Start Your Engines – Capturing the First Flag in Google’s New v8CTF
Background 背景 In early October 2023, Google announced a new addition to their reward program, v8CTF. According to the rules: “v8CTF is a part of ...
Fault Injection Attacks against the ESP32-C3 and ESP32-C6
Introduction 介绍 In a previous article, the vulnerabilities of the ESP32-C3 and ESP32-C6 against side-channel attacks have been demonstrated. 在上...
Protection Highlight: Hunters International Ransomware
Over the past few months, several new ransomware actors have been observed targeting businesses of all sizes in various countries around the world....
Linux devices are under attack by a never-before-seen worm
The worm is a customized version of Mirai, the botnet malware that infects Linux-based servers, routers, web cameras, and other so-called Internet ...
One Supply Chain Attack to Rule Them All
Preface 前言 Let’s think for a moment what a nightmare supply chain attack could be. An attack that would be so impactful that it could be chained ...
Analysis of an Info Stealer — Chapter 2: The iOS App
Introduction 介绍 This is the second part of the article series: “Analysis of an Info Stealer”. In this chapter, I will analyze the iOS info steale...
How I pwned half of America’s fast food chains, simultaneously.
Also checkout Eva’s blogpost of this event. 另请查看 Eva 关于此活动的博客文章。 With an upbeat pling my console alerted me that my script had finis...
VMware vROPS RCE of java bean
系列 - vmware VMware VRealize Network Insight 命令注入和目录穿越及补丁绕过 VMware vROPS RCE of java bean VMware vROPS 文件读取到反序列化RCE...
VMware vROPS 文件读取到反序列化RCE
系列 - vmware VMware VRealize Network Insight 命令注入和目录穿越及补丁绕过 VMware vROPS RCE of java bean VMware vROPS 文件读取到反序列化RCE...
Trend Micro Mobile Security 认证绕过/文件上传/文件包含 RCE
# 漏洞通告 https://success.trendmicro.com/dcx/s/solution/000293106?language=en_US WFUser权限绕过+set_certificates_config文件上传+g...