NAME__________HAProxy request smugglingPlatforms Affected:Risk Level:5.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________HAProxy is vulnerable to HTTP request smuggling, caused by improper parsing of HTTP headers...
NAME__________PDF-XChange Editor code executionPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________PDF-XChange Editor could allow a remote attacker to execute arbitrary code on the...
The adversary behind the supply chain attack targeting 3CX deployed a second-stage implant specifically singling out a small number of...
Microsoft has announced plans to automatically block embedded files with "dangerous extensions" in OneNote following reports that the note-taking service...
Western Digital announced today that its network has been breached and an unauthorized party gained access to multiple company systems....
The Cybersecurity and Infrastructure Security Agency (CISA) warned federal agencies to patch a Zimbra Collaboration (ZCS) cross-site scripting flaw exploited...
Today, the U.S. Department of Justice seized six virtual currency accounts containing over $112 million in funds stolen in cryptocurrency...
Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without...
Some of the victims affected by the 3CX supply chain attack have also had their systems backdoored with Gopuram malware,...
British outsourcing services provider Capita announced today that a cyberattack on Friday prevented access to its internal Microsoft Office 365 applications. London-based...
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a...
The April 18 tax deadline is here and so are scams surrounding it. A cybercrime group identified as TACTICAL#OCTOPUS was...
Programme HackerOne Kindred Group Kindred Group Submitted by naaash naaash Report Delete messages via IDOR at /mom-api/messages/unibet_@unibet/ Full Report ...
Programme HackerOne Kindred Group Kindred Group Submitted by fransrosen fransrosen Report Full Account Takeover on *.unibet.com due to crossdomain.xml and...
Programme HackerOne 8x8 Bounty 8x8 Bounty Submitted by bababounty99 bababounty99 Report Dangling DNS Record docs.jitsi.net (unsuccessful GSuite takeover) Full Report...
Programme HackerOne Kindred Group Kindred Group Submitted by sw33tlie sw33tlie Report Reverse proxy misconfiguration leads to 1-click account takeover Full...
A piece of new information-stealing malware called OpcJacker has been spotted in the wild since the second half of 2022...
Data storage devices maker Western Digital on Monday disclosed a "network security incident" that involved unauthorized access to its systems....
The Italian data protection watchdog, Garante per la Protezione dei Dati Personali (aka Garante), has imposed a temporary ban of...
Privileged Access Management (PAM) solutions are regarded as the common practice to prevent identity threats to administrative accounts. In theory,...
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
