Chinese-speaking users are the target of a never-before-seen threat activity cluster codenamed Void Arachne that employs malicious Windows Installer (MSI) files for virtual private networks (VPNs) to deliver a command-and-control (C&C) framework ca…
A threat actor who goes by alias markopolo has been identified as behind a large-scale cross-platform scam that targets digital currency users on social media with information stealer malware and carries out cryptocurrency theft.
The attack chains invo…
I am doing testing with some ethernet device, for which I use an own TLS implementation (using OpenSSL for the actual cryptographic functions). There are pre shared keys used. When I am connecting to the device using the cipher suite TLS_P…
A vulnerability was found in brechtvds WP Recipe Maker Plugin up to 9.1.0 on WordPress. It has been classified as problematic. Affected is the function wprm-recipe-instructions/wprm-recipe-ingredients of the component Shortcode Handler. The manipulatio…
I have installed a Nginx WAF with Modsecurity CRS. This WAF protects a backend WordPress.
One request from one of the plugins generated a false positive on the Modsecurity with the rule id 933120.
I identified it in the audit log, studied …
I opened the PentestBox, it said it was like this("Code 267" on PentestBox like at image). What should I do to fix it or what to do next.
I hope everyone can help me know how to solve this problem
Two security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors to achieve arbitrary code execution on susceptible instances.
Both shortcomings impact all versions of the softwar…
A vulnerability was found in Ricoh Streamline NX PC Client up to 3.6.100.53 and classified as problematic. This issue affects some unknown processing. The manipulation leads to use of potentially dangerous function.
The identification of this vulnerab…
A vulnerability has been found in Ricoh Streamline NX PC Client up to 3.7.2 and classified as critical. This vulnerability affects unknown code. The manipulation leads to hard-coded credentials.
This vulnerability was named CVE-2024-36480. The attack …
A vulnerability, which was classified as problematic, was found in Ricoh Streamline NX PC Client up to 3.6.100.53. This affects an unknown part. The manipulation leads to use of potentially dangerous function.
This vulnerability is uniquely identified…
