Our Research team discovered critical code vulnerabilities in Proton Mail, Skiff, and Tutanota. This post covers the technical details of the XSS vulnerability in Skiff.

Attackers resorted to new ransomware after deployment of LockBit was blocked on targeted network.

Contribute to Syslifters/split-bloodhound development by creating an account on GitHub.

In this article, we delve into the top 10 facts about the MOVEit breach, shedding light on its magnitude, the perpetrators behind it, and...

Explore the advantages of column-level encryption and understand database encryption methods and related security implications.

BabelInkCrypt is an open-source project that combines encryption, library of babel, and video making to create a secure infinite storage system. - GitHub - youneshlal7/BabelInkCrypt: BabelInkCrypt ...

Simple PoC for demonstrating Race Conditions on Websockets - GitHub - redrays-io/WS_RaceCondition_PoC: Simple PoC for demonstrating Race Conditions on Websockets

GitHub Actions worm compromises GitHub repositories via action dependencies in a novel attack vector allowing attackers to distribute malware across repositories, research shows.

A set of memory corruption vulnerabilities in the ncurses library could have allowed attackers to chain the vulnerabilities to elevate privileges and run code in the targeted program's context or perform other malicious actions.

Charles Web Debugging Proxy - Official Site

Meta’s Native Assurance team regularly performs manual code reviews as part of our ongoing commitment to improve the security posture of Meta’s products.  In 2021, we discovered a vulnerability in …

Explore cybersecurity white papers, data sheets, webinars, videos, informative blogs, and more with SecurityScorecard.

Tim Perry recently claimed in an article that “Android 14 blocks all modification of system certificates, even as root”. This sparked significant discussion on Hacker News. Thankfully my tests show that it is still possible to adjust the system certificate…

Retrieve inner payloads from Donut samples. Contribute to volexity/donut-decryptor development by creating an account on GitHub.

The "Common Vulnerabilities and
Exposures" (CVE) system was launched late
in the previous century (September 1999) to track vulnerabilities in
software. Over the years since, it has had a somewhat checkered
reputation, along with some some attempts to
replace…

Explore the vital role of quality assurance (QA/QC) backend processes in cryptocurrency exchanges ensuring quality and reliability.

Explore OpenAPI security best practices. Learn the key methods and how they're implemented. See how liblab enhances SDK creation.