Collaborate Disseminate
Multiple security vulnerabilities have been disclosed in the open-source private branch exchange (PBX) platform FreePBX, including a critical flaw that could result in an authentication bypass under certain configurations.
The shortcomings, discovered … Continue reading FreePBX Patches Critical SQLi, File-Upload, and AUTHTYPE Bypass Flaws Enabling RCE
Most tech professionals overlook this one way they can stay ahead and expand their influence. Continue reading Want to boost your career? This power move will future-proof you – here’s how
The Black Hat Europe hacker conference in London included a session titled “Don’t Judge an Audiobook by Its Cover” about a two critical (and now fixed) flaws in Amazon’s Kindle. The Times reports both flaws were discovered by engineering analyst Valent… Continue reading Security Researcher Found Critical Kindle Vulnerabilities That Allowed Hijacking Amazon Accounts
Nvidia emphasizes greater transparency in its Nemotron 3 models, especially with respect to training data that enterprises care about. Continue reading As Meta fades in open-source AI, Nvidia senses its chance to lead
Google has also mentioned seeing React2Shell attacks conducted by Iranian threat actors.
The post Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery appeared first on SecurityWeek.
Continue reading Google Sees 5 Chinese Groups Exploiting React2Shell for Malware Delivery
Cybersecurity researchers discovered an unsecured 16TB database exposing 4.3 billion professional records, including names, emails, and LinkedIn data. Learn what happened, why this massive data leak enables new scams, and how to protect your PII. Continue reading 16TB of MongoDB Database Exposes 4.3 Billion Lead Gen Records
This is how I continue to work on my iPad when Wi-Fi, power, and the best travel plans fall apart. Continue reading How I turn my iPad into a touchscreen MacBook on the road (and what extra accessories I use)
Exterro INFORM 2025 revealed how investigators are tackling cloud sprawl, scale, and defensibility — register now to secure your place at INFORM 2026! Continue reading Exterro INFORM 2025: A Global Webinar Series For DFIR Practitioners
Exploits for React2Shell (CVE-2025-55182) remain active. However, at this point, I would think that any servers vulnerable to the “plain” exploit attempts have already been exploited several times. Here is today&#;x26;#;39;s most popular exploit payload:
Continue reading More React2Shell Exploits CVE-2025-55182, (Mon, Dec 15th)
New report by Unit 42 reveals the Hamas-linked Ashen Lepus (WIRTE) group is using the AshTag malware suite to target Middle Eastern diplomatic and government entities with advanced, hidden tactics. Continue reading Hamas Linked Hackers Using AshTag Malware Against Diplomatic Offices