GitHub.com’s RSA SSH private key was briefly exposed in a public GitHub repository
submitted by /u/eaglex
iMessage and OpenGraph for Fun and Profit
submitted by /u/nobodyhome5nxc
Veeam Backup and Replication CVE-2023-27532 Deep Dive and Linux POC Exploit
submitted by /u/scopedsecurity
Malicious Actors Use Unicode Support in Python to Evade Detection
submitted by /u/louis11
How to Create a Virtual Hacking Lab: The Ultimate Hacker Setup
submitted by /u/flacao9
Windows Installer EOP (CVE-2023-21800)
submitted by /u/poltess0
Guide: Terraform Security
submitted by /u/MiguelHzBz
Converting string to enum at the cost of 50 GB: let’s analyze the CVE-2020-36620 vulnerability
submitted by /u/Xadartt
Parallels Desktop Toolgate Vulnerability
submitted by /u/poltess0
Attackers are starting to target .NET developers with malicious-code NuGet packages
submitted by /u/n0llbyte
Bitwarden PINs can be brute-forced, a how-to and reason for stronger master passwords.
submitted by /u/AverageCowboyCentaur
Undocumented behavior change in Android 10: mode “w” no longer truncates
submitted by /u/Gallus
Chaos Malware – Persistence and Evasion Techniques
submitted by /u/MiguelHzBz
OpenSIPS Security Audit Report is fully disclosed and out there (VoIP security)
submitted by /u/EnableSecurity
How to Google Dork a Specific Website for Hacking
submitted by /u/josh252
Debugging D-Link: Emulating firmware and hacking hardware
submitted by /u/netsecfriends
NPM request Library SSRF Cross Protocol Redirect Bypass
submitted by /u/nibblesec
CVE-2023-23415 – ICMP Remote Code Execution
submitted by /u/Thrimbor
We need a new way to measure AI security
submitted by /u/yossarian_flew_away
Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability
submitted by /u/Gallus