Exploit for SQL Injection in Salephpscripts Web_Directory_Free

SECTF2026 — "You Play the CTF. We Play Defense" Event: XP...

Exploit for Improper Access Control in Oracle Http_Server

CVE-2026-21962 Concurrent WebLogic Scanner/Exploiter High-per...

Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA

We have recently uncovered a large-scale, multi-phase campaign that adds a novel technique to traditional phishing tactics by joining an attacker-operated device to an organization’s network to further propagate the campaign. We observed that the second stage of the campaign was successful agains...