CVE-2022-36604 An access control issue in Canaan Avalon ASIC Miner 2020.3.30 and below allows unauthenticated attackers to arbitrarily change user pas...

CVE-2022-36603 InnoSilicon T3T+ t2t+_soc_20190911_151433.swu was discovered to contain a remote code execution (RCE) vulnerability in the checkUrl fun...

CVE-2022-36602 InnoSilicon A10 a10_20200924_120556 was discovered to contain a remote code execution (RCE) vulnerability in the setPlatformAPI functio...

CVE-2022-36601 The Eclipse TCF debug interface in JasMiner-X4-Server-20220621-090907 and below is open on port 1534. This issue allows unauthenticated...

CVE-2022-2447 A flaw was found in OpenStack. The application credential tokens can be used even after they have expired. This flaw allows an authentic...

CVE-2022-2403 A credentials leak was found in the OpenShift Container Platform. The private key for the external cluster certificate was stored incorr...

CVE-2022-2319 A flaw was found in the Xorg-x11-server. An out-of-bounds access issue can occur in the ProcXkbSetGeometry function due to improper vali...

CVE-2022-2320 A flaw was found in the Xorg-x11-server. The specific flaw exists within the handling of ProcXkbSetDeviceInfo requests. The issue result...

Re @Michaelgr1011 @LAPDHQ @RickCarusoLA @ericgarcetti @MayorOfLA @lapdVanNuysDiv Hope Connor is ok!

For CISOs and executives looking to transform from a mere manager of information into a corporate champion of business growth, it's imperative to stay...

Re @JosKVW

Re @S0ufi4n3 @telegram @ValeryMarchive

Re @JohnHenry_US @puzzlesforpyros Additionally, because we expect vx-underground to exceed over $100,000 in donations in 5 years (e.g hypothetically $...

Re @JohnHenry_US @puzzlesforpyros Yes, the application is $750. However, the queue for applications is very long. We have hired a law-firm to assist u...

Re In other news: The United States Internal Revenue Service is currently in a back log of 501(c)(3) applicants. The current wait time is approx. 9 mo...

RT Outflank: Yeah!🤘@OutflankNL joins the @HelpSystemsMN family! We're super excited about the new possibilities that lay ahead. Here's to even more...

CVE-2022-36796 Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS) in CallRail, Inc. CallRail Phone Call Trac...

CVE-2022-36355 Authenticated (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Easy Org Chart plugin <= 3.1 at WordPr...

CVE-2022-36373 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Simon Ward MP3 jPlayer plugin <= 2.7.3 at WordPress.

CVE-2022-28199 NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recover...

Re @UK_Daniel_Card @daveaitel Well it is true..

Re @Purp1eW0lf @daveaitel Thanks Dray

RT Outflank: Yeah!🤘@OutflankNL joins the @HelpSystemsMN family! We're super excited about the new possibilities that lay ahead. Here's to even more...

RT SpecterOps 🇺🇦: Check out our schedule of SO-CON workshops! Register today:

RT Russian Market: Someone hacked #YandexTaxi and ordered all available taxis to Kutuzov Prospect in Moscow Now there is a huge traffic jam with taxis...

Threat actors breached the network of the Italian oil company ENI

Fuzzing with Radamsa

SETTLERS OF NETLINK: Exploiting a limited Use After Free in nf_tables (CVE-2022-32250) against the latest Ubuntu (22.04) and Linux kernel 5.15 -

Who pollutes your prototype? Find the libs on cdnjs in an automated way

Neopets says hackers had access to its systems for 18 months

Fake It Until You Make It: Using Deep Fakes to Bypass Voice Biometrics

Infra Used in Cisco Hack Also Targeted Workforce Management Solution

Awesome-Password-Cracking - A Curated List Of Awesome Tools, Research, Papers And Other Projects Related To Password Cracking And Password Security

Autodeauth - A Tool Built To Automatically Deauth Local Networks

Sephora Fined $1.2 Million for Breaching CCPA and Selling User Data

Ragnar Locker ransomware gang claims to have stolen data from TAP Air Portugal

Here's how 5 mobile banking apps put 300,000 users' digital fingerprints at risk

Apple Quietly Releases Another Patch for Zero-Day RCE Bug

Snake Keylogger Returns with New Malspam Campaign Targeting IT Firms

Montenegro hit by ransomware attack, hackers demand $10 million

Code-Injection Bugs Bite Google, Apache Open Source GitHub Projects

European Spyware Vendor Offering Android and iOS Device Exploits

Re @VinceCoglianese !!

Re @waitbutwhy @Kurz_Gesagt !

今生只愿“安得广厦千万间，大庇天下寒士俱欢颜”

啥背景？//@来去之间:啥背景？//@简木生--撰稿者:凭什么？这是为数不多疫情期间给老百姓提供粮食的面包店了吧

Re @jfoolish_22 Well done! 💪

This morning we met with the vx-underground legal team to begin our 501(c)(3) journey. Here is a summary of the meeting:

Autodeauth - A Tool Built To Automatically Deauth Local Networks

Awesome-Password-Cracking - A Curated List Of Awesome Tools, Research, Papers And Other Projects Related To Password Cracking And Password Security