Overview CVE-2024–23897 is a critical vulnerability discovered in Jenkins, with a high CVSS score of 9.8. This vulnerability allows the attacker to read files in the system through the integrated...

NextChat a.k.a ChatGPT-Next-Web, a popular Gen AI ChatBot, is vulnerable to a critical server-side request forgery (SSRF) vulnerability.

Read about Introduction to LLM Security

CVE-2024-28084 Patched in Inet Wireless Daemon 2.16

A BrainF*ck Inspired Shell Obfuscation Proof-of-Concept - CyberSecurityN00b/shellfeck

In part two of this Team82 series, we examine practical and theoretical attacks against operational technology (OT) through the use of a virtual factory environment. The attacks range in sophistication and present defenders with an opportunity to threat model…

Introduction: In today’s interconnected world, understanding network security is essential. One essential tool in a security professional’s arsenal is a port scanner. You probably thinking …

Kubernetes LAN Party - by Wiz

Meet Asteroid - an AI-powered, multi-terrain hacking robot designed to conduct cybersecurity missions in challenging environments where human involvement is either unfeasible or hazardous.

AI Powered Sensitive Information Detection. Contribute to berylliumsec/eclipse development by creating an account on GitHub.

TL;DR This post will teach you how to patch diff CVE-2024–20696 (and indirectly CVE-2024–20697) from the January 2024 Patch Tuesday.

We're celebrating the World Day Against Cyber Censorship by officially announcing WebTunnel, a new type of Tor bridge designed to assist users in heavily censored regions to connect to the Tor network. Available now in the stable version of Tor Browser.

ScamClub, a notorious threat actor, has shifted its focus towards video malvertising assaults, resulting in a surge in VAST forced redirect volumes since February 11, 2024. According to GeoEdge security research, upwards of a dozen SSPs and DSPs have fallen…

Exploiting and Mitigating Speculative Race Conditions GhostRace: CVE-2024-2193 Race conditions arise when multiple threads attempt to access a shared resource without proper synchronization, often leading to vulnerabilities such as concurrent use-after-free.…

Discover SnoopGod, the open-source security-oriented OS based on Ubuntu. With 800+ pre-installed tools, it

Donex, A new ransomware gang on the scene with a capable Windows based encryptor.

In January we launched new functionality for Attic to detect AiTM attacks targeting the Microsoft 365 tenant of customers. Using the platform of didsomeoneclone.me and custom CSS in the Microsoft l…

Claroty Team82 has built a virtual factory environment in order to help cybersecurity defenders visualize dependencies between components on a factory floor, and also threat model in an industrial setting.