GitHub.com’s RSA SSH private key was briefly exposed in a public GitHub repository
submitted by /u/eaglex
iMessage and OpenGraph for Fun and Profit
submitted by /u/nobodyhome5nxc
Veeam Backup and Replication CVE-2023-27532 Deep Dive and Linux POC Exploit
submitted by /u/scopedsecurity
Malicious Actors Use Unicode Support in Python to Evade Detection
submitted by /u/louis11
How to Create a Virtual Hacking Lab: The Ultimate Hacker Setup
submitted by /u/flacao9
Windows Installer EOP (CVE-2023-21800)
submitted by /u/poltess0
Guide: Terraform Security
submitted by /u/MiguelHzBz
Converting string to enum at the cost of 50 GB: let’s analyze the CVE-2020-36620 vulnerability
submitted by /u/Xadartt
Parallels Desktop Toolgate Vulnerability
submitted by /u/poltess0
Attackers are starting to target .NET developers with malicious-code NuGet packages
submitted by /u/n0llbyte
Bitwarden PINs can be brute-forced, a how-to and reason for stronger master passwords.
submitted by /u/AverageCowboyCentaur
Undocumented behavior change in Android 10: mode “w” no longer truncates
submitted by /u/Gallus
Chaos Malware – Persistence and Evasion Techniques
submitted by /u/MiguelHzBz
OpenSIPS Security Audit Report is fully disclosed and out there (VoIP security)
submitted by /u/EnableSecurity
How to Google Dork a Specific Website for Hacking
submitted by /u/josh252
Debugging D-Link: Emulating firmware and hacking hardware
submitted by /u/netsecfriends
NPM request Library SSRF Cross Protocol Redirect Bypass
submitted by /u/nibblesec
CVE-2023-23415 – ICMP Remote Code Execution
submitted by /u/Thrimbor
We need a new way to measure AI security
submitted by /u/yossarian_flew_away
Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability
submitted by /u/Gallus
Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers
Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook vulnerability.
Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal...
OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident
OpenAI on Friday disclosed that a bug in the Redis open source library was responsible for the exposure of other users' personal information and chat titles in the upstart's ChatGPT service earlier this week.
The glitch, which came to light on...
US Charges 20-Year-Old Head of Hacker Site BreachForums
The US Justice Department charged Conor Brian Fitzpatrick, founder of BreachForums, a major underground website for computer hackers.
The post US Charges 20-Year-Old Head of Hacker Site BreachForums appeared first on SecurityWeek.
Dish customers struggle with service disruptions weeks after ransomware attack
Customers complain that they are still having payment issues and are not able to contact customer service weeks after Dish Network suffered a ransomware attack.
CISA announced the Pre-Ransomware Notifications initiative
The US Cybersecurity and Infrastructure Security Agency (CISA) announced the Pre-Ransomware Notifications service to help organizations stop ransomware attacks before damage occurs.
The US Cybersecurity and Infrastructure Security Agency announced a new Pre-Ransomware Notification initiative that aims at alerting organizations of...
