Coordinated disclosure writeup about multiple vulnerabilities in RIOT OS (CVE-2024-31225, CVE-2024-32017, CVE-2024-32018, and more).

We discovered a fundamental design problem in VPNs and we're calling it TunnelVision. This problem lets someone see what you're doing online, even if you think you're safely using a VPN.

This blog post is a part of a series about our research toward the next generation of the SecureDrop whistleblowing …

An app for scaring away malware

Demo of our DIY USB Dead Man Switch (prototype) with a 3D-Printable Case triggering a lockscreen when the kill-cord's connection is severed.

Explore a website's internal links, then visualize those connections as a network graph with scorecards and analysis using Claude AI. - devbret/website-internal-links

Discover key insights and trends from experts at the 2024 BelkaDay Asia conference

In reverse engineering a closed-source binary using Ghidra or other software reverse engineering frameworks, a key objective is to…

ipapi.is offers precise IP data via a user-friendly API, encompassing geolocation, ASN data, hosting detection, VPN detection, and proxy detection.

Secure your enterprise against tomorrow's threats, today. Protect users, applications and data anywhere with intelligent network security from Palo Alto Networks.

Microsoft Graph API post-exploitation toolkit. Contribute to mlcsec/SharpGraphView development by creating an account on GitHub.

How exploratory testing helps in driving the success factor of security testing

Money, secrets and mass exploitation: This research unveils a quarry of sensitive data stored in public AMIs. Digging through each AMI we managed to collect 500 GB of credentials, private repositor…

Fortinet's FortiGuard Labs researchers have uncovered a zEus stealer malware dissemination method involving a crafted Minecraft source pack.

Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding and patching an APK. - ax/apk.sh

At Assetnote, we encounter sites running NextJS extremely often; in this blog post we will detail some common misconfigurations we find in NextJS websites, along with a vulnerability we found in the framework.