The Story of How CISA Was Breached
In a significant cybersecurity incident, the Cybersecurity and Infrastructure Security Agency (CISA) was breached last month due to vulnerabilities in Ivanti software products. This breach…
Category: ExploitOne
Critical Security Vulnerabilities You Need to Know to hack Gemini
HiddenLayer’s recent research has uncovered a series of concerning vulnerabilities within Google’s latest Large Language Models (LLMs) family, known as Gemini. These vulnerabilities present significant…
Pentesting System Center Configuration Manager with Misconfiguration Manager
At the recent SO-CON security conference, researchers have brought to light significant misconfigurations in Microsoft’s System Center Configuration Manager (SCCM), now known as Configuration Manager.…
How the 8220 Gang Is Compromising YARN, Docker, Confluence, and Redis Servers for Cryptomining
In recent times, the cybersecurity landscape has witnessed a significant uptick in the exploitation of misconfigured servers across various platforms, including YARN (Yet Another Resource…
How Opening a Simple PDF Could Unleash a Cybersecurity Nightmare
The recent findings from McAfee Labs have unveiled a worrying trend in the cybersecurity landscape: a significant increase in malware distribution through PDF files. This…
Exploiting the High-Risk Vulnerabilities in Secure Boot of Most Linux Devices on the Planet
In the ever-evolving landscape of cybersecurity, a new vulnerability identified as CVE-2023-40547 has emerged, casting a shadow over the security of most Linux systems. This…
A Hacker, 5000 Credentials, and Operation Code Red
In a significant cybersecurity incident, Cloudflare, a leading web security and performance company, disclosed that it had been targeted by a sophisticated hacking attempt by…
Hackers’ New Target is containerized environments through vulnerabilities in runC
Recent developments in cybersecurity have brought to light multiple security vulnerabilities in the runC command line tool. These vulnerabilities pose significant risks as they could…
Hacking Android, Linux, macOS, iOS, Windows Devices via Bluetooth using a single vulnerability
A critical vulnerability identified as CVE-2023-45866, along with CVE-2024-21306, has been discovered in the Bluetooth technology used across various operating systems, including Android, Linux, macOS,…
The Devastating PixieFail Flaws in UEFI – Is Your Device at Risk?
The recent discovery of “PixieFail,” a set of nine vulnerabilities in Tianocore’s EDK II IPv6 network stack, has raised significant concerns in the cybersecurity community.…
How Dutch Genius Who Hacked Iran’s Nuclear Program was Killed
Stuxnet, a name that resonates with infamy in the cybersecurity world, represents a watershed moment in digital warfare. This sophisticated piece of malware, allegedly costing…
Hacking Windows 10 and 11 with DLL Search Order Hijacking without administrator rights
A recent investigation by Security Joes has unveiled a novel cyberattack method targeting the Windows operating system. This technique exploits the trusted WinSxS folder, a…