WooCommerce Multi Currency Bug Allows Customers to Modify the Cost of Items on Online Stores
A security flaw in the WooCommerce Multi Currency plugin might allow any consumer to alter product prices in online stores....
OSINT
Summer 2021: Friday Night Funkin’, Måneskin and pop it
This summer, several events that were postponed from 2020 due to the pandemic took place. Some of them interested children,...
DNSTake – A Fast Tool To Check Missing Hosted DNS Zones That Can Lead To Subdomain Takeover
A fast tool to check missing hosted DNS zones that can lead to subdomain takeover. What is a DNS takeover?DNS...
CVE-2021-40444 PoC – Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)Creation of this Script is based on some reverse...
Plution – Prototype Pollution Scanner Using Headless Chrome
Plution is a convenient way to scan at scale for pages that are vulnerable to client side prototype pollution via...
Kali Linux 2021.3 – Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2021.1. This release has various impressive updates.A summary of the changes...
Bitdefender released free REvil ransomware decryptor that works for past victims
Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation that allows past victims to recover their...
Anonymous hacked the controversial, far-right web host Epik
Anonymous claims to have hacked the controversial web hosting provider Epik, known for allowing far-right, neo-Nazi, and other extremist content....
OMIGOD vulnerabilities expose thousands of Azure users to hack
OMIGOD – Microsoft addressed four vulnerabilities in the Open Management Infrastructure (OMI) software agent that could expose Azure users to...
Microsoft announces passwordless authentication for consumer accounts
Microsoft announced that users can access their consumer accounts without providing passwords and using more secure authentication methods. Microsoft will...
What are SSL certificates?
Secure Sockets Layer (SSL) certificates are what cause your browser to display a padlock icon, indicating that your connection to...
Patch now! PrintNightmare over, MSHTML fixed, a new horror appears … OMIGOD
The September 2021 Patch Tuesday could be remembered as the final patching attempt in the PrintNightmare… nightmare. The ease with...
Only one-in-ten Russian organizations are aware of the danger of vulnerabilities in web applications
In 2020, attacks on the web accounted for one-third of all information security incidents. However, only 10% of Russian organizations...
Nearly 50% of On-Premises Databases Have Unpatched Vulnerabilities
The five-year longitudinal research conducted by cybersecurity firm Imperva revealed that nearly half of on-premises databases globally contain at least...
Millions of HP OMEN Gaming PCs Impacted by Driver Vulnerability
On Tuesday, security experts revealed data about a high-severity weakness in the HP OMEN driver software, which affects millions of...
Linux Implementation of Cobalt Strike Beacon Employed by Hackers in Attacks Worldwide
Security experts have detected an unauthorized version of the Cobalt Strike Beacon Linux created by malicious attackers that are actively...
Hackers Can Use the SSID Stripping Flaw to Mimic Real Wireless APs
A group of researchers discovered what appears to be a new way for threat actors to mislead people into connecting...
Vailyn – A Phased, Evasive Path Traversal + LFI Scanning & Exploitation Tool In Python
Vailyn's Crawler analyzing a damn vulnerable web application. LFI Wrappers are not enabled. GUI Demonstration (v2.2.1-5) Possible IssuesFound some false...
Rootend – A *Nix Enumerator And Auto Privilege Escalation Tool
rootend is a python *nix Enumerator & Auto Privilege Escalation tool. For a full list of our tools, please visit...
Three formers NSA employees fined for providing hacker-for-hire services to UAE firm
Three former NSA employees entered into a deferred prosecution agreement that restricts their future activities and employment and requires the...
US CISA appointed Kiersten Todt as new chief of staff
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has appointed Kiersten Todt as its new chief of staff. The U.S....
Microsoft Patch Tuesday fixes CVE-2021-40444 MSHTML zero-day
Microsoft Patch Tuesday security updates for September 2021 addressed a high severity zero-day flaw actively exploited in targeted attacks. Microsoft Patch...
Mēris Bot infects MikroTik routers compromised in 2018
Latvian vendor MikroTik revealed that recently discovered Mēris botnet is targeting devices that were compromised three years ago. Last week, the Russian...
Millions of HP OMEN gaming PCs impacted by CVE-2021-3437 driver flaw
A high severity vulnerability, tracked as CVE-2021-3437, in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS...
