Vulnerabilities in wireless chip designs could allow malicious hackers to steal data and passwords from devices, according to security researchers. According to the group, from the Technical University...
A vulnerability in Jamf Pro, a popular mobile device management (MDM) platform for Apple devices, allowed attackers to stage server-side request forgery (SSRF) attacks on the application’s servers,...
Security researchers have detailed how backdoors can be concealed within JavaScript by Unicode characters that are either invisible or readily confused with other characters. As a result, they...
A new attack technique has been demonstrated that is capable of widespread WiFi cracking. CyberArk security researcher Ido Hoorvitch said that properties in urban areas often...
The maintainers of Node.js have patched two HTTP request smuggling (HRS) vulnerabilities in the JavaScript runtime environment, including one found using what appears to be a new HRS...
Security researchers have disclosed a HTTP request smuggling vulnerability in HAProxy, the popular open source load balancer. Users of HAProxy, which ships with most mainstream Linux distributions...
The underrated threat of related-domain attacks can enable malicious actors to circumvent many advanced website protection mechanisms, a group of researchers at the Technical University of...
A security researcher has launched Filesec.io, a wiki-style repository of file extensions that can be used for malicious purposes. The inspiration, says ‘mr.d0x’, came during a work...
A security researcher has penned a deep dive on bypassing lexical parsers with special HTML tags that leverage HTML parsing logic to ultimately execute arbitrary JavaScript code. Chris...
The increased sophistication of voice-enabled smart speakers, combined with the rise of online meeting technologies such as Zoom has created an increasing and often overlooked IoT...
Recent Comments