New MySQL Zero Days — Hacking Website Databases

Two critical zero-day vulnerabilities have been discovered in the world’s 2nd most popular database management software MySQL that could allow an attacker to take full control over the database.

Polish security researcher Dawid Golunski has discovered… Continue reading New MySQL Zero Days — Hacking Website Databases

PornHub Pays Hackers $20,000 to Find Zero-day Flaws in its Website

Cyber attacks get bigger, smarter, more damaging.

P*rnHub launched its bug bounty program two months ago to encourage hackers and bug bounty hunters to find and responsibly report flaws in its services and get rewarded.

Now, it turns out that the world’s most popular p*rn*graphy site has paid its first bounty payout. But how much?

US $20,000!
<!– adsense –>
Yes, P*rnHub has paid $20,000

Continue reading PornHub Pays Hackers $20,000 to Find Zero-day Flaws in its Website

3 Popular Drupal Modules Found Vulnerable — Patch Released

Just yesterday, I wrote a warning article announcing that Drupal – the popular open source content management system – will release patches for several highly critical Remote Code Execution (RCE) bugs that could allow attackers to fully take over any affected site.

Below are the three separate Drupal modules that affect up to 10,000 websites:

1. RESTful Web Services – a popular module used

Continue reading 3 Popular Drupal Modules Found Vulnerable — Patch Released

Several Critical Remotely Exploitable Flaws Found in Drupal Modules, patch ASAP!

The extraordinary ‘Panama Papers leak’ from Law firm Mossack Fonseca that exposed the tax-avoiding efforts by the world’s richest and most influential members was initially believed to be the result of an unpatched vulnerability in the popular content … Continue reading Several Critical Remotely Exploitable Flaws Found in Drupal Modules, patch ASAP!

Mozilla asks Court to disclose Firefox Exploit used by FBI to hack Tor users

Mozilla has filed a brief with a U.S. District Court asking the FBI to disclose the potential vulnerabilities in its Firefox browser that the agency exploited to unmask TOR users in a criminal investigation.

Last year, the FBI used a zero-day flaw to … Continue reading Mozilla asks Court to disclose Firefox Exploit used by FBI to hack Tor users

Pornhub Launches Bug Bounty Program; Offering Reward up to $25,000

With the growing number of cyber attacks and data breaches, a significant number of companies and organizations have started Bug Bounty Programs to encourage hackers and security researchers to find and responsibly report bugs in their services and get… Continue reading Pornhub Launches Bug Bounty Program; Offering Reward up to $25,000

Hacker Arrested after Exposing Flaws in Elections Site

A security researcher responsibly disclosed vulnerabilities in the poorly secured web domains of a Florida county elections, but he ended up in handcuffs on criminal hacking charges and jailed for six hours Wednesday.

Security researcher David Michael… Continue reading Hacker Arrested after Exposing Flaws in Elections Site

Warning — Widely Popular ImageMagick Tool Vulnerable to Remote Code Execution

A serious zero-day vulnerability has been discovered in ImageMagick, a widely popular software tool used by a large number of websites to process user’s photos, which could allow hackers to execute malicious code remotely on servers.

ImageMagick is an open-source image processing library that lets users resize, scale, crop, watermarking and tweak images.

The ImageMagick tool is supported by

Continue reading Warning — Widely Popular ImageMagick Tool Vulnerable to Remote Code Execution