Russia is one of the world’s most prolific cyber actors and dedicate significant resource into conducting cyber operations around the globe. The UK government has publicly attributed malign cyber activity to parts of three Russian Intelligence services: the…

Legit Security | Uncovering 'AIJacking': How Attackers Exploit Hugging Face for AI Supply Chain Attacks - A Deep Dive into Vulnerabilities and Risks.

SkySafe Miscellaneous Reverse Engineering Blog. Contribute to skysafe/reblog development by creating an account on GitHub.

Industrial Control System spillover is a thing...

Learn Basic Concepts of Linux. Best site to learn Linux from beginner to Advanced.

How to abuse AWS Organizations' default behavior and lateral movement capabilities.

Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files - boringtools/git-alerts

We introduce a tool that uses PHP filters to wrap PHP resources in an arbitrary prefix and suffix.

Rhysida is a new player in the Ransomware space, first appearing in May 2023, and has been targeting industries all across the globe. In recent months, Rhysida has run campaigns compromising and extorting organizations from the government, education, healthcare…

In the following blog post, I will introduce you to two techniques similar to NOP-sled or NOP slide, but with the advantage that they are faster. Those techniques are: JMP slide and JCC slide.

Test your knowledge on cyber security and practice for industry recognised certifications.

The first official EMBArk release is out now!




Everything started as an idea in the beginning of 2021. The idea was to build an enterprise ready open source firmware analysis environment on top ...

Rhino Security Labs identified 8 new CVEs in the Silverpeas Core application.

CVE-2023-22518 is a zero-day vulnerability found in Confluence Data Center, a self-managed solution known for providing organizations with best practices for collaboration. This vulnerability was...

iPhone: millions of users are threatened by a huge flaw January 17, 2022 by CA18 iPhones are not completely immune to malware and security vulnerabilities. The only advantage iPhone users have over competing Android smartphones is that Apple knows its devices…

Overview Credential harvesting, also known as credential theft or credential stealing, refers to the collection sensitive authentication information from individuals or systems. The goal of credent…

Rhysida Ransomware analysis - A painful sting to Insomniac Games Hack

Our Clean Code solution SonarCloud discovered multiple vulnerabilities leading to remote code execution on pfSense CE 2.7.0. Let's see how SonarCloud found them and how it can keep your code clean.