Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
thumbnail Blog: Zen and the Art of Microcode Hacking
thumbnail CVE-2022-31631: High-Risk PHP Vulnerability Demands Immediate Patch
thumbnail Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2025-21293)
thumbnail PoC Exploit Released for macOS Kernel Vulnerability CVE-2025-24118 (CVSS 9.8)
thumbnail Live Chat Blog #2: Cisco Webex Connect - Access to millions of chats histories
thumbnail Government and university websites targeted in ScriptAPI[.]dev client-side attack - c/side
thumbnail Under the cloak of UEFI Secure Boot: Introducing CVE-2024-7344
thumbnail Microsoft: macOS bug lets hackers install malicious kernel drivers
thumbnail Industrial networking manufacturer Moxa reports 'critical' router bugs
thumbnail SonicWall urges admins to patch exploitable SSLVPN bug immediately
thumbnail BrazenBamboo Weaponizes FortiClient Vulnerability to Steal VPN Credentials via DEEPDATA
thumbnail zizmor would have caught the Ultralytics workflow vulnerability
thumbnail CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster - Rhino Security Labs
thumbnail Windows Server 2012 Mark of the Web Vulnerability (0day) - and Free Micropatches for it
thumbnail 7-Zip flaw enables code smuggling with manipulated archives
thumbnail Exploit attempts for unpatched Citrix vulnerability
thumbnail Zero-Click Flaw Exposes Potentially Millions of Popular Storage Devices to Attack
thumbnail Attacker Abuses Victim Resources to Reap Rewards from Titan Network
thumbnail Hackers exploit Roundcube webmail flaw to steal email, credentials
thumbnail Jetpack fixes critical information disclosure flaw existing since 2016
thumbnail Critical flaw in NVIDIA Container Toolkit allows full host takeover
thumbnail Wiz Research Finds Critical NVIDIA AI Vulnerability Affecting Containers Using NVIDIA GPUs, Including Over 35% of Cloud Environments | Wiz Blog
thumbnail Progress LoadMaster vulnerable to 10/10 severity RCE flaw
thumbnail D-Link says it is not fixing four RCE flaws in DIR-846W routers
thumbnail Veeam warns of critical RCE flaw in Backup & Replication software
thumbnail The gift that keeps on giving: A new opportunistic Log4j campaign
thumbnail Windows driver zero-day exploited by Lazarus hackers to install rootkit
thumbnail SolarWinds fixes critical RCE bug affecting all Web Help Desk versions
thumbnail Critical SAP flaw allows remote attackers to bypass authentication
thumbnail Compromising Microsoft's AI Healthcare Chatbot Service
thumbnail New AMD SinkClose flaw helps install nearly undetectable malware
thumbnail ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections
thumbnail Telegram zero-day allowed sending malicious Android APKs as videos
thumbnail Critical Exim bug bypasses security filters on 1.5 million mail servers
thumbnail New Blast-RADIUS attack breaks 30-year-old protocol used in networks everywhere
thumbnail CVE-2024-38021: Moniker RCE Vulnerability Uncovered in Microsoft Outlook
thumbnail Hackers target WordPress calendar plugin used by 150,000 sites
thumbnail New Intel CPU Vulnerability 'Indirector' Exposes Sensitive Data
thumbnail RoguePuppet – A Critical Puppet Forge Supply Chain Vulnerability
thumbnail Critical GitLab bug lets attackers run pipelines as any user
thumbnail Critical SQLi Vulnerability Found in Fortra FileCatalyst Workflow Application
thumbnail UEFIcanhazbufferoverflow: Widespread Impact from Vulnerability in Popular PC and Server Firmware
thumbnail Facebook PrestaShop module exploited to steal credit cards
thumbnail Zero-Click Critical Microsoft Outlook Vulnerability. What You Need to Know.
thumbnail Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers
thumbnail Black Basta ransomware gang linked to Windows zero-day attacks
thumbnail Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs
thumbnail Vulnerability in Cisco Webex cloud service exposed government authorities, companies
thumbnail Zero Day Initiative — CVE-2024-30043: Abusing URL Parsing Confusion to Exploit XXE on SharePoint Server and Cloud
thumbnail TeamCity Major Bug-Fix Release for All Versions: Update Your Server Now | The TeamCity Blog
thumbnail Cache Me If You Can: Local Privilege Escalation in Zscaler Client Connector (CVE-2023-41973)
thumbnail QNAPping At The Wheel (CVE-2024-27130 and friends)
thumbnail PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers
thumbnail WP Automatic WordPress plugin hit by millions of SQL injection attacks
thumbnail Unauthenticated function injection vulnerability in WordPress Shortcode Addons plugin (unpatched). – NinTechNet
thumbnail Vulnerabilities Identified in LG WebOS
thumbnail Over 92,000 exposed D-Link NAS devices have a backdoor account
thumbnail Bringing process injection into view(s): exploiting all macOS apps using nib files · Sector 7
thumbnail New HTTP/2 DoS attack can crash web servers with a single connection
thumbnail Google fixes two Pixel zero-day flaws exploited by forensics firms
thumbnail Ivanti fixes critical Standalone Sentry bug reported by NATO
thumbnail Loop DoS: New Denial-of-Service attack targets application-layer protocols
thumbnail 'GhostRace' Speculative Execution Attack Impacts All CPU, OS Vendors
thumbnail JetBrains vulnerability exploitation highlights debate over 'silent patching'
thumbnail Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities
thumbnail Lazarus and the FudModule Rootkit: Beyond BYOVD with an Admin-to-Kernel Zero-Day - Avast Threat Labs
thumbnail ConnectWise ScreenConnect: Authentication Bypass Deep Dive
thumbnail ESET fixed high-severity local privilege escalation bug in Windows products
thumbnail Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor
thumbnail Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure
thumbnail Leaky Vessels flaws allow hackers to escape Docker, runc containers
thumbnail Apple fixes zero-day bug in Apple Vision Pro that 'may have been exploited'
thumbnail Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines
thumbnail Over 5,300 GitLab servers exposed to zero-click account takeover attacks
thumbnail Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows
thumbnail Beware! YouTube Videos Promoting Cracked Software Distribute Lumma Stealer
thumbnail CVE-2024-21591 - Juniper J-Web OOB Write vulnerability
thumbnail Qualcomm chip vulnerability enables remote attack by voice call
thumbnail Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances
thumbnail Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware
thumbnail Unveiling VISS: a revolutionary approach to vulnerability impact scoring
thumbnail Terrapin attacks can downgrade security of OpenSSH connections
thumbnail QNAP VioStor NVR vulnerability actively exploited by malware botnet
thumbnail Exploiting GOG Galaxy XPC service for privilege escalation in macOS
thumbnail Imperva Uncovers CVE-2023-22524, A RCE Vulnerability
thumbnail GitHub - yunuscadirci/DIALStranger: details about DIAL protocol vulnerabilities
thumbnail In a first, cryptographic keys protecting SSH connections stolen in new attack | Ars Technica
thumbnail CVE-2023-38548
thumbnail SysAid On-Prem Software CVE-2023-47246 Vulnerability
thumbnail Common Vulnerability Scoring System
thumbnail FIRST Announces CVSS 4.0 - New Vulnerability Scoring System
thumbnail HackerOne paid ethical hackers over $300 million in bug bounties
thumbnail Compromising F5 BIGIP with Request Smuggling | CVE-2023-46747
thumbnail VMSA-2023-0023
thumbnail CVE-2023-4911: Looney Tunables - Local Privilege Escalation in the glibc’s ld.so
thumbnail Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers
thumbnail Vulnerability in popular ‘libwebp’ code more widespread than expected
thumbnail Can't Be Contained: Finding a Command Injection Vulnerability in Kubernetes
thumbnail CVE-2023-34127
thumbnail New ‘Downfall’ Flaw Exposes Valuable Data in Generations of Intel Chips
thumbnail CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability | Rapid7 Blog
thumbnail Ivanti warns of second vulnerability used in attacks on Norway gov’t
thumbnail Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws
thumbnail CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent
thumbnail KeePassXC Vulnerability CVE-2023-35866 allows attackers to change the master password and second-factor authentication settings
thumbnail A simple bug exposed access to thousands of smart security alarm systems
thumbnail CVE-2023-34362: MOVEit Transfer SQL Injection Vulnerability Threat Brief
thumbnail Rapid7 Observed Exploitation of Critical MOVEit Transfer Vulnerability
thumbnail New macOS vulnerability, Migraine, could bypass System Integrity Protection | Microsoft Security Blog
thumbnail Zero-Day Vulnerability in MOVEit Transfer Exploited for Data Theft
thumbnail WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers
thumbnail The Race to Patch: Attackers Leverage Sample Exploit Code in Wordpress Plugin | Akamai
thumbnail oss-sec: [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory
thumbnail WordPress Advanced Custom Fields Pro plugin <= 6.1.5 - Reflected Cross Site Scripting (XSS) vulnerability
thumbnail VMware Patches Critical Vulnerability Disclosed at Pwn2Own Hacking Contest
thumbnail Analysis of Pre-Auth RCE in Sophos Web Appliance (CVE-2023-1671)
thumbnail Google Chrome emergency update fixes first zero-day of 2023
thumbnail CVE-2023-27532
thumbnail PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)
thumbnail Technical Advisory: Various Threat Actors Targeting ManageEngine Exploit CVE-2022-47966
thumbnail OpenSSL fixes High Severity data-stealing bug – patch now!
thumbnail Apple patches are out – old iPhones get an old zero-day fix at last!
thumbnail New GTA Online exploit now allows cheaters to ban your account
thumbnail Jenkins discloses dozens of zero-day bugs in multiple plugins
thumbnail Hacker claims to be selling Twitter data of 400 million users
thumbnail Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems
thumbnail CVE-2022-21661: Exposing Database Info via WordPress SQL Injection
thumbnail Google pushes emergency Chrome update to fix 8th zero-day in 2022
thumbnail Firefox fixes fullscreen fakery flaw – get the update now! – Naked Security
thumbnail Compromising Plesk via its REST API
thumbnail Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049)
thumbnail Mirai, RAR1Ransom, and GuardMiner – Multiple Malware Campaigns Target VMware Vulnerability
thumbnail Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1
thumbnail Jamf Threat Labs identifies macOS Archive Utility vulnerability allowing for Gatekeeper bypass (CVE-2022-32910)
thumbnail CVE-2022-41352
thumbnail Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server
thumbnail Unpatched 15-year old Python bug allows code execution in 350k projects
thumbnail Tarfile: Exploiting the World With a 15-Year-Old Vulnerability
thumbnail PSA: Nearly 5 Million Attacks Blocked Targeting 0-Day in BackupBuddy Plugin
thumbnail Researchers found one-click exploits in Discord and Teams
thumbnail [CVE-2022-34918] A crack in the Linux firewall
thumbnail Zimbra Email - Stealing Clear-Text Credentials via Memcache injection
thumbnail Vulnerability discovered in Apple M1 chip
thumbnail Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)
thumbnail Exploiting an Unbounded memcpy in Parallels Desktop
thumbnail Zyxel silently patches command-injection vulnerability with 9.8 severity rating
thumbnail Vulnerability Analysis - CVE-2022-1388
thumbnail Nozomi Networks Discovers Unpatched DNS Bug in Popular C Standard Library Putting IoT at Risk
thumbnail Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
thumbnail Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn
thumbnail Git security vulnerability announced
thumbnail CVE-2022-22965 Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware
thumbnail PROPHET SPIDER Exploits Citrix ShareFile
thumbnail Armis Finds Three Critical Zero-Day Vulnerabilities in APC Smart-UPS Devices, Dubbed "TLStorm," Exposing More than 20 Million Enterprise Devices
thumbnail New Linux Vulnerability CVE-2022-0492 Affecting Cgroups: Can Containers Escape?