Optus, one of...
AttachMe: a critical flaw affects Oracle Cloud Infrastructure (OCI)
A critical vulnerability in Oracle Cloud Infrastructure (OCI) could be exploited to access the virtual disks of other Oracle customers....
A 15-Year-Old Unpatched Python bug potentially impacts over 350,000 projects
More than 350,000 open source projects can be potentially affected by a 15-Year-Old unpatched Python vulnerability More than 350,000 open...
Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign
Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn...
OSRipper – AV Evading OSX Backdoor And Crypter Framework
OSripper is a fully undetectable Backdoor generator and Crypter which specialises in OSX M1 malware. It will also work on...
A disgruntled developer is the alleged source of the leak of the Lockbit 3.0 builder
A disgruntled developer seems to be responsible for the leak of the builder for the latest encryptor of the LockBit...
Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign
Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. Redis,...
Hackers stole $160 Million from Crypto market maker Wintermute
Threat actors have stolen around $160 million worth of digital assets worth from crypto trading firm Wintermute. Malicious actors continue to...
U.S. gov adds more Chinese Telecom firms to the Covered List
The U.S. Federal Communications Commission (FCC) has added more Chinese telecom firms to the Covered List. The U.S. Federal Communications...
Imperva blocked a record DDoS attack with 25.3 billion requests
Cybersecurity company Imperva announced to have mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests....
Russian Sandworm APT impersonates Ukrainian telcos to deliver malware
Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm...
Uber believes that the LAPSUS$ gang is behind the recent attack
Uber disclosed additional details about the security breach, the company blames a threat actor allegedly affiliated with the LAPSUS$ hacking...
Analyzing IP Addresses to Prevent Fraud for Enterprises
How can businesses protect themselves from fraudulent activities by examining IP addresses? The police would track burglars if they left...
Kam1n0 – Assembly Analysis Platform
Kam1n0 v2.x is a scalable assembly management and analysis platform. It allows a user to first index a (large) collection...
American Airlines disclosed a data breach
American Airlines disclosed a data breach, threat actors had access to an undisclosed number of employee email accounts. American Airlines recently suffered...
IT giants warn of ongoing Chromeloader malware campaigns
VMware and Microsoft are warning of a widespread Chromeloader malware campaign that distributes several malware families. ChromeLoader is a malicious...
Revolut security breach: data of +50,000 users exposed
Revolut has suffered a cyberattack, threat actors have had access to personal information of tens of thousands of customers. The financial...
CATS – REST API Fuzzer And Negative Testing Tool For OpenAPI Endpoints
REST API fuzzer and negative testing tool. Run thousands of self-healing API tests within minutes with no coding effort!Comprehensive: tests...
