The Exploit Database is maintained by OffSec, an information security training company that provides various Information Security Certifications as well as high end penetration testing services. The Exploit Database is a non-profit project that is provided as a public service by OffSec. The Exploit Database is a CVE compliant archive of public exploits and corresponding…
The Exploit Database is maintained by OffSec, an information security training company that provides various Information Security Certifications as well as high end penetration testing services. The Exploit Database is a non-profit project that is provided as a public service by OffSec. The Exploit Database is a CVE compliant archive of public exploits and corresponding…
The Exploit Database is maintained by OffSec, an information security training company that provides various Information Security Certifications as well as high end penetration testing services. The Exploit Database is a non-profit project that is provided as a public service by OffSec. The Exploit Database is a CVE compliant archive of public exploits and corresponding…
The Exploit Database is maintained by OffSec, an information security training company that provides various Information Security Certifications as well as high end penetration testing services. The Exploit Database is a non-profit project that is provided as a public service by OffSec. The Exploit Database is a CVE compliant archive of public exploits and corresponding…
For the latest discoveries in cyber research for the week of 29th September, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Stellantis, Automotive maker giant which owns Citroën, FIAT, Jeep, Chrysler, and Peugeot, has suffered a data breach that resulted in exposure of North American customer contact information after attackers accessed a third-party…
ISC Stormcast For Monday, September 29th, 2025 https://isc.sans.edu/podcastdetail/9632, (Mon, Sep 29th) Source link
ISC Stormcast For Friday, September 26th, 2025 https://isc.sans.edu/podcastdetail/9630, (Fri, Sep 26th) Source link
Ever so often, I see requests for files in .well-known recorded by our honeypots. As an example: GET /.well-known/xin1.php?p Host: [honeypot host name] The file names indicate that they are likely looking for webshells. In my opinion, the reason they are looking in .well-known is that this makes a decent place to…
Recently, CISA added a Chrome zero-day Vulnerability, CVE-2025-5419, to its Known Exploited Vulnerabilities (KEV) Catalog, confirming that threat actors are actively exploiting this high-severity flaw in real-world attacks. This vulnerability affects multiple web browsers that utilize the Chromium engine, including Google Chrome, Microsoft Edge, Opera, and Brave. CISA strongly urges all organizations and individual users…
ISC Stormcast For Wednesday, September 24th, 2025 https://isc.sans.edu/podcastdetail/9626, (Wed, Sep 24th) Source link
