CVE-2021-20228
Summary: A flaw was found in the Ansible Engine 2.9.18, where sensitive info is not masked by default and is...
CVE-2020-27153
Summary: In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker...
CVE-2021-21775
Summary: A use-after-free vulnerability exists in the way certain events are processed for ImageLoader objects of Webkit WebKitGTK 2.30.4. A...
CVE-2021-21779
Summary: A use-after-free vulnerability exists in the way Webkit’s GraphicsContext handles certain events in WebKitGTK 2.30.4. A specially crafted web...
CVE-2021-32791
Summary: mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party,...
OrderSnapp – 1,304,447 breached accounts
In June 2020, the restaurant solutions provider OrderSnapp suffered a data breach which exposed 1.3M unique email addresses. Impacted data...
MMG Fusion – 2,660,295 breached accounts
In December 2020, the dental practice management service MMG Fusion was the victim of a data breach which exposed 2.6M...
Telegram Bug in Mac Allows User To Save Secret Chats
Cybersecurity experts have found a technique for Telegram users of Mac to keep self disappearing texts or view the messages...
Detecting Cobalt Strike: Cybercrime Attacks
One of the latest researches revealed that cybercriminals who employ malware often use the Cobalt Strike tool to release multiple...
Several Critical Flaws Detected in Las Vegas’s Leading Casinos
External attack surface management platform, Reposify, has discovered multiple vulnerabilities in the IT networks of Las Vegas’s leading casinos. Recently,...
New DNS Flaw Enables ‘Nation-State Level Spying’ on Companies
Researchers discovered a new category of DNS vulnerabilities hitting major DNS-as-a-Service (DNSaaS) providers, which may enable attackers to get access...
Inadequate Payment Leads the Affiliate to Leak the Ransomware Gang’s Technical Manual
A frustrated Conti affiliate revealed the gang's training material during attacks and released details on one of the administrators of...
Go-Shellcode – A Repository Of Windows Shellcode Runners And Supporting Utilities
go-shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API...
cThreadHijack – Beacon Object File (BOF) For Remote Process Injection Via Thread Hijacking
___________.__ .______ ___ .__ __ __ _____ ___/| |_________ ____ _____ __| _/ | |__| |__|____ ____ | | ___/...
NordLynx WireGuard Config Extraction Script
A Simple bash script to extract the NordLynx Wireguard config information that is needed to use wireguard and nord outside...
RansomEXX ransomware hit computer manufacturer and distributor GIGABYTE
Taiwanese manufacturer and distributor of computer hardware GIGABYTE was a victim of the RansomEXX ransomware gang. RansomEXX ransomware gang hit...
RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna
RansomEXX ransomware operators hit the popular Italian luxury fashion house Ermenegildo Zegna Holding and started leaking stolen files. Zegna is one of...
Ivanti fixed a critical code execution issue in Pulse Connect Secure VPN
Security firm Ivanti addressed a critical vulnerability in its Pulse Connect Secure VPN appliances that could be exploited to execute...
CVE-2021-32558
Summary: An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before...
CVE-2021-28165
Summary: In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon...
CVE-2021-28165
Summary: In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon...
CVE-2021-32610
Summary: In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193....
CVE-2021-36754
Summary: PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535)...
CVE-2021-36983
Summary: replay-sorcery-kms in Replay Sorcery 0.6.0 allows a local attacker to gain root privileges via a symlink attack on /tmp/replay-sorcery...
