Recording from Meta's security conference 2020 - Enjoy

360 Security Center has detected a variety of hacking Trojans through the fileless attack protection function，and Trojans spread through the new Trojan distribution framework. According to the framework's peculiar naming method, we named it SolarSys.

Marcin Towalski and Cory Duplantis of Cisco Talos discovered these vulnerabilities.

Cisco Talos recently discovered multiple vulnerabilities in the LEADTOOLS line of imaging toolkits. LEADTOOLS is a collection of toolkits designed to perform a variety of…

Fuzzilii is a JavaScript engine fuzzing library, it's a coverage-guided fuzzer for dynamic language interpreters based on a custom intermediate language.

Explore expert insights on pentesting/bug bounty hunting on this blog, your go-to resource for cutting-edge web security research.

Popular chat apps, including LINE, Slack, Twitter DMs and others, can also leak location data and share private info with third-party servers.

A centralized resource for previously documented WDAC bypass techniques - bohops/UltimateWDACBypassList

Contribute to Vi45en/Pesidious development by creating an account on GitHub.

Telegram’s built-in contact import feature was exploited to leak the personal data of millions of users onto the darknet

Together with CISA and the FBI, US Cyber Command wish Russian state hackers a "Happy Halloween!"

A few days ago I started playing with some idea I had from a few weeks already, using a Raspberry Pi Zero W to make a mini WiFi deauthenticator: something in my

Scenario You have recovered Domain User credentials for a domain but have  no privileged or interactive access to any targets i.e. no Domain Admin account or any account that is capable of establis…

Recently, I discovered a small but potentially devastating vulnerability in the new Tor feature of the Brave browser. As of November 2nd 2020, Brave monthly users have massively increased their browser market share to 20 Million Monthly Active Users + 7…