Red-Team

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

CVE News

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

A recently disclosed vulnerability in the code-projects Online Exam Mastering System 1.0 exposes users to reflected Cross-Site...

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

CVE News

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

A recent security audit has revealed critical vulnerabilities in Moodle, the widely adopted open-source learning management system...

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

CVE News

Analysis of Google Cloud Composer Privilege Escalation Vulnerability (ConfusedComposer)

A recently patched high-severity vulnerability in Google Cloud Platform’s Cloud Composer service, dubbed ConfusedComposer, could have allowed...

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

CVE News

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

The 2025 Verizon Data Breach Investigations Report (DBIR) highlights a concerning 34% year-over-year increase in vulnerability exploitation,...

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

CVE News

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

A critical zero-day remote code execution (RCE) vulnerability in Active! Mail, a widely used Japanese webmail client,...

Siemens TeleControl Server Basic SQL Injection Vulnerabilities: Critical Risks and Mitigations

CVE News

Siemens TeleControl Server Basic SQL Injection Vulnerabilities: Critical Risks and Mitigations

Siemens TeleControl Server Basic (TCSB) has been identified with multiple critical SQL injection vulnerabilities affecting versions prior...

Critical Vulnerabilities in ABB MV Drives: Technical Analysis and Mitigation Strategies

CVE News

Critical Vulnerabilities in ABB MV Drives: Technical Analysis and Mitigation Strategies

ABB’s medium voltage (MV) drives, widely used in industrial automation and critical infrastructure, have been found to...

Cookie-Bite Attack: Chrome Extension Exploit Bypasses MFA in Azure Entra ID

Red-Team

Cookie-Bite Attack: Chrome Extension Exploit Bypasses MFA in Azure Entra ID

A newly documented proof-of-concept attack named “Cookie-Bite” demonstrates how malicious Chrome extensions can hijack browser session cookies...

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

CVE News

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-34028, has been disclosed in Commvault Command Center...

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

CVE News

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

A high-severity vulnerability (CVE-2025-2594) has been identified in the WordPress User Registration & Membership plugin, allowing unauthenticated...

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

CVE News

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

A newly disclosed SQL injection vulnerability (CVE-2025-23176) in Apache Web Server has been rated with a CVSS...

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

CVE News

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

A newly disclosed critical vulnerability in IBM’s Hardware Management Console (HMC) for Power Systems could allow local...

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

CVE News

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

The Cybersecurity and Infrastructure Security Agency (CISA) published five Industrial Control Systems (ICS) advisories on April 22,...

pySimReader: A Python-Based SIM Card Management Tool for Security Professionals

Red-Team

pySimReader: A Python-Based SIM Card Management Tool for Security Professionals

pySimReader is a Python-based utility designed for managing GSM SIM cards, offering functionalities like phonebook and SMS...

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

CVE News

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

A critical buffer overflow vulnerability in Symantec pcAnywhere, identified as CVE-2011-3478, allows unauthenticated attackers to execute arbitrary...

Display Protocol Vulnerabilities: Exploiting EDID, HDMI Side-Channels, and Digital Signage

Red-Team

Display Protocol Vulnerabilities: Exploiting EDID, HDMI Side-Channels, and Digital Signage

Display interfaces like HDMI, DVI, and DisplayPort contain overlooked attack surfaces that security professionals should understand. Research...

ManageWiki SQL Injection Vulnerability (CVE-2025-32956): Analysis and Mitigation

CVE News

ManageWiki SQL Injection Vulnerability (CVE-2025-32956): Analysis and Mitigation

A high-severity SQL injection vulnerability (CVE-2025-32956) has been identified in the ManageWiki MediaWiki extension, affecting versions prior...

Critical Buffer Overflow Vulnerability in H3C GR-3000AX Routers (CVE-2025-3854)

CVE News

Critical Buffer Overflow Vulnerability in H3C GR-3000AX Routers (CVE-2025-3854)

A critical buffer overflow vulnerability (CVE-2025-3854) has been identified in H3C GR-3000AX routers running firmware versions up...

Greenshift WordPress Plugin Vulnerability (CVE-2025-3616): Arbitrary File Upload Analysis

CVE News

Greenshift WordPress Plugin Vulnerability (CVE-2025-3616): Arbitrary File Upload Analysis

A critical vulnerability in the Greenshift WordPress plugin (CVE-2025-3616) allows authenticated attackers to upload arbitrary files, potentially...

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

CVE News

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

A critical remote code execution (RCE) vulnerability, designated as CVE-2025-29659, has been identified in the Yi IoT...

Posts pagination

Previous 1 … 4 5 6 7 8 9 10 … 14 Next

Red-Team

Reflected XSS Vulnerability in code-projects Online Exam Mastering System 1.0

Critical Moodle Vulnerabilities Expose Learning Systems to SSRF and Privilege Escalation

2025 DBIR Analysis: Edge Device Vulnerabilities and Remediation Trends

Active! Mail Zero-Day RCE Exploited in Attacks Against Japanese Organizations

Siemens TeleControl Server Basic SQL Injection Vulnerabilities: Critical Risks and Mitigations

Critical Vulnerabilities in ABB MV Drives: Technical Analysis and Mitigation Strategies

Cookie-Bite Attack: Chrome Extension Exploit Bypasses MFA in Azure Entra ID

Critical RCE Vulnerability in Commvault Command Center (CVE-2025-34028)

CVE-2025-2594: Critical Authentication Bypass in WordPress User Registration & Membership Plugin

Apache Web Server SQL Injection Vulnerability (CVE-2025-23176): Technical Analysis and Mitigation

Critical IBM Hardware Management Console Vulnerability Allows Local Command Execution (CVE-2025-1950)

CISA Issues Five Critical ICS Advisories Covering Siemens, Schneider Electric, and ABB Systems

pySimReader: A Python-Based SIM Card Management Tool for Security Professionals

Critical Symantec pcAnywhere Remote Code Execution Vulnerability (CVE-2011-3478)

Display Protocol Vulnerabilities: Exploiting EDID, HDMI Side-Channels, and Digital Signage

ManageWiki SQL Injection Vulnerability (CVE-2025-32956): Analysis and Mitigation

Critical Buffer Overflow Vulnerability in H3C GR-3000AX Routers (CVE-2025-3854)

Greenshift WordPress Plugin Vulnerability (CVE-2025-3616): Arbitrary File Upload Analysis

Critical RCE Vulnerability in Yi IoT XY-3820 (CVE-2025-29659): Technical Analysis and Mitigation

You may have missed

Russia’s Throttling of Cloudflare: Technical Impact and Security Implications

Livestreamed Child Exploitation: Technical and Legal Implications of a Disturbing Case

UNFI Cyberattack: Supply Chain Disruption and Recovery Analysis

Hawaiian Airlines Cyberattack: IT Systems Compromised, Flight Operations Unaffected