Zero-Day Zero: The AI Attack That Just Ended the Era of the Forgiving Internet

Why the Exploit Window Has Collapsed and How CISOs Must Pivot to Survive For decades, cybersecurity was a game of time. We banked on the buffer between a vulnerability’s disclosure and its widespread exploitation. We relied on the forgiving internet, where human attackers needed days or weeks to...

Contracts are susceptible for Head Overflow Bug in Calldata

Lines of code Vulnerability details Impact ABI-encoding a tuple with a statically-sized calldata array in the last component would corrupt 32 leading bytes of its first dynamically encoded component. Proof of Concept The functions are taking input arguments as calldata. Following contracts are...

RUSTSEC-2020-0025 bigint is unmaintained, use uint instead

The bigint crate is not maintained any more and contains several known bugs including a soundness bug; use uint instead...

Orion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle

Exploit Title: Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities Date: 14/Jul/17 Exploit Author: MaXe Vendor Homepage: http://www.orionbrowser.com && https://www.linkedin.com/company-beta/18034392/ &&...

Google Won't Allow Out-of-Date Chrome Plug-Ins

Google security engineers announced that Chrome would refuse to run plug-ins if they were found to be out of date, and thus, potentially vulnerable to exploitation of known bugs. Read the full article. Computerworld...