Rosecurify

Seclog - #44

The grand essentials of happiness are: something to do, something to love, and something to hope for. โ€” Alexander Chalmers

Unpacking CVE-2023-20198: A Critical Weakness In Cisco IOS XE:

Encrypt. Now. โ€” blog.tripu.info

One Scheme to Rule Them All: OAuth Account Takeover | Ostorlab: Mobile App Security Testing for Android and iOS

Risky Biz News: Israel warns citizens of security camera hack risk

Cybersecurity burnout - Haklule's Experience - Blog Detectify

Leveraging an SSRF to leak a secret API key

Advanced fuzzing unmasks elusive vulnerabilities

Encrypted traffic interception on Hetzner and Linode targeting the largest Russian XMPP (Jabber) messaging service โ€”

The 3 AI Security Trends You CANNOT Ignore in 2024 | by Taimur Ijlal | The Generator | Oct, 2023 | Medium

Persistent cross-site scripting vulnerabilities in Liferay Portal | Pentagrid AG

Using silent SMS to localize LTE users

Squid Caching Proxy Security Audit: 55 vulnerabilities and 35 0days | Squid-Security-Audit

Using Cloudflare to bypass Cloudflare โ€“ Certitude Blog

Attacking AWS Cognito with Pacu (p1) - Rhino Security Labs

Attacking AWS Cognito with Pacu (p2) - Rhino Security Labs

Data Exposure and ServiceNow: The Elephant in the ITSM Room โ€” Enumerated

CVE-2022-4908: SOP bypass in Chrome using Navigation API - Johan Carlsson

Chaining an IDOR with a business-logic error to achieve critical impact :: jub0bs.com

Spam iOS, Android and Windows with Bluetooth pairing messages using Flipper Zero or Android smartphone - Mobile Hacker

Threat Brief: Cisco IOS XE Web UI Privilege Escalation Vulnerability

Webcam Hacking (again) - Safari UXSS | Ryan Pickren

Getting RCE in Chrome with incomplete object initialization in the Maglev compiler - The GitHub Blog

Knocking on the Front Door (client side desync attack on Azure CDN) :: Jeti's blog

About This Series | Beyond XSS

Security Vulnerabilities in CasaOS | Sonar

From SSRF to RCE on Mastodon (CVE-2023-42450) ยท scumjr

secvideo #

Kubernetes Hacking: From Weak Applications to Cluster Control

Hacking Cloud For Fun and Profit

Getting Started with Semgrep Secrets

secgit #

Limmen/csle

OWASP/QRLJacking

0xk1h0/ChatGPT_DAN

gogotheauditor/audits

saelo/jscpwn

dafthack/GraphRunner

nxenon/grpc-pentest-suite

Suggestions & Feedback

Enjoyed this post? Subscribe to Seclog for more in-depth security analysis and updates.

For any suggestions or feedback, please contact us at: [email protected]

Subscribe to Seclog

Enjoyed this post? Subscribe for more in-depth security analysis and updates direct to your inbox.

No spam. Only high-security insights. Unsubscribe at any time.

Share this Seclog:

← Back to Seclog