There hasn’t been much news over the past week, but we’ve collected the brightest. Several critical vulnerabilities and a couple of news. Noteworthy – updates of cool tools like impacket, APT-hunter and in the research section of the toolset APT groups. Vulnerabilities: GitHub exploit in the wild, Android patch and Linux kernel; Tools: APT-Hunter V2.0 … Continue reading Several critical vulnerabilities, $$$ for hacker info and new attack vectors →
There hasn’t been much news over the past week, but we’ve collected the brightest. Several critical vulnerabilities and a couple of news. Noteworthy – updates of cool tools like impacket, […] The post Several critical vulnerabilities, $$$ for hacker info and new attack vectors appeared first on Vulners Blog - Information security news, research and Vulners features.
Several high-profile vulnerabilities in Windows and Apple were fixed this week. Epic confusion/substitution attacks and an interesting vulnerability with secret chats in Telegram. We’ve picked up the top news from the past week. Vulnerabilities: releases from Microsoft and Apple + Telegram vulnerabilities; Tools: Adversary testing; News: Hacker poisoned water in an American city, amazing research, … Continue reading Сouple of massive updates, several f**k-ups with loud vulnerabilities and…
An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. Unrestricted HTTP header reflection allows remote attackers to obtain authentication cookies (if an XSS issue exists) via the /info/headers, /cache-info/headers, /admin-info/headers, /distribution-broker-info/headers, or /cache-node-info/headers path.