Red-Team

Pulsegram: A Telegram-Integrated Keylogger for Security Testing

Red-Team

Pulsegram: A Telegram-Integrated Keylogger for Security Testing

Pulsegram is a Python-based keylogger integrated with a Telegram bot, designed for capturing keystrokes, clipboard content, and...

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

CVE News

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload...

The Evolution of Bug Hunting: How AI is Reshaping Vulnerability Discovery

Bug Bounties & Responsible Disclosure

The Evolution of Bug Hunting: How AI is Reshaping Vulnerability Discovery

Bug hunting has transformed from a niche activity into a professionalized field where security researchers earn substantial...

SberTech Expands Bug Bounty Program on BI.ZONE Platform, Increases Rewards to 200K RUB

Bug Bounties & Responsible Disclosure

SberTech Expands Bug Bounty Program on BI.ZONE Platform, Increases Rewards to 200K RUB

SberTech, a Russian software developer under the Sber ecosystem, has expanded its public bug bounty program on...

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

CVE News

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

A critical vulnerability (CVE-2025-34491) in GFI MailEssentials enables authenticated attackers to execute arbitrary code through .NET deserialization...

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

CVE News

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

A critical vulnerability (CVE-2025-46661) has been identified in IPW Systems Metazo versions up to 8.1.3, allowing unauthenticated...

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

CVE News

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

A critical stack-based buffer overflow vulnerability (CVE-2025-4007) has been identified in Tenda W12 and i24 routers, affecting...

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CVE News

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

A critical vulnerability (CVE-2015-2079) in Usermin, a web-based administration tool, allows authenticated attackers to execute arbitrary code...

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

CVE News

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with three...

Obfuscation Techniques in Cybersecurity: How Attackers Evade Detection

Red-Team

Obfuscation Techniques in Cybersecurity: How Attackers Evade Detection

Obfuscation remains a critical tool for attackers aiming to conceal malicious code from defenders. By deliberately complicating...

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

CVE News

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

A newly disclosed vulnerability in Apple’s iOS operating system (CVE-2025-24091) allows malicious applications to trigger an irreversible...

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

CVE News

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Security researchers at Shelltrail have identified three critical vulnerabilities in the IXON VPN client that could allow...

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

CVE News

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

A critical path traversal vulnerability (CVE-2025-26692) affecting SIOS Technology’s Quick Agent (V2 and V3) has been disclosed,...

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

CVE News

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

A critical buffer overflow vulnerability (CVE-2025-3991) has been identified in TOTOLINK N150RT routers running firmware version 3.4.0-B20190525....

Forensic Analysis of PNG Steganography Using pngdump.py

Red-Team

Forensic Analysis of PNG Steganography Using pngdump.py

Steganography remains a persistent threat vector in cybersecurity, with attackers increasingly embedding malicious payloads within seemingly benign...

Widespread Jailbreak Vulnerabilities in Generative AI Models: Technical Analysis and Mitigations

Red-Team

Widespread Jailbreak Vulnerabilities in Generative AI Models: Technical Analysis and Mitigations

Two newly discovered systemic jailbreak vulnerabilities have exposed critical weaknesses in generative AI models from major providers,...

Windows “inetpub” Security Fix Exploited to Block Future Updates: Technical Analysis

CVE News

Windows “inetpub” Security Fix Exploited to Block Future Updates: Technical Analysis

A recent Windows security update designed to mitigate a privilege escalation vulnerability has inadvertently introduced a new...

Moodle EQUELLA Remote Code Execution Vulnerability (CVE-2025-3642): Analysis and Mitigation

CVE News

Moodle EQUELLA Remote Code Execution Vulnerability (CVE-2025-3642): Analysis and Mitigation

A high-severity remote code execution (RCE) vulnerability (CVE-2025-3642) has been identified in Moodle’s EQUELLA repository integration, posing...

ScreenConnect ASP.NET ViewState Code Injection Vulnerability (CVE-2025-3935): Analysis and Mitigation

CVE News

ScreenConnect ASP.NET ViewState Code Injection Vulnerability (CVE-2025-3935): Analysis and Mitigation

A high-severity vulnerability (CVE-2025-3935) affecting ScreenConnect versions 25.2.3 and earlier has been disclosed, involving ASP.NET ViewState code...

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

CVE News

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

Google Chrome recently faced two critical use-after-free (UAF) vulnerabilities that were actively exploited in the wild before...

Posts pagination

Previous 1 … 3 4 5 6 7 8 9 … 16 Next

Red-Team

Pulsegram: A Telegram-Integrated Keylogger for Security Testing

Critical SAP NetWeaver Vulnerability (CVE-2025-31324): Exploitation and Mitigation

The Evolution of Bug Hunting: How AI is Reshaping Vulnerability Discovery

SberTech Expands Bug Bounty Program on BI.ZONE Platform, Increases Rewards to 200K RUB

GFI MailEssentials .NET Deserialization Vulnerability (CVE-2025-34491) Allows Remote Code Execution

Critical Server-Side Template Injection Vulnerability in IPW Systems Metazo (CVE-2025-46661)

Tenda W12 and i24 HTTPd Stack-Based Buffer Overflow Vulnerability (CVE-2025-4007): Technical Analysis and Mitigation

CVE-2015-2079: Critical Remote Code Execution Vulnerability in Usermin

CISA Expands Known Exploited Vulnerabilities Catalog with Three Critical Flaws

Obfuscation Techniques in Cybersecurity: How Attackers Evade Detection

Analysis of iOS Darwin Notification Vulnerability: Impact and Mitigation

IXON VPN Client Vulnerabilities: Technical Analysis of Privilege Escalation Flaws

Quick Agent Path Traversal Vulnerability (CVE-2025-26692): Analysis and Mitigation

TOTOLINK N150RT Buffer Overflow Vulnerability (CVE-2025-3991): Analysis and Mitigation

Forensic Analysis of PNG Steganography Using pngdump.py

Widespread Jailbreak Vulnerabilities in Generative AI Models: Technical Analysis and Mitigations

Windows “inetpub” Security Fix Exploited to Block Future Updates: Technical Analysis

Moodle EQUELLA Remote Code Execution Vulnerability (CVE-2025-3642): Analysis and Mitigation

ScreenConnect ASP.NET ViewState Code Injection Vulnerability (CVE-2025-3935): Analysis and Mitigation

Analysis of Actively Exploited Chrome UAF Vulnerabilities and Mitigation Strategies

You may have missed

Google Issues Workarounds for ChromeOS Authentication Failures in Enterprise Environments

Microsoft Word’s Cloud-Centric Default: Security Implications and Enterprise Management Challenges

Passwordstate Authentication Bypass: A History of High-Severity Flaws and Hardening

Global Law Enforcement Intensifies Crackdown on Cybercrime Enablers with VerifTools Takedown