PinnedDisclosing Froxlor V2.x Authenticated RCE as Root Vulnerability via PHP-FPMA story of a vulnerability in Froxlor that allowed authenticated remote code execution as root.Jan 9Jan 9
Fake CrowdStrike Jobs Spread XMRig Cryptominer via PhishingAttackers imitate Crowdstrike recruiters and send out fake interview invitations with a cryptominer called XMRig.Jan 14Jan 14
macOS Under Attack: Critical Sandbox Bypass Vulnerability Revealed (CVE-2024–54498)CVE-2024–54498 is a path handling issue that allows malicious applications to break out of the sandbox environment.Jan 13Jan 13
Stop PhishWP! The New WordPress Malware Stealing Credit Cards and OTPsInvestigating PhishWP — a WordPress plugin able to change a legitimate website into a phishing trap.Jan 13Jan 13
Two Million HackTheBox Write-upTwo Million is an easy machine on HackTheBox. It involves API enumeration, privilege escalation on web application as well as a kernel…Jan 12Jan 12
PSAUX Ransomware Hits 22,000+ Systems via CyberPanel RCE (CVE-2024–51378) Discovered by…How a Teenager’s Discovery of a Critical CyberPanel Vulnerability Led to a Ransomware Attack on 22,000+ SystemsJan 10Jan 10