Aggregator

立足取证，服务实战

Full Disclosuremailing list archivesFrom: KoreLogic Disclosures via Fulldisclosu

Invisible authentication mechanisms in Microsoft allow any attacker to escalate from privileged to super-duper privileged in cloud environments, paving the way for complete takeover.

Gambling blockchain Ronin Network suffered a security incident yesterday when white hat hackers exploited an undocumented vulnerability on the Ronin bridge to withdraw 4,000 ETH and 2 million USDC, totaling $12 million. [...]

The SEC concludes its investigation into Progress Software's handling of the widespread exploitation of a MOVEit Transfer zero-day flaw that exposed data of over 95 million people. [...]

CISA and the FBI confirmed today that the Royal ransomware rebranded to BlackSuit and has demanded over $500 million from victims since it emerged more than two years ago. [...]

CISA and the FBI confirmed today that the Royal ransomware rebranded to BlackSuit and has demanded over $500 million from victims since it emerged more than two years ago. [...]

The number of additions to the Known Exploited Vulnerabilities catalog is growing quickly, but even silent changes to already-documented flaws can help security teams prioritize.

Today Matt posted a half-joking twit about the acceptable number of arguments that can be p

In this post, I'm going to show you how to provide more granular and more secure connectivity to and

LAS VEGAS – The head of the leading U.S. cybersecurity agency said it is too early to know whether

Published: 07 August 2024 at 21:32 UTC

error code: 1106

A new self-spreading worm named 'CMoon,' capable of stealing account credentials and other data, has been distributed in Russia since early July 2024 via a compromised gas supply company website. [...]

Researchers warn of flaws in the Roundcube webmail software that could be exploited to steal sensitive information from target accounts. Sonar’s Vulnerability Research Team discovered a critical Cross-Site Scripting (XSS) vulnerability in the popular open-source webmail software Roundcube. Roundcube is included by default in the server hosting panel cPanel which has millions of installations worldwide. […]

Critical XSS bug in Roundcube Webmail allows attackers to steal emails and sensitive dataResea

The hackers behind a notorious ransomware operation that shut down the city of Dallas last year hav

We are rebranding our commercial