SonicWALL NSA 2400 Improper Neutralization of Input During Web Page Generation (CVE-2014-2589)

Cross-site scripting XSS vulnerability in the Dashboard Backend service stats/dashboard.jsp in SonicWall Network Security Appliance NSA 2400 allows remote attackers to inject arbitrary web script or HTML via the sn parameter. This plugin only works with Tenable.ot. Please visit...

CVE-2019-16941

NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An...

EUVD-2021-18952

Malware in sbrugna...

EUVD-2019-7970

Malware in sbrugna...

EUVD-2021-18953

Malware in sbrugna...

EUVD-2021-18955

Malware in sbrugna...

EUVD-2020-28098

Malware in sbrugna...

EUVD-2001-0073

Malware in sbrugna...

EUVD-2014-2621

Malware in sbrugna...

EUVD-2021-18951

Malware in sbrugna...

EUVD-2019-5057

Malware in sbrugna...

EUVD-2019-5055

Malware in sbrugna...

EUVD-2021-18954

Malware in sbrugna...

EUVD-2023-26800

Malicious code in bioql PyPI...

How the FBI got everything it wanted (re-air) (Lock and Code S06E15)

This week on the Lock and Code podcast… For decades, digital rights activists, technologists, and cybersecurity experts have worried about what would happen if the US government secretly broke into people’s encrypted communications. The weird thing, though, is that, in 2018, it already happened...

That Time Tom Lehrer Pranked the NSA

Bluesky thread. Here's the paper, from 1957. Note reference 3...

“Encryption Backdoors and the Fourth Amendment”

Law journal article that looks at the DualECPRNG backdoor from a US constitutional perspective: Abstract : The National Security Agency NSA reportedly paid and pressured technology companies to trick their customers into using vulnerable encryption products. This Article examines whether any of...

The Person in Charge of Testing Tech for US Spies Has Resigned

IARPA director Rick Muller is departing after just over a year at the R&D unit that invests in emerging technologies of potential interest to agencies like the NSA and the CIA, WIRED has learned...

CVE-2021-32094

U.S. National Security Agency NSA Emissary 5.9.0 allows an authenticated user to upload arbitrary files...

CVE-2021-32092

A Cross-site scripting XSS vulnerability in the DocumentAction component of U.S. National Security Agency NSA Emissary 5.9.0 allows remote attackers to inject arbitrary web script or HTML via the uuid parameter...