⤷ Title: Critical Vulnerabilities in AVideo: From SQL Injection to Remote Code Execution
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:43:35 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AVideo #CVE_2026_28501 #CVE_2026_28502 #infosec #Open Source Security #Patch Alert #rce #Remote Code Execution #sql injection #sqli #Video Streaming Security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:43:35 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AVideo #CVE_2026_28501 #CVE_2026_28502 #infosec #Open Source Security #Patch Alert #rce #Remote Code Execution #sql injection #sqli #Video Streaming Security
Daily CyberSecurity
Critical Vulnerabilities in AVideo: From SQL Injection to Remote Code Execution
AVideo patches two critical flaws (CVE-2026-28501 & 28502) allowing unauthenticated SQL injection and remote code execution. Update to version 23 now.
⤷ Title: WordPress Security Alert: Critical Privilege Escalation Flaw in Popular Membership Plugin
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:39:29 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #CVE_2026_1492 #Cyber Threats #infosec #Patch Alert #privilege escalation #User Registration Plugin #Vulnerability #Website Security #wordpress security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:39:29 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #CVE_2026_1492 #Cyber Threats #infosec #Patch Alert #privilege escalation #User Registration Plugin #Vulnerability #Website Security #wordpress security
Daily CyberSecurity
WordPress Security Alert: Critical Privilege Escalation Flaw in Popular Membership Plugin
A critical 9.8 CVSS flaw (CVE-2026-1492) in the WordPress User Registration & Membership plugin lets unauthenticated attackers create admin accounts.
⤷ Title: OAuth Hijack: Phishing Campaigns Weaponize Legitimate Redirection to Bypass Defenses
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:33:29 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cyber Security #DLL side_loading #Entra ID #Google Workspace #infosec #Malware Analysis #Microsoft Defender #OAuth Phishing #phishing campaigns #Redirect URI Abuse #threat intelligence
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:33:29 +0000
════════════════════════
⌗ Tags: #Cybercriminals #Cyber Security #DLL side_loading #Entra ID #Google Workspace #infosec #Malware Analysis #Microsoft Defender #OAuth Phishing #phishing campaigns #Redirect URI Abuse #threat intelligence
Daily CyberSecurity
OAuth Hijack: Phishing Campaigns Weaponize Legitimate Redirection to Bypass Defenses
Microsoft Defender reveals a new phishing campaign abusing OAuth redirect URIs to bypass security and deliver stealthy malware to your system.
⤷ Title: ClickFix Alert: Fake Venture Capitalists Target Web3 Pros with “Terminal” Phishing
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:29:06 +0000
════════════════════════
⌗ Tags: #Malware #ClickFix #cryptocurrency #cyber_espionage #infosec #LinkedIn Scams #malware #Moonlock Lab #North Korean hackers #social engineering #UNC1069 #Web3 security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:29:06 +0000
════════════════════════
⌗ Tags: #Malware #ClickFix #cryptocurrency #cyber_espionage #infosec #LinkedIn Scams #malware #Moonlock Lab #North Korean hackers #social engineering #UNC1069 #Web3 security
Daily CyberSecurity
ClickFix Alert: Fake Venture Capitalists Target Web3 Pros with "Terminal" Phishing
Moonlock Lab uncovers a North Korean-aligned malware campaign targeting Web3 pros. Attackers use fake VC profiles and ClickFix CAPTCHAs to deploy malware.
⤷ Title: Trojanized FileZilla FTP Client Targets Developer Credentials via DLL Sideloading
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:27:51 +0000
════════════════════════
⌗ Tags: #Malware #Credential Theft #Cyber Threats #DLL hijacking #DNS_over_HTTPS #DoH #FileZilla #infosec #Malwarebytes #Search Poisoning #Trojan #version.dll
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:27:51 +0000
════════════════════════
⌗ Tags: #Malware #Credential Theft #Cyber Threats #DLL hijacking #DNS_over_HTTPS #DoH #FileZilla #infosec #Malwarebytes #Search Poisoning #Trojan #version.dll
Daily CyberSecurity
Trojanized FileZilla FTP Client Targets Developer Credentials via DLL Sideloading
Malwarebytes uncovers a trojanized FileZilla campaign using DLL hijacking and DNS-over-HTTPS to silently steal FTP credentials and bypass security.
⤷ Title: Critical RCE Flaw in Qwik Framework Allows Server Takeover via Single Request
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:23:56 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #CVE_2026_27971 #infosec #JavaScript Frameworks #Patch Alert #Qwik #rce #Remote Code Execution #server$ RPC #unsafe deserialization #Web Security
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:23:56 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #CVE_2026_27971 #infosec #JavaScript Frameworks #Patch Alert #Qwik #rce #Remote Code Execution #server$ RPC #unsafe deserialization #Web Security
Daily CyberSecurity
Critical RCE Flaw in Qwik Framework Allows Server Takeover via Single Request
Qwik framework patches a critical 9.2 CVSS RCE vulnerability (CVE-2026-27971) where unsafe deserialization in server$ RPC allows total server takeover.
⤷ Title: The BurrowShell Threat: Inside ‘Sloppy Lemming’s’ Stealthy Cyber Espionage Campaign in South Asia
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:17:59 +0000
════════════════════════
⌗ Tags: #Cyber Security #Malware #APT #Arctic Wolf #BurrowShell #Critical Infrastructure #cyber_espionage #cybersecurity #infosec #Malware Analysis #Sloppy Lemming #threat intelligence
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:17:59 +0000
════════════════════════
⌗ Tags: #Cyber Security #Malware #APT #Arctic Wolf #BurrowShell #Critical Infrastructure #cyber_espionage #cybersecurity #infosec #Malware Analysis #Sloppy Lemming #threat intelligence
Daily CyberSecurity
The BurrowShell Threat: Inside 'Sloppy Lemming's' Stealthy Cyber Espionage Campaign in South Asia
Arctic Wolf details a year-long cyber espionage campaign by Sloppy Lemming, deploying the custom BurrowShell malware against Pakistan and Bangladesh.
⤷ Title: AuraStealer: The “Result-Oriented” Malware Rising from the Post-Lumma Void
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:11:27 +0000
════════════════════════
⌗ Tags: #Malware #AuraStealer #browser security #ClickFix #Cybercrime #infosec #Infostealer #Lumma Stealer #Malware Analysis #threat intelligence #TikTok Scams
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:11:27 +0000
════════════════════════
⌗ Tags: #Malware #AuraStealer #browser security #ClickFix #Cybercrime #infosec #Infostealer #Lumma Stealer #Malware Analysis #threat intelligence #TikTok Scams
Daily CyberSecurity
AuraStealer: The "Result-Oriented" Malware Rising from the Post-Lumma Void
Following the Lumma takedown, the sophisticated AuraStealer malware is rapidly gaining ground, using TikTok scams and stealth to harvest data.
⤷ Title: The Trojan Prompt: How an Autonomous AI Hijacked Aqua Trivy to Weaponize Developer Copilots
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:06:28 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AI Prompt Injection #Aqua Trivy #Claude #cybersecurity #DevSecOps #Gemini #GitHub Copilot #infosec #social engineering #Socket #supply chain attack #VS Code
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:06:28 +0000
════════════════════════
⌗ Tags: #Vulnerability Report #AI Prompt Injection #Aqua Trivy #Claude #cybersecurity #DevSecOps #Gemini #GitHub Copilot #infosec #social engineering #Socket #supply chain attack #VS Code
Daily CyberSecurity
The Trojan Prompt: How an Autonomous AI Hijacked Aqua Trivy to Weaponize Developer Copilots
Socket reveals how an AI bot hijacked the Aqua Trivy VS Code extension, using prompt injection to turn developer AI assistants into stealthy data thieves.
⤷ Title: PlugX Evolves: New “Meeting Invitation” Phishing Campaign Leverages Trusted Security Software
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:00:22 +0000
════════════════════════
⌗ Tags: #Malware #APT41 #cyber_espionage #DLL side_loading #G DATA #infosec #Lab52 #Malware Analysis #Mustang Panda #phishing #PlugX RAT #threat intelligence
════════════════════════
𐀪 Author: Ddos
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:00:22 +0000
════════════════════════
⌗ Tags: #Malware #APT41 #cyber_espionage #DLL side_loading #G DATA #infosec #Lab52 #Malware Analysis #Mustang Panda #phishing #PlugX RAT #threat intelligence
Daily CyberSecurity
PlugX Evolves: New "Meeting Invitation" Phishing Campaign Leverages Trusted Security Software
LAB52 exposes a new China-aligned espionage campaign using fake meeting invitations and G DATA antivirus components to stealthily deploy the PlugX RAT.
⤷ Title: Waybackurls Guide: Extracting Historical URLs for Bug Bounty
════════════════════════
𐀪 Author: JPablo13
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:01:01 GMT
════════════════════════
⌗ Tags: #hacking #technology #penetration_testing #bug_bounty #cybersecurity
════════════════════════
𐀪 Author: JPablo13
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:01:01 GMT
════════════════════════
⌗ Tags: #hacking #technology #penetration_testing #bug_bounty #cybersecurity
Medium
Waybackurls Guide: Extracting Historical URLs for Bug Bounty
Master Waybackurls to find hidden endpoints, sensitive parameters, and old JS files in your security audits.
⤷ Title: Monitoring AWS Services: Splunk, Security Operations - TryHackMe
════════════════════════
𐀪 Author: RosanaFSS
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:25:16 GMT
════════════════════════
⌗ Tags: #ethical_hacking #infosec #tryhackme #aws #cybersecurity
════════════════════════
𐀪 Author: RosanaFSS
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:25:16 GMT
════════════════════════
⌗ Tags: #ethical_hacking #infosec #tryhackme #aws #cybersecurity
Medium
Monitoring AWS Services: Splunk, Security Operations - TryHackMe
Discover common attacks on AWS services and learn how to protect against them.
⤷ Title: CVE Program Report for Quarter 4 Calendar Year (Q4 CY) 2025
════════════════════════
𐀪 Author: CVE Program Blog
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:04:16 GMT
════════════════════════
⌗ Tags: #cybersecurity #information_security #vulnerability_management #vulnerability #infosec
════════════════════════
𐀪 Author: CVE Program Blog
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:04:16 GMT
════════════════════════
⌗ Tags: #cybersecurity #information_security #vulnerability_management #vulnerability #infosec
Medium
CVE Program Report for Quarter 4 Calendar Year (Q4 CY) 2025
The CVE Program’s quarterly summary of program milestones and metrics for Q4 CY 2025.
⤷ Title: From Default Password to SYSTEM: A Beginner’s Walkthrough of TryHackMe Alfred
════════════════════════
𐀪 Author: Robert Perez
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 23:52:03 GMT
════════════════════════
⌗ Tags: #penetration_testing #infosec #ethical_hacking #cybersecurity #tryhackme
════════════════════════
𐀪 Author: Robert Perez
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 23:52:03 GMT
════════════════════════
⌗ Tags: #penetration_testing #infosec #ethical_hacking #cybersecurity #tryhackme
Medium
From Default Password to SYSTEM: A Beginner’s Walkthrough of TryHackMe Alfred
One of the best ways to learn penetration testing is to watch someone else work through a problem and explain their thinking along the way…
⤷ Title: Exploiting HTTP request smuggling to deliver reflected XSS
════════════════════════
𐀪 Author: Ⓥ
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:38:33 GMT
════════════════════════
⌗ Tags: #vulnerability #cybersecurity #penetration_testing #burpsuite #xss_attack
════════════════════════
𐀪 Author: Ⓥ
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:38:33 GMT
════════════════════════
⌗ Tags: #vulnerability #cybersecurity #penetration_testing #burpsuite #xss_attack
Medium
Exploiting HTTP request smuggling to deliver reflected XSS
This writeup demonstrates how to exploit HTTP request smuggling to deliver a reflected XSS payload. The application uses a front-end and…
⤷ Title: Exploiting HTTP request smuggling to reveal front-end request rewriting
════════════════════════
𐀪 Author: Ⓥ
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:38:14 GMT
════════════════════════
⌗ Tags: #cybersecurity #pentesting #burpsuite #exploit #penetration_testing
════════════════════════
𐀪 Author: Ⓥ
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:38:14 GMT
════════════════════════
⌗ Tags: #cybersecurity #pentesting #burpsuite #exploit #penetration_testing
Medium
Exploiting HTTP request smuggling to reveal front-end request rewriting
This writeup demonstrates how to exploit HTTP request smuggling to reveal front-end request rewriting. The application uses a front-end and…
⤷ Title: Why Some Links Open Mobile Apps Instead of Websites — And the Security Risks Behind It
════════════════════════
𐀪 Author: Seif Ahmed Abdelaal
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:12:27 GMT
════════════════════════
⌗ Tags: #cybersecurity #android #penetration_testing #cyber_security_awareness #8ksec
════════════════════════
𐀪 Author: Seif Ahmed Abdelaal
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:12:27 GMT
════════════════════════
⌗ Tags: #cybersecurity #android #penetration_testing #cyber_security_awareness #8ksec
Medium
Why Some Links Open Mobile Apps Instead of Websites — And the Security Risks Behind It
Sometimes a friend sends you a Facebook link on WhatsApp.
⤷ Title: Securing Nginx With ModSecurity: A Step-by-Step Guide to Deploying a Web Application Firewall (WAF)
════════════════════════
𐀪 Author: Mohamed Mostafa Sayed Saber Ali
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 23:28:14 GMT
════════════════════════
⌗ Tags: #ethical_hacking #nginx #linux #cybersecurity #penetration_testing
════════════════════════
𐀪 Author: Mohamed Mostafa Sayed Saber Ali
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 23:28:14 GMT
════════════════════════
⌗ Tags: #ethical_hacking #nginx #linux #cybersecurity #penetration_testing
Medium
Securing Nginx With ModSecurity: A Step-by-Step Guide to Deploying a Web Application Firewall (WAF)
A step-by-step guide to installing ModSecurity, integrating with Nginx, and deploying the OWASP Core Rule Set for real-time web application…
⤷ Title: Block (THM) Tryhackme WriteUp Answer
════════════════════════
𐀪 Author: Lawvye
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:59:52 GMT
════════════════════════
⌗ Tags: #encryption #tryhackme #programming #cybersecurity #networking
════════════════════════
𐀪 Author: Lawvye
════════════════════════
ⴵ Time: Wed, 04 Mar 2026 00:59:52 GMT
════════════════════════
⌗ Tags: #encryption #tryhackme #programming #cybersecurity #networking
Medium
Block (THM) Tryhackme WriteUp Answer
Denoscription : Encryption? What encryption?
⤷ Title: Operation Endgame | TryHackMe | Walkthrough
════════════════════════
𐀪 Author: Sornphut
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 23:28:50 GMT
════════════════════════
⌗ Tags: #tryhackme_writeup #tryhackme #active_directory #tryhackme_walkthrough #windows
════════════════════════
𐀪 Author: Sornphut
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 23:28:50 GMT
════════════════════════
⌗ Tags: #tryhackme_writeup #tryhackme #active_directory #tryhackme_walkthrough #windows
Medium
Operation Endgame | TryHackMe | Walkthrough
Initial Enumeration
⤷ Title: Network Forensics: RedisShell — Kinsing Lab
════════════════════════
𐀪 Author: Khoa
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 22:59:18 GMT
════════════════════════
⌗ Tags: #case_study #digital_forensics #cybersecurity #blue_team #info_sec_writeups
════════════════════════
𐀪 Author: Khoa
════════════════════════
ⴵ Time: Tue, 03 Mar 2026 22:59:18 GMT
════════════════════════
⌗ Tags: #case_study #digital_forensics #cybersecurity #blue_team #info_sec_writeups
Medium
Network Forensics: RedisShell — Kinsing Lab
Investigating a multi-stage container compromise from initial exploit to persistent rootkit access.