The Devastating PixieFail Flaws in UEFI – Is Your Device at Risk?
The recent discovery of “PixieFail,” a set of nine vulnerabilities in Tianocore’s EDK II IPv6 network stack, has raised significant concerns in the cybersecurity community.…
Category: ExploitOne
How Dutch Genius Who Hacked Iran’s Nuclear Program was Killed
Stuxnet, a name that resonates with infamy in the cybersecurity world, represents a watershed moment in digital warfare. This sophisticated piece of malware, allegedly costing…
Hacking Windows 10 and 11 with DLL Search Order Hijacking without administrator rights
A recent investigation by Security Joes has unveiled a novel cyberattack method targeting the Windows operating system. This technique exploits the trusted WinSxS folder, a…
How Scammers Use QR Codes to Phish Your Secrets
In the dynamic realm of cybersecurity, a new threat has emerged, capturing the attention of experts and users alike: Quishing. This term, a portmanteau of…
Understanding Latest DHCP DNS Vulnerabilities and How DHCP Exploits work in Active Directory
A new research focuses on a newly discovered set of attacks against Active Directory (AD) using Microsoft DHCP servers, which could lead to a full…
Your Laptop’s Fingerprint Lock Can Be Hacked. How Hackers Exploit Fingerprint Sensors Flaws
Multiple vulnerabilities have been found in the fingerprint sensors of Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops, which can be…
6 Steps to File Anonymous SEC Complaints Against Data Breachers & Force Them to Pay Fines or Take Action
The U.S. Securities and Exchange Commission (SEC) has guidelines and rules that relate to how publicly traded companies must handle and disclose data breaches. These…
How Your ChatGPT’s Uploaded Files Could Be Stolen by Prompt Injection Vulnerability
In a startling revelation, ChatGPT, the advanced AI chatbot developed by OpenAI, has been found to have a significant security vulnerability. The discovery, first reported…
This Atlassian Confluence Server backdoor will add malware in every page and can’t be removed
CVE-2023-22515 and CVE-2023-22518 are critical vulnerabilities found in Atlassian Confluence, a widely used team collaboration software. CVE-2023-22515 Description: This vulnerability was discovered in publicly accessible…
This Google Calendar technique allows to hack into companies without getting detected
Google has warned about a method by which hackers could exploit its Calendar service to create a covert Command-and-Control (C2) channel. The technique involves using…
RSA-2048 Shattered:Experts decrypt RSA-2048 with a Cellphone
RSA-2048 is a widely used encryption scheme based on the RSA (Rivest–Shamir–Adleman) cryptosystem. The “2048” in RSA-2048 denotes the key size used for the encryption,…
Hijacked Data:LockBit Ransomware Gang Targets Aerospace Giant Boeing
It would seem that the global leader in aerospace, Boeing, is the most recent victim of the ransomware gang known as LockBit, which has ties…