BugCrowd Bug Bounty Disclosure: P1 – RCE in Bitbucket DataCenter via HazelCastPort – By SnowyOwl
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
OSINT
BugCrowd Bug Bounty Disclosure: P5 – Broken Access Control Issue. – By jeetbhdr
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P3 – postMessage XSS in Tesla Payment page – By TheTime
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P4 – Xss on – employers.indeed.com – By ig420_vrush
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Information Disclosure via url tampering – By murderfalcon
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P4 – #2 BLIND XSS ON CONTACT PAGE .doi.gov/contact-us – By Msjsoi323_
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P1 – Log4Shell (CVE-2021-44228) – By aminei
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – CSRF Leads to Logout any Loggedin user from their session – By DeadSniper
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Information exposure through Directory Listing – By jaibalaji
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: P5 – Clickjack Bug in Website – By ethicalpanther
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
A week in security (April 18 – 24)
Last week on Malwarebytes Labs: Why you shouldn’t automate your VirusTotal uploadsNorth Korean Lazarus APT group targets blockchain tech companiesWatch out...
BlackCat Ransomware gang breached over 60 orgs worldwide
At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. FBI....
Experts warn of a surge in zero-day flaws observed and exploited in 2021
The number of zero-day vulnerabilities exploited in cyberattacks in the wild exploded in the last years, security firm report. Google...
CISA: Google Releases Security Updates for Chrome
Google Releases Security Updates for Chrome Google has released Chrome version 100.0.4896.127 for Windows, Mac, and Linux. This version addresses...
CISA: Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure
Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure The cybersecurity authorities of the United States, Australia, Canada, New Zealand,...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: North Korean State-Sponsored APT Targets Blockchain Companies
North Korean State-Sponsored APT Targets Blockchain Companies CISA, the Federal Bureau of Investigation (FBI), and the U.S. Treasury Department have...
CISA: Oracle Releases April 2022 Critical Patch Update
Oracle Releases April 2022 Critical Patch Update Oracle has released its Critical Patch Update for April 2022 to address 520...
CISA: Drupal Releases Security Updates
Drupal Releases Security Updates Drupal has released security updates to address vulnerabilities affecting Drupal 9.2 and 9.3. An attacker could...
CISA: VMware Releases Security Updates for Cloud Director
VMware Releases Security Updates for Cloud Director VMware has released security updates to address a remote code execution vulnerability in...
CISA: Cisco Releases Security Updates for Multiple Products
Cisco Releases Security Updates for Multiple Products Cisco has released security updates to address vulnerabilities in multiple Cisco products. An...
CISA: CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment
CISA Releases Secure Cloud Business Applications (SCuBA) Guidance Documents for Public Comment CISA has released draft versions of two guidance...
CISA: FBI Releases IOCs Associated with BlackCat/ALPHV Ransomware
FBI Releases IOCs Associated with BlackCat/ALPHV Ransomware The Federal Bureau of Investigation (FBI) has released a Flash report detailing indicators of...
Spring4Shell-Scan – A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities
A fully automated, reliable, and accurate scanner for finding Spring4Shell and Spring Cloud RCE vulnerabilities Features Support for lists of...
