As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities.

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurat...

Before I start, I want to give a shout to the Charles Schwab Threat Intelligence team and our leadership for giving me the opportunity, time, and opinions to give this some legs. As the new Unstructured Hunt lead, this was a thrilling find.

The recent discovery of a backdoor in XZ Utils (CVE-2024-3094) underscores the importance of open-source software security.

Claroty Team82 has analyzed the Fuxnet malware developed by the Blackjack hacking group and used in an cyberattack against Moscow-based Moscollector, a sewage and communication infrastructure company.

Join us for in-depth ethical hacking and cybersecurity tutorials. Get hands-on with step-by-step demonstrations and level up your hacking skills.

Welcome to April 2024.

A depressing year so far - we've seen critical vulnerabilities across a wide range of enterprise software stacks.

In addition, we've seen surreptitious and patient threat actors light our industry on fire with slowly introduced backdoors…

In this blog, we will explore the internals of seccomp, including its architecture, key concepts, and practical applications

Summary IP.Board e-commerce plugin ‘nexus’ contains two security vulnerabilities that when combined can be used to trigger a pre-auth RCE in AdminCP. Credit An independent security researcher, Egidio Romano from Karma(In)Security, working with SSD Secure…

hauditor is a tool designed to analyze the security headers returned by a web page. - trap-bytes/hauditor

evilginx3 + gophish. Contribute to fin3ss3g0d/evilgophish development by creating an account on GitHub.

Cookies – small files created by sites you visit – are fundamental to the modern web. They make your online experience easier by saving bro...

BHI (or Spectre-BHB) is a revival of cross-privilege Spectre-v2 attacks on modern systems deploying in-hardware defenses. And we have a very neat end-to-end exploit leaking arbitrary kernel memory on modern Intel CPUs to prove it

An OSINT / digital forensics tool built in Python. Contribute to 6abd/horus development by creating an account on GitHub.

TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your browser!

Cyber Security Consultancy based in Denmark that specializes in offensive security.

Customized CVE FEED Notifier. Contribute to dark-warlord14/CVENotifier development by creating an account on GitHub.

A security researcher spotted numerous vulnerabilities in the Invision Community software that risked the corresponding e-commerce websites. While the vendors patched one of the two flaws, the other still remains a zero-day despite public disclosure. Multiple

Public disclosure of a vulnerability in AWS Amplify which exposed IAM roles associated with Amplify projects to be assumed by anyone in the world.

Progressing through certifications, developing as a red teamer, breaking into Bug Bounty — many steps along my security journey have been difficult. One of the easiest things I’ve done was breach M…