SEMrush Plugs Remote Code Execution Bug in Its SaaS Platform

Web analytics firm plugs a hole in its platform that allowed attackers to open a reverse shell that could be used to attack the service. Continue reading SEMrush Plugs Remote Code Execution Bug in Its SaaS Platform

18-Byte ImageMagick Hack Could Have Leaked Images From Yahoo Mail Server

After the discovery of a critical vulnerability that could have allowed hackers to view private Yahoo Mail images, Yahoo retired the image-processing library ImageMagick.

ImageMagick is an open-source image processing library that lets users resize, s… Continue reading 18-Byte ImageMagick Hack Could Have Leaked Images From Yahoo Mail Server

Serious ImageMagick Zero-Day Vulnerabilities – ImageTragick?

So another vulnerability with a name and a logo – ImageTragick? At least this time it’s pretty dangerous, a bunch of ImageMagick Zero-Day vulnerabilities have been announced including one that can leave you susceptible to remote code execution. It’s pretty widely used software too and very public, if you use an app online that lets […]

The…

Read the full post at darknet.org.uk

Continue reading Serious ImageMagick Zero-Day Vulnerabilities – ImageTragick?

Warning — Widely Popular ImageMagick Tool Vulnerable to Remote Code Execution

A serious zero-day vulnerability has been discovered in ImageMagick, a widely popular software tool used by a large number of websites to process user’s photos, which could allow hackers to execute malicious code remotely on servers.

ImageMagick is an open-source image processing library that lets users resize, scale, crop, watermarking and tweak images.

The ImageMagick tool is supported by

Continue reading Warning — Widely Popular ImageMagick Tool Vulnerable to Remote Code Execution