New Darcula Phishing Service Targets Iphone Users Via Imessage
A new phishing-as-a-service (PhaaS) named ‘Darcula’ uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users...
Ransomware As A Service And The Strange Economics Of The Dark Web
Ransomware is changing, fast. The past three months have seen dramatic developments among the ransomware ecosystem to include the takedown...
Inc Ransom Threatens To Leak 3tb Of Nhs Scotland Stolen Data
The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service...
Google Spyware Vendors Behind 50 Percent Of Zero Days Exploited In 2023
Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day...
Google Fixes Chrome Zero Days Exploited At Pwn2own 2024
Google fixed seven security vulnerabilities in the Chrome web browser on Tuesday, including two zero-days exploited during the Pwn2Own Vancouver...
Microsoft Monthly Security Update (May 2023)
Updated Source and Related Links.CVE-2023-24955 vulnerability is exploited in the wild. In a network-based attack, an authenticated attacker as a Site...
GSM Hosting – 2,607,440 breached accounts
HIBP In August 2016, breached data from the vBulletin forum for GSM-Hosting appeared for sale alongside dozens of other hacked...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on March 21, 2024. These...
CISA: CISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity
CISA and Partners Release Joint Fact Sheet for Leaders on PRC-sponsored Volt Typhoon Cyber Activity Today, CISA, the National Security...
CISA: CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques
CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques Today, CISA, the Federal Bureau of Investigation...
CISA: Ivanti Releases Security Updates for Neurons for ITSM and Standalone Sentry
Ivanti Releases Security Updates for Neurons for ITSM and Standalone Sentry Ivanti has released security advisories to address vulnerabilities in...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on March 19, 2024. These...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on March 26, 2024. These...
CISA: CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities
CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities Today, CISA and the...
CISA: Apple Released Security Updates for Safari and macOS
Apple Released Security Updates for Safari and macOS Apple released security updates to address a vulnerability (CVE-2024-1580) in Safari and macOS....
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
HackerOne Bug Bounty Disclosure: cve-quic-certificate-check-bypass-with-wolfssl-fullmetal
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:fullmetal5Link to Submitters Profile:https://hackerone.com/fullmetal5 Report Title:CVE-2024-2379: QUIC certificate check bypass with wolfSSLReport...
HackerOne Bug Bounty Disclosure: xss-in-gocd-analytics-plugin-redyetihacks
Company Name: GoCD Company HackerOne URL: https://hackerone.com/gocd Submitted By:redyetihacksLink to Submitters Profile:https://hackerone.com/redyetihacks Report Title:XSS in GOCD Analytics PluginReport Link:https://hackerone.com/reports/2433634Date Submitted:27...
HackerOne Bug Bounty Disclosure: cve-tls-certificate-check-bypass-with-mbedtls-frankyueh
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:frankyuehLink to Submitters Profile:https://hackerone.com/frankyueh Report Title:CVE-2024-2466: TLS certificate check bypass with mbedTLSReport...
HackerOne Bug Bounty Disclosure: cve-http-push-headers-memory-leak-w-x
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:w0x42Link to Submitters Profile:https://hackerone.com/w0x42 Report Title:CVE-2024-2398: HTTP/2 push headers memory-leakReport Link:https://hackerone.com/reports/2402845Date Submitted:27...
HackerOne Bug Bounty Disclosure: http-push-promise-dos-w-x
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:w0x42Link to Submitters Profile:https://hackerone.com/w0x42 Report Title:HTTP/2 PUSH_PROMISE DoSReport Link:https://hackerone.com/reports/2402853Date Submitted:27 March 2024...
HackerOne Bug Bounty Disclosure: cve-ocsp-verification-bypass-with-tls-session-reuse-kurohiro
Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:kurohiroLink to Submitters Profile:https://hackerone.com/kurohiro Report Title:CVE-2024-0853: OCSP verification bypass with...
HackerOne Bug Bounty Disclosure: cve-usage-of-disabled-protocol-dfandrich
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:dfandrichLink to Submitters Profile:https://hackerone.com/dfandrich Report Title:CVE-2024-2004: Usage of disabled protocolReport Link:https://hackerone.com/reports/2384833Date Submitted:27...
