Security researchers have revealed the details of two vulnerabilities in Joomla – the popular content management system – which, if chained together, could be used to achieve full...
GitHub has updated its policy on malware and exploit research to make the platform more accommodating to vulnerability hunters. The policy changes mean that dual-use security research and collaboration...
One year after the launch of their ethical hacking video channel, Ron Chan, ‘FileDescriptor’, and ‘EdOverflow’ tell The Daily Swig about their approach towards inspiring and...
Opera has publicly disclosed six serious vulnerabilities that were discovered in a security audit of Privoxy, the open source web proxy software. Opera, the developer of a Chromium-based...
Two vulnerabilities discovered in Microsoft Azure Functions have been disclosed, although severity of one of the flaws was mitigated by a separate implementation bug. Last week,...
A newly developed plugin allows security analysts and researchers to interact with the Mitre ATT&CK framework without leaving their Visual Studio Code (VSCode) environments. VSCode-ATT&CK, an extension for...
Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it comes to gaining initial access to the victim network. The...
A recently resolved vulnerability in GravCMS created a means for unauthenticated attackers to hijack admin functions on vulnerable content management systems, among other potential exploits. The...
UPDATED A Go package that relays system information to a Chinese IP address was one of several suspicious repositories uncovered during an investigation into typosquatting in the...
A novel alternative to traditional HTTP request smuggling that spotlighted an obsolete, hitherto obscure protocol has been recognized as 2020’s top web hacking technique. Unveiled by Bishop Fox...
Recent Comments