Today, a significant SQL-Injection vulnerability was fixed in WordPress 4.8.3. Before reading further, if you haven’t updated yet stop right now and update. The foundations of this vulnerability was r

HTML Compiler is a program that allows you to put an entire HTML application into a standalone Windows application...

For Educational Purposes Only :D

  By @jstnkndy   While looking for bugs in a target recently I came across a host that was running Expression Engine, a content management platform. This specific application caught my ey…

An Overview of the Linux Kernel Crypto Subsystem - Boris Brezillon, Free Electrons The Linux kernel has long provided cryptographic support for in-kernel use...

tl;dr Untrusted data passed into unserialize() function  in node-serialize module can be exploited to achieve arbitrary code execution by passing a serialized JavaScript Object with an Immediately invoked function expression (IIFE). The Bug During a Node.

kernel privilege escalation enumeration and exploitation framework - spencerdodd/kernelpop

Summary This is a security advisory for a bug that I discovered in Resolv::getaddresses that enabled me to bypass multiple Server-Side Request Forgery filters. Applications such as GitLab and HackerOne were affected by this bug. The disclosure of all reports…

WikiLeaks has resumed its CIA leaks and it has now started publishing source code and other files associated with tools allegedly developed by the intelligence agency.

Hackers attack small vulnerable websites in order to abuse server resources and spread SEO spam. Learn about steps you can take to protect your site.

During an analysis of different remote desktop trojans we came across an interesting attack-chain which leverages an RTF that exploits CVE-2017-8759 to deliver DarkVNC, a malicious version of the well-known VNC, designed to silently remote-control a victim.

<a href="http://lcamtuf.coredump.cx/afl/" target="_blank">American Fuzzy Lop (AFL)</a> is awesome. It’s easily the best thing out there for quickly doing cutting-edge fuzzing analysis on command line applications. But what about the situations where accessing…

iOS was updated to iOS 11.1.1 today. However, there will be iOS 11.1.1 jailbreak demo in POC2017 within 30 minutes!!