Exploit

Google’s Quick Share Vulnerabilities Let Attackers Execute Remote Code

By reverse-engineering Quick Share's proprietary communication protocol, researchers uncovered multiple vulnerabilities, including unauthorized file writes, forced Wi-Fi connections, directory traversal,…

5 months ago

Confusion Attacks Vulnerability In Apache HTTP Server Allow Attackers To Gain Root Access Remotely

The Apache HTTP Server relies on hundreds of independently developed modules to handle client requests, sharing a complex data structure…

5 months ago

DarkGate Malware Exploiting Excel Files And SMB File Shares

DarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing various distribution methods, including email attachments,…

5 months ago

Gogs Vulnerabilities Let Attackers Hack Instances & Steal Source Code

Gogs is a standard open-source code hosting system used by many developers. Several Gogs vulnerabilities have been discovered recently by…

6 months ago

Hackers Use Windows XSS Flaw To Execute Arbitrary Command In MMC Console

Attackers are leveraging a new infection technique called GrimResource that exploits MSC files. By crafting malicious MSC files, they can…

6 months ago

New Webkit Vulnerabilities Let Attackers Exploit PS4 And PS5 Playstations

Webkit vulnerabilities in PS4 and PS5 refer to bugs found in the Webkit engine used by their web browsers. These…

6 months ago

Microsoft Power BI Vulnerability Let Attackers Access Organizations Sensitive Data

A vulnerability in Microsoft Power BI allows unauthorized users to access sensitive data underlying reports, which affects tens of thousands…

6 months ago

Mailcow Mail Server Vulnerability Let Attackers Execute Remote Code

Two critical vulnerabilities (CVE-2024-31204 and CVE-2024-30270) affecting Mailcow versions before 2024-04 allow attackers to execute arbitrary code on the server.…

6 months ago

Sleepy Pickle Exploit Let Attackers Exploit ML Models And Attack End-Users

Hackers are targeting, attacking, and exploiting ML models. They want to hack into these systems to steal sensitive data, interrupt…

6 months ago

Ivanti EPM SQL Injection Flaw Let Attackers Execute Remote Code

In May 24, 2024, Zero-Day Initiative released a security advisory for Ivanti EPM which was associated with SQL injection Remote…

7 months ago