Blog

Guardio Labs has uncovered a significant vulnerability in Microsoft Edge, Microsoft’s flagship web browser, that could allow hackers to install malicious extensions without the user’s knowledge. This flaw, if exploited, could lead to a range of security breaches, including data theft, privacy …

Wireshark remains the go-to choice for both professionals and enthusiasts due to its unmatched capabilities in packet capturing and analysis. Its advanced features and user-friendly interface make it an indispensable tool for network troubleshooting and protocol analysis. The latest release, …

Splunk Inc. has disclosed two significant vulnerabilities within its software suite, posing a considerable risk to organizations utilizing Splunk Enterprise and Splunk Cloud Platform. The vulnerabilities, identified as CVE-2024-29945 and CVE-2024-29946, have been rated high in severity with CVSS scores …

A significant vulnerability has been identified in the Rank Math SEO plugin for WordPress. This flaw, cataloged under CVE-2023-32600, exposes over two million websites to potential cyber-attacks, posing a severe security risk to online businesses and content creators reliant on this …

Unsaflok, in Dormakaba’s Saflok electronic RFID locks used in hotels and multi-family housing, allows attackers to forge a master keycard by exploiting weaknesses in the system and then using it to unlock any door within the affected property. The vulnerability …

The Mobile Security Framework (MobSF), a widely used pen-testing, malware analysis, and security assessment framework, has been found to contain a critical input validation flaw that could lead to server-side request forgery (SSRF) attacks. The vulnerability, tracked as CVE-2024-29190, affects MobSF …

As tax season rolls around, a period marked by the rush to meet filing deadlines and ensure compliance with tax laws, cybercriminals are ramping up their efforts to exploit this busy time. Leveraging sophisticated social engineering tactics, these threat actors launch targeted …

Researchers from Perception Point identified a new malware campaign, PhantomBlu, targeting US organizations that use novel techniques to deploy NetSupport RAT, a remote access trojan, by exploiting legitimate features of Microsoft Office document templates via OLE manipulation. It allows the …

Threat actors use SVG files in cyber-attacks because SVGs (Scalable Vector Graphic files) can contain embedded scripts, making them a vector for executing malicious code. Not only that even the SVG files can also bypass certain security measures as well …

To analyze a security vulnerability (CVE-2024-21413) in Outlook, a controlled environment can be set up using a virtual machine (ANY.RUN) within a local virtual private network (VPN). Researchers can learn more about the exploit by making a proof-of-concept (PoC) and …