GraphQL Vulnerabilities and Common Attacks: Seen in the Wild

In our previous blog, we provided an overview of GraphQL security, along with details and examples of common attacks. Building on that foundation, this blog will take a closer look at real-world examples of GraphQL attacks that have recently occurred. We will explore the methods used by attackers...

CVE-2023-47314

Headwind MDM Web panel 5.22.1 is vulnerable to cross-site scripting XSS. The file upload function allows APK and arbitrary files to be uploaded. By exploiting this issue, attackers may upload HTML files and share the download URL pointing to these files with the victims. As the file download...

Web Application Firewall Detected

A Web Application Firewall WAF has been detected during the scan. A WAF is designed to help protecting web applications by monitoring and filtering HTTPS traffic through a set of rules in order to prevent the most common attacks. The identified WAF may have blocked several requests during the...

Security Pros Are Focused on the Wrong Threats

From The New York Times Riva Richmond Corporate information technology departments are prioritizing the wrong threats to their computer systems, focusing on old problems and leaving their companies open to a raft of new cyberattacks targeting sensitive customer and corporate information. That is...

Дырки в ZoneAlarm

Не обнаруживается несклько распространенных атак, кроме того создается разделяемый ресурс и записи в регистре со слабыми разрешениями...