code injection – WindowsTechs.com

Exploits and vulnerabilities in Q4 2024

Posted on February 26, 2025 by Alexander Kolesnikov

This report provides statistics on vulnerabilities and exploits and discusses the most frequently exploited vulnerabilities in Q4 2024. Continue reading Exploits and vulnerabilities in Q4 2024→

Exploits and vulnerabilities in Q4 2024

Posted on February 26, 2025 by Alexander Kolesnikov

This report provides statistics on vulnerabilities and exploits and discusses the most frequently exploited vulnerabilities in Q4 2024. Continue reading Exploits and vulnerabilities in Q4 2024→

QR code SQL injection and other vulnerabilities in a popular biometric terminal

Posted on June 11, 2024 by Georgy Kiguradze

The report analyzes the security properties of a popular biometric access control terminal made by ZkTeco and describes vulnerabilities found in it. Continue reading QR code SQL injection and other vulnerabilities in a popular biometric terminal→

Malicious code in APKPure app

Posted on April 9, 2021 by Igor Golovin, Anton Kivva

Malicious code was detected in version 3.17.18 of the APKPure alternative app store for Android. We recommend deleting the infected version and installing APKPure 3.17.19 asap. Continue reading Malicious code in APKPure app→

Web App Security: Don’t Let the Code Injection Grinch Steal Holiday Joy

Posted on December 2, 2020 by Ameet Naik

This holiday season more and more e-commerce site operators will be deploying web app security solutions such as content security policies (CSPs) to protect themselves and their users against cyberattacks, including cross-site scripting (XSS), formjac… Continue reading Web App Security: Don’t Let the Code Injection Grinch Steal Holiday Joy→

WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug

Posted on November 6, 2020 by Tara Seals

The shopping cart application contains a PHP object-injection bug. Continue reading WordPress Sites Open to Code Injection Attacks via Welcart e-Commerce Bug→

Texas Gold-Dealer Mined for Payment Details in Months-Long Data Breach

Posted on November 2, 2020 by Tara Seals

JM Bullion fell victim to a payment-card skimmer, which was in place for five months. Continue reading Texas Gold-Dealer Mined for Payment Details in Months-Long Data Breach→

Citrix Bugs Allow Unauthenticated Code Injection, Data Theft

Posted on July 7, 2020 by Tara Seals

Admins should patch their Citrix ADC and Gateway installs immediately. Continue reading Citrix Bugs Allow Unauthenticated Code Injection, Data Theft→

When Anti-Virus Engines Look Like Kernel Rootkits

Posted on May 27, 2020 by Andrew Case

While analyzing real-world systems, memory analysts will often encounter anti-virus (AV) engines, EDRs, and similar products that, at first glance, look suspiciously like malware. This occurs because these security products leverage the same techniques… Continue reading When Anti-Virus Engines Look Like Kernel Rootkits→

WordPress, Apache Struts Attract the Most Bug Exploits

Posted on March 18, 2020 by Tara Seals

An analysis found these web frameworks to be the most-targeted by cybercriminals in 2019. Continue reading WordPress, Apache Struts Attract the Most Bug Exploits→