We break down the basic information of CVE-2023-23397, the zero-day, zero-touch vulnerability that was rated 9.8 on the Common Vulnerability Scoring System (CVSS) scale.

In late 2022 and early 2023, Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung Semiconductor.

Yesterday Microsoft dropped a patch for a vulnerability found by @hexnomad@infosec.exchange. It’s a great vuln, in theory allowing code execution over ICMP. It also sounds really scary, as it’s a…

https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-002/

Security researchers have shared technical details for exploiting a critical Microsoft Outlook vulnerability for Windows (CVE-2023-23397) that allows hackers to remotely steal hashed passwords by simply receiving an email.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2023-AVI-0188/#:~:text=De%20multiples%20vuln%E9rabilit%E9s%20ont%20%E9t%E9,de%20la%20politique%20de%20s%E9curit%E9

https://www.cert.ssi.gouv.fr/actualite/CERTFR-2023-ACT-009/

https://www.cert.ssi.gouv.fr/alerte/CERTFR-2023-ALE-015/

Printer exploit chain could be weaponized to fully compromise more than 100 models

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21524

Google on Tuesday announced the open source availability of OSV-Scanner, a scanner that aims to offer easy access to vulnerability information about v

A high-severity RCE security flaw in jsonwebtoken library used by 22,000+ open source projects has been discovered.

https://www.cert.ssi.gouv.fr/avis/CERTFR-2023-AVI-0002/

https://www.cyberveille-sante.gouv.fr/alertes/wordpress-cve-2022-4049-2023-01-03