Extraordinary Vulnerabilities Discovered in TCL Android TVs, Now World’s 3rd Largest TV Manufacturer.
Every FireFox extensions disabled due to expiration of intermediate signing cert
CVE-2020-10148 SolarWinds Orion API authentication bypass allows remote comand execution
Disclosing TOR users' real IP address through 301 HTTP Redirect Cache Poisoning
Extract PGP secret keys from Gnuk / Nitrokey Start firmwares
Google introduces OpenSk, an Open Source security key implementation
Large European Routing Leak Sends Traffic Through China Telecom
Analysis of new malware targeting Kubernetes (Hildegard)
Netgear 0-day Vulnerability Analysis and Exploit for 79 devices and 758 firmware images
Unknown rogue device used to defraud Amazon account twice, bypassing all security features - device in question is completely invisible to both account holder and customer support - from /r/sysadmin
CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability
Announcing the Open Sourcing of Paranoid's Library - Detect well-known weaknesses in large amounts of crypto artifacts, like public keys and digital signatures
CVE-2022-36123 - Linux kernel <5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service, or gain privileges.
Vulnerability in check-spelling GitHub Actions community workflow could have allowed malicious code to be introduced to repos from Microsoft, Jekyll, NASA and PowerDNS
CVE-2021-29922 – rust standard library “net” – Improper Input Validation of octal literals in rust 1.52 and below. (See comments for CVE-2021-29923 golang)
A new era of php webshells and privesc. Bantam A PHP backdoor management and generation tool featuring end to end encrypted payload streaming designed to bypass WAF, IDS, SIEM systems.
Unknown rogue device used to defraud Amazon account twice, bypassing all security features - device in question is completely invisible to both account holder and customer support - from /r/sysadmin