Lucene search
K

6 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/28 12:0 a.m.70 views

Polyfill Detected

The polyfill.js file is a popular open-source library to ensure old browsers compatibility when evaluating JavaScript code. Starting February 2024, the domain polyfill.io and the related GitHub account have been purchased by a malicious threat actor to inject malwares in all web applications...

7.2CVSS7.5AI score0.03832EPSS
Exploits0References4
Prion
Prion
added 2023/10/19 9:15 p.m.13 views

Design/Logic Flaw

Artifact Hub is a web-based application that enables finding, installing, and publishing packages and configurations for CNCF projects. During a security audit of Artifact Hub's code base a security researcher identified a bug in which the registryIsDockerHub function was only checking that the...

6.5CVSS6.3AI score0.00206EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/10/19 8:53 p.m.65 views

CVE-2023-45821

Artifact Hub (artifacthub.io) has a vulnerability in the registryIsDockerHub check where the code only inspects the registry domain ending with docker.io, enabling credential hijacking by using a fake OCI registry on a domain that ends with docker.io. The issue affects how Docker credentials used...

6.3CVSS6AI score0.00206EPSS
Exploits0References2Affected Software1
HackRead
HackRead
added 2021/04/23 8:41 p.m.40 views

Google Argentina domain bought by a random citizen for $5

By Deeba Ahmed A random Argentinian bought the official Google Argentina domain for just $5 and as a result, the site was offline in the country for hours. This is a post from HackRead.com Read the original post: Google Argentina domain bought by a random citizen for $5...

2.3AI score
Exploits0
ThreatPost
ThreatPost
added 2021/03/18 8:15 p.m.168 views

Fiserv Forgets to Buy Domain It Used as System Default

Fiserv, a multi-billion-dollar cybersecurity tech provider for financial institutions, forgot to buy the domain used as a default in their systems’ email communications, according to a report. The blunder could have exposed its clients’ user information to anyone with a few bucks to buy the domai...

7.2AI score
Exploits0References2
Kitploit
Kitploit
added 2017/01/26 3:28 p.m.26 views

FiercePhish - A Full-Fledged Phishing Framework To Manage All Phishing Engagements

FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more. The features will continue to be expanded and will include website spoofing, click tracking, and extensive notificati...

6.9AI score
Exploits0References7
Rows per page
Query Builder