Tag: XSS

phpMyAdmin Patches XSS Vulnerabilities in Latest Release
Summary: phpMyAdmin has released version 5.2.2 to address two cross-site scripting (XSS) vulnerabilities that could allow attackers to inject malicious scripts. The update also resolves a potential vulnerability related to the glibc/iconv library, although phpMyAdmin clarified that it is not vulnerable by default. Users are urged to upgrade to the latest version to ensure their systems are secure.…
Read More
Burp Suite Other Modules Thm
The article provides an in-depth overview of the Burp Suite’s lesser-known modules, focusing on the Decoder, Comparer, Sequencer, and Organizer tools. Each tool serves a unique function: the Decoder for encoding/decoding data, the Comparer for data comparison, the Sequencer for evaluating token randomness, and the Organizer for managing HTTP requests for future reference.…
Read More
Summary: GitLab has released critical security updates for versions 17.8.1, 17.7.3, and 17.6.4 to address multiple vulnerabilities, including a high severity cross-site scripting (XSS) flaw. The most severe vulnerability, CVE-2025-0314, allows attackers to inject malicious scripts, potentially leading to session hijacking and data theft. GitLab urges all users to update their installations immediately to mitigate these risks.…
Read More
CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List
Summary: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a patched security flaw in the jQuery JavaScript library to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation. The vulnerability, CVE-2020-11023, is a medium-severity cross-site scripting (XSS) bug that can lead to arbitrary code execution.…
Read More
Multiple Cybersecurity Giants’ Account Credentials Leaked and Sold on Dark Web; Ministry of Industry and Information Technology Warns: Beware of Androxgh0st Botnet Risks | NiuLan – Security Niu
A recent report reveals that multiple cybersecurity firms have had their account credentials leaked and are being sold on the dark web. This poses risks not only to the companies involved but also to their customers. Additionally, the Ministry of Industry and Information Technology highlights the ongoing threat of the Androxgh0st botnet, which targets IoT devices and network infrastructure.…
Read More

Summary: The video discusses the common challenges faced by bug bounty hunters, particularly the issue of reporting duplicates. It emphasizes the importance of developing deep technical knowledge and understanding specific vulnerabilities rather than relying on generic tools and techniques. The speaker encourages viewers to commit to becoming experts in their chosen areas of web security, as this knowledge will set them apart in the competitive field of bug hunting.…
Read More
Nmap for Beginners
Nmap is a powerful network scanning tool used for discovering hosts and services on a network. This overview provides tips on maximizing its potential, including the use of various flags for enhanced scanning, such as aggressive scans and vulnerability detection. Affected: network security, penetration testing, bug bounty programs

Keypoints :

Nmap is used for network probing, service discovery, and operating system identification.…
Read More
ICS Patch Tuesday: Security Advisories Published by Schneider, Siemens, Phoenix Contact, CISA
Summary: Schneider Electric, Siemens, Phoenix Contact, and CISA have issued security advisories for various ICS products in January 2025, addressing multiple vulnerabilities with varying severity levels. The advisories highlight critical issues that could lead to privilege escalation, remote code execution, and information disclosure among others.

Threat Actor: Unknown | unknown Victim: Various ICS Product Users | ICS product users

Key Point :

Schneider Electric released nine advisories, addressing high-severity vulnerabilities in multiple products including PowerLogic and Modicon systems.…
Read More
⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [13 January]
Summary: This week’s cybersecurity recap highlights critical vulnerabilities, ongoing exploits, and legal actions against threat actors, emphasizing the importance of proactive security measures. Staying informed about these threats and implementing protective strategies is essential for individuals and organizations alike.

Threat Actor: UNC5337 | UNC5337 Victim: Ivanti | Ivanti

Key Point :

A critical vulnerability in Ivanti Connect Secure appliances has been exploited as a zero-day, allowing for remote code execution.…
Read More
RST TI Report Digest: January 13, 2025
This week’s threat intelligence report from RST Cloud highlights significant cyber threats from various actors, including the Chinese state-sponsored group RedDelta targeting Mongolia, Taiwan, and Southeast Asia, as well as the emergence of new malware like Banshee and the Gayfemboy botnet. The report summarizes key findings from 29 threat intelligence reports, detailing tactics, techniques, and procedures (TTPs) used in these attacks, and includes numerous indicators of compromise (IoCs).…
Read More
The Feed 2025-01-10

“`html

Check Point Research has identified a new version of the Banshee macOS stealer malware, which has been evading detection since September 2024. The malware targets macOS users, stealing sensitive information and utilizing an encryption algorithm similar to Apple’s XProtect. Despite the shutdown of its original operations after a code leak, Banshee continues to be distributed through phishing websites and malicious GitHub repositories.…
Read More
Banshee stealer evades detection using Apple XProtect encryption algo
Summary: A new variant of the Banshee info-stealing malware for macOS has been evading detection by utilizing string encryption techniques similar to those used by Apple’s XProtect. This malware, which targets sensitive data from macOS users, has continued to spread through deceptive methods despite the original operation being shut down after its source code was leaked.…
Read More
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers
Summary: Palo Alto Networks has released patches for critical vulnerabilities in its Expedition migration tool, including a high-severity SQL injection flaw that could allow authenticated attackers to access sensitive data. Additionally, SonicWall and Securing have also addressed significant security flaws in their respective products.

Threat Actor: (authenticated attacker, unauthenticated attacker) | threat actor Victim: (Palo Alto Networks, SonicWall, Aviatrix) | Palo Alto Networks, SonicWall, Aviatrix

Key Point :

Palo Alto Networks addressed multiple vulnerabilities in its Expedition tool, including SQL injection and XSS flaws.…
Read More
GFI KerioControl Firewall Vulnerability Exploited in the Wild
Summary: Threat actors are exploiting a recently disclosed vulnerability in GFI KerioControl firewalls, allowing for one-click remote code execution (RCE) via HTTP response splitting attacks. This flaw, tracked as CVE-2024-52875, has been deemed high severity due to its potential impact on network security.

Threat Actor: Unknown | unknown Victim: GFI KerioControl users | GFI KerioControl

Key Point :

The vulnerability allows attackers to perform HTTP response splitting, leading to reflected cross-site scripting (XSS) and RCE.…
Read More
The Feed 2025-01-09
This article explores various cyber threats, including voice phishing by the “Crypto Chameleon” group, exploitation of vulnerabilities in Kerio Control and Ivanti Connect Secure VPN, and North Korean hackers targeting cryptocurrency wallets through fake job interviews. The rise of ransomware among state-sponsored APT groups is also highlighted, indicating a troubling trend in modern cyber threats.…
Read More
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
Summary: Threat actors are exploiting a recently disclosed security flaw in GFI KerioControl firewalls, allowing for potential remote code execution (RCE) through a CRLF injection attack. The vulnerability, identified as CVE-2024-52875, affects multiple versions of the firewall and has led to active exploitation attempts.

Threat Actor: Unknown | unknown Victim: GFI KerioControl | GFI KerioControl

Key Point :

The vulnerability allows attackers to inject malicious inputs into HTTP response headers, leading to RCE.…
Read More