A technical blog

CVE-2023-43641 is a vulnerability in libcue, which can lead to code execution by downloading a file on GNOME.

author : pad, x.com/123456 i just stumbled into a skiptracing/ssn doxing service on fiverr wow and it inspired me to write a second post on doxing that is relevant in 2023. the skiptracing/ssn platform in question on fiverr is called tloxp - a tool used by…

Review the list of features that Microsoft is no longer actively developing in Windows 10 and Windows 11.

ipapi.is offers precise IP data via a user-friendly API, encompassing geolocation, ASN data, hosting detection, VPN detection, and proxy detection.

The Wi-Fi network scanning functionality of the D-Link DAP-X1860 range extender is susceptible to remote command injection. Attackers who create a Wi-Fi network with a crafted SSID in range of the extender can run shell commands during the setup process or…

Shifting organisations from traditional point-in-time security assessments to a holistic view of overall security requires an innovative approach to cyber security assessments.

Air Europa leaks credit card information and advices passengers to call their banks and cancel payment cards.

Update your NGINX configuration to mitigate a possible denial-of-service attack implemented on the server-side portion of the HTTP/2 specification.

Get the latest news on how products at Cloudflare are built, technologies used, and join the teams helping to build a better Internet.

New research into an (legacy) extension for Microsoft Endpoint Configuration Manager/SCCM/ConfigMgr reveal new attack paths for Active Directory domain compromise or elevation of privileges.

Google Cloud stopped the largest known DDoS attack to date, which exploited HTTP/2 stream multiplexing using the new “Rapid Reset” technique.

Malware packages found on PyPI stealing cloud credentials from unsuspecting developers.

ipapi.is offers precise IP data via a user-friendly API, encompassing geolocation, ASN data, hosting detection, VPN detection, and proxy detection.

Posted by sanitybit - 42 votes and no comments

Posted by Vegetable_Machine_45 - 108 votes and 27 comments

A detailed repository of vulnerabilities that I discovered in The Squid Caching Proxy.

Microsoft recently found and patched a vulnerability in the Microsoft Kernel streaming service. Learn more here.

Ghostnoscript is the backbone of document processing for a lot of web apps and programs. If you have never heard of Ghostnoscript yet, you still have very likely already used it a lot through various programs such as PDF viewers, office suites or …

Hacking the Cosmos SDK via the watchdog process manager Cosmovisor.