Exploit

RCE attacks on WhatsUp Gold exploited the Active Monitor PowerShell Script to execute malicious code, as the vulnerabilities CVE-2024-6670 and CVE-2024-6671, patched on August...

Secure elements consist mainly of tiny microcontrollers, which provide service by generating and storing secrets and performing cryptographic operations.Thomas Roche of NinjaLab finds a...

Microsoft released several patches for multiple vulnerabilities during the Patch Tuesday for August 2024. One of the vulnerabilities listed by Microsoft was the CVE-2024-38106....

In July 2022, Microsoft patched a well-known PPL bypass flaw, initially discovered by Ionescu and Forshaw. This allowed protection circumvention without kernel code execution, and...

By reverse-engineering Quick Share's proprietary communication protocol, researchers uncovered multiple vulnerabilities, including unauthorized file writes, forced Wi-Fi connections, directory traversal, and denial-of-service conditions. These flaws...

The Apache HTTP Server relies on hundreds of independently developed modules to handle client requests, sharing a complex data structure for communication. While modularity promotes...

DarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing various distribution methods, including email attachments, malicious ads, and compromised...

Gogs is a standard open-source code hosting system used by many developers.Several Gogs vulnerabilities have been discovered recently by the cybersecurity researchers at SonarSource. Gogs...