A critical SQL Injection Vulnerability( CVE-2017-8917) with Joomla! 3.7, if you are Joomla user it’s you need to update immediately. Joomla! is a...
The Joomla CMS project released today Joomla 3.7.1 to fix an SQL injection flaw that allows attackers to execute custom SQL code...
Security researchers from Sucuri have found hacked WordPress sites that were altered to secretly siphon off cookies for user and admin accounts...
Just by accessing a folder containing a malicious SCF file, a user will unwittingly share his computer’s login credentials with an attacker...
The heap In this chapter we will look at the heap and malloc in order to answer some of the questions we...
Today, the Shadow Brokers have published a new message teasing new exploits for people who register for a new membership program the...
Identical code ties Friday’s attacks to hacks on Sony Pictures and $1bn bank heist. A researcher has found digital fingerprints that tie...
Short Bytes: WannaCry 2.0 or WannaDecrypt0r 2.0 ransomware is turning out to be one of the biggest security threats of recent times. It...
At the Zero Day Initiative (ZDI), we see patches in a way few do. We get the initial report from a researcher,...
Wcry uses weapons-grade exploit published by the NSA-leaking Shadow Brokers. A highly virulent new strain of self-replicating ransomware shut down computers all...
PHPMailer bug leads to remote code execution via HTTP. Updated The popular Vanilla Forums software needs patching against a remote code execution...
In this blog post we present new trivial vulnerabilities found on OnePlus One/X/2/3/3T OxygenOS & HydrogenOS. They affect the latest versions (4.1.3/3.0)...
Lately I’ve been spending some time fuzzing network-related Linux kernel interfaces with syzkaller. Besides the recently discovered vulnerability in DCCP sockets, I...
The Sednit group, also known as APT28, Fancy Bear and Sofacy, is a group of attackers operating since at least 2004 and...
Researchers have identified a strain of cookie stealing malware injected into a legitimate JavaScript file, that masquerades as a WordPress core domain....
Apple has recently fixed an iCloud Keychain vulnerability that could have been exploited by hackers to steal sensitive data from iCloud users....
Today we are going to take a quick look at a new ransomware called RSAUtil that was discovered by Emsisoft malware researcher xXToffeeXx. RSAUtil is distributed...
Telnet security flaw fix finally lands – or just use SSH, yeah? Cisco has patched a critical security flaw in its switches...
Hikvision, a Chinese manufacturer of video surveillance equipment, recently patched a backdoor in a slew of its cameras that could have made...
Snake, also known as Turla and Uroburos, is backdoor malware that has been around and infecting Windows systems since at least 2008....
Hackers at the Google Project Zero team have discovered another critical Windows RCE vulnerability, the worst Windows RCE in recent memory. Security...