Disclosure and bug bounty programs could sometimes be a double-edged sword. These services could help you avoid the hassle of contacting a vendor and negotiating for a reward which could take a few weeks just waiting for a response. …

In this edition, we’ll give new updates to the Fortinet flaws abuse we discussed last week, 3 major social network leaks, new Android malware spreads by creating auto-replies to messages in WhatsApp, and our CVE of the week: a pre-auth RCE found in a QNAP QTS plugin. Two Manufacturing Plants Shut Down Due to Fortinet Vulnerability

In this edition, we’ll give new updates to the North Korean campaign targeting security researchers, Chinese police arresting the biggest video game cheats syndicate, FBI and CISA warning about hackers abusing FortiNet flaws, and our CVE of the week: an SSRF vulnerability found in VMware’s vRealize. New Updates to the Campaign Targeting Security Researchers

In this edition, we’ll give new updates to the Google Project Zero findings, hackers trying to add a backdoor RCE through PHP’s Git, a security researcher being sued for bug disclosure, and our CVE of the week: a bug in netmask endangering more than 200 thousand projects. Updates on Google Project Zero

In this edition, we’ll discuss the Mirai botnet attack on IoT devices, Google Project Zero discovering 11 vulnerabilities exploited in 2020, Trail of Bits security researcher creates a tool to weaponize insecure pickled Python files, and our CVE of the week: an RCE vulnerability in F5 Big IP. The Mirai Botnet Attacking IoT Devices

DD-WRT is a Linux-based alternative OpenSource firmware suitable for a great variety of WLAN routers and embedded systems. This firmware is suitable for many systems with many routers using it like Netgear Nighthawk, Asus, and Linksys routers. It provides superior firmware to some WiFi routers and improves their built-in basic…

In this edition, we’ll follow up on the MS Exchange Server Leak and its origins, a hacker gaining access to 150,000 Verkada security cameras, the new Regexploit tool, and three 15-year-old vulnerabilities found in the Linux Kernel. The Microsoft Exchange Hack

There you are, sitting on your sofa, the clock shows another five seconds ‘till the next episode comes on, you press the button and another useless day goes by. We all had this experience, especially during the last year. Covid gave us so much free time being stuck at home. …

This is SSD’s weekly security recap. In this edition, we’ll talk about the Microsoft vulnerabilities affecting governments around the world, GitHub and Docker Hub used for crypto mining attacks, User Data exposed Online from the Maza Cybercrime Forum, and our CVE of the week: GNU GRUB elevated access. The Microsoft Exchange Hack After the…