4 liens privés
Contribute to vdohney/keepass-password-dumper development by creating an account on GitHub.
Hackers are actively exploiting a recently fixed vulnerability in the WordPress Advanced Custom Fields plugin
The loader, which was documented by Morphisec last month, is designed to check the system's graphic card to determine if it's running on a virtual machine or in a sandbox environment, and ultimately launch the Aurora information stealer malware.
The campaign, per Malwarebytes, has claimed 585 victims over the past two months, with the threat
A new Linux NetFilter kernel flaw has been discovered, allowing unprivileged local users to escalate their privileges to root level, allowing complete control over a system.
What is SMBGhost SMBGhost (CVE-2020-0796) is a vulnerability affecting SMB 3.1, and more precisely one of its decompression function. As SMB 3.1 added support for data compression in order to save bandwidth, it added a decompression function presenting an integer overflow resulting in multiple subsequent buffer overflows. Those buffer overflows are exploitable in a way […]
The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to write, update, or delete SQL databases regardless of their permissions.
ollowed by repeatedly spoofing a request to that service with a victim's IP as the source address.
Sophos addressed three vulnerabilities in Sophos Web Appliance, including a critical flaw that can lead to code execution.
Latest Research by our Team
Une version tojanisée du logiciel populaire VOIP/PBX fait actuellement la une de l’actualité : voici les actions menées par les chasseurs et les défenseurs.
A recently patched security vulnerability in the Elementor Pro website builder plugin for WordPress is being exploited.
Un défaut de contrôle des données saisies par l’utilisateur dans OpenSSH permet à un attaquant non authentifié, en envoyant des requêtes spécifiquement forgées, de téléverser sa clé SSH privée
We break down the basic information of CVE-2023-23397, the zero-day, zero-touch vulnerability that was rated 9.8 on the Common Vulnerability Scoring System (CVSS) scale.
In late 2022 and early 2023, Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung Semiconductor.
Yesterday Microsoft dropped a patch for a vulnerability found by @hexnomad@infosec.exchange. It’s a great vuln, in theory allowing code execution over ICMP. It also sounds really scary, as it’s a…