Can't trust any VPN these days
https://ift.tt/yIdkF5p
Submitted October 30, 2024 at 09:03PM by sadyetfly11
via reddit https://ift.tt/Dt3oMjq
https://ift.tt/yIdkF5p
Submitted October 30, 2024 at 09:03PM by sadyetfly11
via reddit https://ift.tt/Dt3oMjq
blog.orhun.dev
Can't trust any VPN these days - Orhun's Blog
FOSS • Linux • Programming
Give Me the Green Light Part 2: Dirty Little Secrets
https://ift.tt/SkOFpr7
Submitted October 30, 2024 at 11:52PM by towtoo893
via reddit https://ift.tt/vV7LhF9
https://ift.tt/SkOFpr7
Submitted October 30, 2024 at 11:52PM by towtoo893
via reddit https://ift.tt/vV7LhF9
Red Threat
Give Me the Green Light Part 2: Dirty Little Secrets — Red Threat
A peek behind the curtain and an introduction to the protocol the Traffic Industry doesn’t want you to know about.
Exploiting a Blind Format String Vulnerability in Modern Binaries: A Case Study from Pwn2Own Ireland 2024
https://ift.tt/UpePiMN
Submitted October 30, 2024 at 11:47PM by vrebtimaj
via reddit https://ift.tt/U30dwxT
https://ift.tt/UpePiMN
Submitted October 30, 2024 at 11:47PM by vrebtimaj
via reddit https://ift.tt/U30dwxT
Synacktiv
Exploiting a Blind Format String Vulnerability in Modern Binaries: A Case Study from Pwn2Own Ireland 2024
Paranoids’ Vulnerability Research: NetIQ iManager Security Alerts | Paranoids | Yahoo Inc.
https://ift.tt/XjBPKmf
Submitted October 31, 2024 at 01:00AM by jrozner
via reddit https://ift.tt/7HypY8Q
https://ift.tt/XjBPKmf
Submitted October 31, 2024 at 01:00AM by jrozner
via reddit https://ift.tt/7HypY8Q
Yahooinc
Paranoids’ Vulnerability Research: NetIQ iManager Security Alerts | Paranoids | Yahoo Inc.
Stay informed on the latest security threats with Yahoo Inc.'s Paranoids Vulnerability Research. Protect your business with NetIQ iManager security alerts.
EMERALDWHALE: 15k Cloud Credentials Stolen in Operation Targeting Exposed Git Config Files
https://ift.tt/esPOzW5
Submitted October 31, 2024 at 06:13AM by alt69785
via reddit https://ift.tt/6RKqWlj
https://ift.tt/esPOzW5
Submitted October 31, 2024 at 06:13AM by alt69785
via reddit https://ift.tt/6RKqWlj
Sysdig
EMERALDWHALE: 15k Cloud credentials stolen in operation targeting exposed Git config files | Sysdig
EMERALDWHALE is an operation targeting exposed Git configurations, resulting in more than 15,000 cloud service credentials stolen.
“CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack
https://ift.tt/mvEBX9G
Submitted October 31, 2024 at 01:09PM by sadyetfly11
via reddit https://ift.tt/3lzTfYx
https://ift.tt/mvEBX9G
Submitted October 31, 2024 at 01:09PM by sadyetfly11
via reddit https://ift.tt/3lzTfYx
Medium
“CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack
By Nati Tal (Head of Guardio Labs)
Malicious code in Lottie-Player CDN (Supply-Chain)
https://ift.tt/bYRoXuF
Submitted October 31, 2024 at 02:39AM by id3s3c
via reddit https://ift.tt/E2gjYvB
https://ift.tt/bYRoXuF
Submitted October 31, 2024 at 02:39AM by id3s3c
via reddit https://ift.tt/E2gjYvB
GitHub
Malicious code in Lottie-Player CDN files · Issue #254 · LottieFiles/lottie-player
after i use https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js or https://cdn.jsdelivr.net/npm/@lottiefiles/lottie-player@2.0.5/dist/lottie-player.min.js This popup opens on ...
Ollama internet facing servers | New Vulnerabilities in Ollama
https://ift.tt/xiBQ5cP
Submitted October 31, 2024 at 01:00PM by cov_id19
via reddit https://ift.tt/haOcxTl
https://ift.tt/xiBQ5cP
Submitted October 31, 2024 at 01:00PM by cov_id19
via reddit https://ift.tt/haOcxTl
www.oligo.security
More Models, More ProbLLMs: New Vulnerabilities in Ollama | Oligo Security
Oligo’s research team recently uncovered 6 vulnerabilities in Ollama, one of the leading open-source frameworks for running AI models. Four of the flaws received CVEs and were patched in a recent version, while two were disputed by the application’s maintainers…
Understanding RedLine Stealer: The Trojan Targeting Your Data
https://ift.tt/rqSbVjZ
Submitted October 31, 2024 at 12:52PM by rimdig219
via reddit https://ift.tt/WcyK2gl
https://ift.tt/rqSbVjZ
Submitted October 31, 2024 at 12:52PM by rimdig219
via reddit https://ift.tt/WcyK2gl
Malware Analysis, Phishing, and Email Scams
Understanding RedLine Stealer: The Trojan Targeting Your Data
In the ever-evolving landscape of cybersecurity threats, one name has increasingly become synonymous with stealth and precision: RedLine Stealer. This malicious software, often referred to as a Tro…
File Transfer Cheatsheet: Windows and Linux
https://ift.tt/Y9zTfEy
Submitted October 31, 2024 at 08:30PM by Justin_coco
via reddit https://ift.tt/fik7ZCY
https://ift.tt/Y9zTfEy
Submitted October 31, 2024 at 08:30PM by Justin_coco
via reddit https://ift.tt/fik7ZCY
Medium
File Transfer Cheatsheet: Windows and Linux
File transfer is a critical component in post-exploitation, penetration testing, and red teaming. Different environments require specific…
Attackers hiding hostnames on Ethereum Blockchain; Target Puppeteer Users In Typosquat Campaign
https://ift.tt/y8HWSoE
Submitted October 31, 2024 at 08:22PM by louis11
via reddit https://ift.tt/x5C8o9I
https://ift.tt/y8HWSoE
Submitted October 31, 2024 at 08:22PM by louis11
via reddit https://ift.tt/x5C8o9I
Phylum Research | Software Supply Chain Security
Fake Puppeteer Packages Contain Malware
Ongoing supply chain attack targets Puppeteer users with malicious npm packages.
Multiple Vulnerabilities found in Portainer using CodeQL
https://ift.tt/nibAoOe
Submitted November 01, 2024 at 01:37AM by jat0369
via reddit https://ift.tt/JO4nTxY
https://ift.tt/nibAoOe
Submitted November 01, 2024 at 01:37AM by jat0369
via reddit https://ift.tt/JO4nTxY
Methodology for Leveraging LLMs for 0-day discovery (18+ vulns including on Netflix, Hulu, and Salesforce)
https://ift.tt/2yVh3WX
Submitted November 01, 2024 at 03:54AM by anonjohn1212
via reddit https://ift.tt/xGczMe3
https://ift.tt/2yVh3WX
Submitted November 01, 2024 at 03:54AM by anonjohn1212
via reddit https://ift.tt/xGczMe3
Zeropath
Autonomous Discovery of Critical Zero-Days - ZeroPath Blog
Since July 2024, ZeroPath's tool has uncovered critical zero-day vulnerabilities—including RCE, authentication bypasses, and IDORs—in popular AI platforms and open-source projects. Our approach has identified security flaws in projects owned by Netflix, Salesforce…
An open source version of CyberScarecrow (Malware Scarecrow for your PC)
https://ift.tt/QT7gxJs
Submitted October 31, 2024 at 04:49AM by ThyGreatOof
via reddit https://ift.tt/tBSF4fE
https://ift.tt/QT7gxJs
Submitted October 31, 2024 at 04:49AM by ThyGreatOof
via reddit https://ift.tt/tBSF4fE
GitHub
GitHub - Babyhamsta/Malcrow: A Malware Scarecrow for Windows 10/11 with a user-friendly touch.
A Malware Scarecrow for Windows 10/11 with a user-friendly touch. - Babyhamsta/Malcrow
Running custom code on Alarmo, the Nintendo Sound Clock
https://ift.tt/uJyK5Oe
Submitted October 30, 2024 at 11:20PM by Titokhan
via reddit https://ift.tt/DnTiX9M
https://ift.tt/uJyK5Oe
Submitted October 30, 2024 at 11:20PM by Titokhan
via reddit https://ift.tt/DnTiX9M
Blogspot
Looking into the Nintendo Alarmo
While everyone was waiting on news for the successor of the Nintendo Switch, Nintendo released the Alarmo. A small plastic alarm clock that ...
From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code
https://ift.tt/y9rbczO
Submitted November 02, 2024 at 03:56AM by _vavkamil_
via reddit https://ift.tt/2x0IS8M
https://ift.tt/y9rbczO
Submitted November 02, 2024 at 03:56AM by _vavkamil_
via reddit https://ift.tt/2x0IS8M
Blogspot
From Naptime to Big Sleep: Using Large Language Models To Catch Vulnerabilities In Real-World Code
Posted by the Big Sleep team Introduction In our previous post, Project Naptime: Evaluating Offensive Security Capabilities of Large L...
Can`t buy a jtagualator then build it - DIY build under 75USD - Hello! Welcome to IoT Security Research Group by @iotsrg1
https://ift.tt/3iFJcOw
Submitted November 02, 2024 at 05:43PM by v33ruiot
via reddit https://ift.tt/fn9HXN8
https://ift.tt/3iFJcOw
Submitted November 02, 2024 at 05:43PM by v33ruiot
via reddit https://ift.tt/fn9HXN8
www.iotsrg.org
Can`t buy a jtagualator then build it - DIY build under 75USD - Hello! Welcome to IoT Security Research Group
FAQ recently we faced jtagulator out of stock, do you alternative
🌪️Heads up speakers: TyphoonCon 2025 Call for Papers is now open!
https://ift.tt/9y5cuaZ
Submitted November 03, 2024 at 03:36PM by Straight-Zombie-646
via reddit https://ift.tt/eU7XIfp
https://ift.tt/9y5cuaZ
Submitted November 03, 2024 at 03:36PM by Straight-Zombie-646
via reddit https://ift.tt/eU7XIfp
Introducing lightyear: a new way to dump files in PHP
https://ift.tt/XaFoeMw
Submitted November 04, 2024 at 02:19PM by cfambionics
via reddit https://ift.tt/H8ciTIZ
https://ift.tt/XaFoeMw
Submitted November 04, 2024 at 02:19PM by cfambionics
via reddit https://ift.tt/H8ciTIZ
Ambionics
Introducing lightyear: a new way to dump files in PHP
In this blog post, we describe new techniques to dump files in PHP leveraging filters, and a tool that does it, lightyear.
32 vulnerabilities in IBM Security Verify Access
https://ift.tt/Jv1LT6k
Submitted November 04, 2024 at 02:18PM by albinowax
via reddit https://ift.tt/lxq8o14
https://ift.tt/Jv1LT6k
Submitted November 04, 2024 at 02:18PM by albinowax
via reddit https://ift.tt/lxq8o14
Keycloak V26 release performance test
https://ift.tt/DJMjGtH
Submitted November 04, 2024 at 04:29PM by Cloud-IAM
via reddit https://ift.tt/9KXyBdN
https://ift.tt/DJMjGtH
Submitted November 04, 2024 at 04:29PM by Cloud-IAM
via reddit https://ift.tt/9KXyBdN
Cloud-Iam
Keycloak V26 release
As launched in the v25 version as a feature preview, the sessions are stored in the database. This means that during a migration, from the 25 to 26 migration, you will not lose your sessions anymore.