Rails Apps Arbitrary File Write Vulnerability Let Attackers Execute Code Remotely
A newly exposed vulnerability in Ruby on Rails applications allows attackers to achieve Remote Code Execution (RCE) through a flaw...
Read more →Category: GBHackers
New Supply Chain Attack Targeting Chrome Extensions to Inject Malicious Code
A sophisticated supply chain attack targeting Chrome browser extensions has come to light, potentially compromising hundreds of thousands of users....
Read more →
New Cookie Sandwich Technique Allows Stealing of HttpOnly cookies
A new attack technique known as the “cookie sandwich” has surfaced, raising significant concerns among cybersecurity professionals. This technique enables...
Read more →
WordPress Plugin Vulnerability Exposes 23k+ Websites to Hacking
Researchers from Patchstack have warned that over 23,000 real estate websites using the popular RealHomes WordPress theme and its bundled...
Read more →
Cisco Warns of Meeting Management API Privilege Escalation Vulnerability
Cisco has issued a critical advisory regarding a privilege escalation vulnerability in its Meeting Management REST API. The flaw tracked...
Read more →
AI-Powered Static Application Security Testing in the Developer Toolkit
In today’s app dev world, where new apps and millions of lines of code are being deployed every day, the...
Read more →
Ex-CIA analyst pleaded guilty For Leaking Top Secret National Defense Information
A former CIA analyst, Asif William Rahman, has pleaded guilty to charges of retaining and transmitting Top Secret National Defense...
Read more →
Weaponized VS Code Impersonate Zoom App Steals Cookies From Chrome
A newly identified extension for Visual Studio Code (VS Code) has been found to impersonate a legitimate Zoom application, enabling...
Read more →
SQL Injection Vulnerability in Microsoft’s DevBlogs Lets Hackers Injecting Malicious SQL
In a recent discovery, a security researcher uncovered a critical SQL injection vulnerability on Microsoft’s DevBlogs website (accessible at https://devblogs.microsoft.com). This...
Read more →
Record Breaking 5.6 Tbps DDoS attack Launched by Mirai Botnet
The Mirai botnet unleashed a record-breaking Distributed Denial of Service (DDoS) attack on October 29, 2024, peaking at an astonishing...
Read more →
Criminal IP and OnTheHub Partner to Deliver Advanced Cybersecurity Solutions for Education
AI SPERA, a leading Cyber Threat Intelligence (CTI) provider, has collaborated with OnTheHub, a global provider of software in education,...
Read more →
Three New ICS Advisories Released by CISA Detailing Vulnerabilities & Mitigations
The Cybersecurity and Infrastructure Security Agency (CISA) announced three new Industrial Control Systems (ICS) advisories. These advisories provide critical insights...
Read more →