Popular NPM Package Updated to Wipe Russia, Belarus Systems to Protest Ukraine Invasion

In what's an act of deliberate sabotage, the developer behind the popular "node-ipc" NPM package shipped a new tampered version to condemn Russia's invasion of Ukraine, raising concerns about security in the open-source and the software supply chain. Affecting versions 10.1.1 and 10.1.2 of the...

Embedded Malicious Code in node-ipc

The package node-ipc versions 10.1.1 and 10.1.2 are vulnerable to embedded malicious code that was introduced by the maintainer. The malicious code was intended to overwrite arbitrary files dependent upon the geo-location of the user IP address. The maintainer removed the malicious code in versio...

GHSA-97M3-W2CP-4XX6 Embedded Malicious Code in node-ipc

The package node-ipc versions 10.1.1 and 10.1.2 are vulnerable to embedded malicious code that was introduced by the maintainer. The malicious code was intended to overwrite arbitrary files dependent upon the geo-location of the user IP address. The maintainer removed the malicious code in versio...

Geo-Recon - An OSINT CLI Tool Desgined To Fast Track IP Reputation And Geo-locaton Look Up For Security Analysts

An OSINT CLI tool desgined to fast track IP Reputation and Geo-locaton look up for Security Analysts. Setup This tool is compactible with: Any Linux Operating System Debian, Ubuntu, CentOS Termux Linux Setup git clone https://github.com/radioactivetobi/geo-recon.git cd geo-recon chmod +x...

How Reputation Intelligence Improves Application Security

Reputation intelligence is information about cyber entities known for specific activity, whether malicious or benign, which can be fed to and actioned on by a web application firewall WAF. It provides an additional application security layer by effectively identifying and blocking threats from...

Girls Who Code: That's a Wrap!

The Summer Immersion Program for Girls Who Code at Akamai wrapped up this past week. The girls finished their final projects and presented them at a graduation ceremony attended by friends and family as well as supporters and mentors from Akamai. The girls were divided into five teams for their...

daloRADIUS 0.9-9 SQL Injection / Code Execution Vulnerabilities

Exploit for php platform in category web applications Abstract -------- "daloRADIUS is an advanced RADIUS web management application aimed at managing hotspots and general-purpose ISP deployments. It features user management, graphical reporting, accounting, a billing engine and integrates with...

Two Million stolen Facebook, Twitter login credentials found on 'Pony Botnet' Server

Security researchers at Trustwave's SpiderLabs found a Netherlands-based Pony Botnet Controller Server with almost two Million usernames and passwords, stolen by cybercriminals from users of Facebook, Twitter, Google, Yahoo and other websites. In a blog post, the researchers mentioned that after...

Video Beef - Get Protocols And Geolocation

How to get protocols and geo-location using BeEF Browser Exploitation Framework. This attack will require Java. In GeoLocation you will get almost full address and latitude and longitude and find the perfect location using Google Map...

FBI Warning : New Malware attacking Android smartphones

Users should be aware that Cyber criminals are finding new ways to install malicious software on devices. The latest threat to Android phone users, according to the FBI, is a "work-at-home opportunity that promises a profitable payday just for sending out email." The IC3 has been made aware of...

Rayzz Photoz Shell Upload

========================================================== Rayzz Photoz Upload Vulnerability ========================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /'...

Rayzz Photoz Upload Vulnerability

Exploit for php platform in category web applications ================================= Rayzz Photoz Upload Vulnerability ================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ ...

Rayzz Photoz - Arbitrary File Upload

Rayzz Photoz - Arbitrary File Upload ========================================================== Rayzz Photoz Upload Vulnerability ========================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, ...

DNS Lookup Result Comparison

This module can be used to determine differences in the cache entries between two DNS servers. This is primarily useful for detecting cache poisoning attacks, but can also be used to detect geo-location load balancing. This module requires Metasploit: https://metasploit.com/download Current sourc...