Since mid-July, a surge in ransomware attacks leveraging the Akira strain has been observed, specifically targeting SonicWall devices. According to cybersecurity firm Arctic Wolf, threat actors have been actively exploiting SSL VPN connections on...
Email protection mechanisms, originally conceived as a bulwark against malicious links, have ironically become unwitting allies to cybercriminals. Researchers have uncovered a troubling trend: threat actors are increasingly exploiting “link wrappers” provided by platforms...
In the autumn of 2024, the InfoSect bug hunting team prepared a remote code execution attack targeting the Synology TC500 IP camera for entry in the Pwn2Own Ireland competition. The exploitation hinged on a...
JSubFinder JSubFinder is a tool written in golang to search webpages & javascript for hidden subdomains and secrets in the given URL. Developed with BugBounty hunters in mind JSubFinder takes advantage of Go’s amazing...
A critical vulnerability has been discovered in the widely used WordPress theme “Alone — Charity Multipurpose Non-profit”, which is already being exploited by malicious actors to compromise websites. Tracked as CVE-2025-5394, the flaw has...
In their relentless pursuit of artificial intelligence, companies are neglecting the very foundation of digital resilience—security. This stark conclusion emerges from an IBM analysis of cyberattack data collected over the past year, revealing that...
crAPI At a high level, the crAPI application is modeled as a B2C application that allows any user to get their car servicing done by a car mechanic. A user can create an account...
Google is pushing the boundaries of cybersecurity with a bold new initiative: the public beta release of Device Bound Session Credentials (DBSC), a feature designed to shield users from session cookie theft. Originally introduced...
cats REST API fuzzer and negative testing tool. Run thousands of self-healing API tests within minutes with no coding effort! Comprehensive: tests are generated automatically based on a large number of scenarios and cover...
Researchers at Bitdefender have disclosed two critical vulnerabilities in the firmware of Dahua smart surveillance cameras. These flaws, rooted in the ONVIF protocol implementation and the file upload mechanism, enable attackers to gain full...