Vulnerabilities

Top Vulnerabilities Exploited in 2022 as revealed by FBI, CISA, and NSA

InfoSec News Steven Black (n0tst3) - 3 August 2023

The year 2022 witnessed a surge in cyberattacks by malicious actors targeting unpatched, internet-facing systems. In a joint Cybersecurity Advisory (CSA), top cybersecurity agencies...

A word from our sponsor

Vulnerabilities

OctoBot WebInterface – Remote Code Execution (RCE) – 0.4.3

Exploit Title: OctoBot WebInterface 0.4.3 - Remote Code Execution (RCE)Exploit Author:...

Steven Black (n0tst3) - 21 July 2022

InfoSec News

Atlassian Patches critical Confluence hardcoded credentials flaw

Atlassian has patched a critical hardcoded credentials vulnerability in Confluence Server...

Steven Black (n0tst3) - 21 July 2022

InfoSec News

Apache Commons Configuration patches Log4Shell style bug – what you need to know

Remember Log4j? Well, Log4J is one of the Apache Software Foundation’s many software...

RiSec.Mitch - 17 July 2022

Vulnerabilities

Nginx 1.20.0 – Denial of Service DoS

1-byte memory overwrite in resolverSeverity: mediumAdvisoryCVE-2021-23017Not vulnerable: 1.21.0+, 1.20.1+Vulnerable: 0.6.18-1.20.0The patch pgp #...

RiSec.Mitch - 11 July 2022

Vulnerabilities

Mailhog 1.0.1 Cross-Site Scripting XSS

Malicious users have the ability to send API requests to localhost...

RiSec.Mitch - 29 June 2022

InfoSec News

Weblizar 8.9 Backdoor – WordPress Plugin

The premium version of School Management, a plugin schools use to operate...

Steven Black (n0tst3) - 27 June 2022

InfoSec News

Don’t wait to install the June Windows update — it fixes a major security bug

Chinese hackers have already taken advantage of the flaw Microsoft has patched a...

Steven Black (n0tst3) - 15 June 2022

InfoSec News

Debian: DSA-5163-1: Chromium Security update

Multiple security issues were discovered in Chromium, which could resultin the...

Steven Black (n0tst3) - 12 June 2022

Data Security

Confluence servers hacked to deploy AvosLocker, Cerber2021 Ransomware

Ransomware gangs are now targeting a recently patched and actively exploited...

Steven Black (n0tst3) - 11 June 2022

InfoSec News

Follina: 0-day Windows MSDT Vulnerability (CVE-2022-30190) Exploited In The Wild

A 0-day vulnerability in Microsoft Support Diagnostic Tool is being exploited...

Steven Black (n0tst3) - 3 June 2022

1...567...17 Page 6 of 17

Vulnerabilities

Top Vulnerabilities Exploited in 2022 as revealed by FBI, CISA, and NSA

Editor Picks

Top Vulnerabilities Exploited in 2022 as revealed by FBI, CISA, and NSA

Bug Bounty -{ Oneliner Commands } – { V2 }

Web Application Security Mindmap

Privilege Escalation Techniques & Resources

Featured

WebBoss.io CMS Concerns: A Tale of Neglect and Unresponsiveness

Safely Integrating Large Language Models (LLMs) into Your Products: A White Hats Perspective

How Hackers are Utilizing ChatGPT & AI To Earn $Millions

Hacking Campaign Steals 10,000 Login Credentials From 130 Different Organizations

Cyber Academy

Bug Bounty -{ Oneliner Commands } – { V2 }

Web Application Security Mindmap

Privilege Escalation Techniques & Resources

Mastering Google Dorking: Expanding Scope, Reconnaissance and Resources

ABOUT US

Social

Subscribe for weekly updates

Add RiSec to your Homescreen?