26 matches found
The Dark Side of Upgrades: Uncovering Security Risks in Smart Contract Upgrades
Smart contract upgrades are increasingly common due to their flexibility in modifying deployed contracts, such as fixing bugs or adding new functionalities. Meanwhile, upgrades compromise the immutability of contracts, introducing significant security concerns. While existing research has explore...
CVE-2025-2474
creationtimestamp| type| source ---|---|--- 2025-06-10 18:31:10+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114660492536903050 2025-06-10 20:01:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrbopbbhcx2e 2025-06-23 03:17:05+00:00| seen|...
CVE-2025-32969
creationtimestamp| type| source ---|---|--- 2025-04-23 16:44:34+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114388282485493837 2025-04-23 17:19:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lnipaqcyvd2d 2025-08-28 13:41:24+00:00| confirmed|...
A Comprehensive Survey of Cybercrimes in India over the Last Decade
Since the 1990s, the integration of technology into daily life has led to the creation of an extensive network of interconnected devices, transforming how individuals and organizations operate. However, this digital transformation has also spurred the rise of cybercrime, criminal activities...
CVE-2025-25579
creationtimestamp| type| source ---|---|--- 2025-03-28 22:28:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9489 2025-03-29 00:26:51+00:00| seen| https://t.me/cvedetector/21476 2025-03-31 19:48:22+00:00| seen|...
CVE-2024-57839
creationtimestamp| type| source ---|---|--- 2025-01-11 14:37:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113810229056518658 2025-01-11 15:05:26+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1331 2025-01-11 15:15:25+00:00| seen|...
CVE-2023-46616
creationtimestamp| type| source ---|---|--- 2025-01-02 12:17:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2lwa4bn22 2025-01-02 14:23:10+00:00| seen| https://infosec.exchange/users/cve/statuses/113759210045434033...
CISCO-SA-20190703-SBSS
creationtimestamp| type| source ---|---|--- 2024-12-17 06:41:24+00:00| seen| https://social.circl.lu/users/vulnerabilitylookup/statuses/113666793047282674...
CVE-2024-52702
creationtimestamp| type| source ---|---|--- 2024-11-20 20:44:59+00:00| seen| https://infosec.exchange/users/cve/statuses/113517232040032625 2024-11-20 22:57:17+00:00| seen| https://t.me/cvedetector/11663...
Zoom deepfaker fools politicians…twice
We recently said deepfakes “remain the weapon of choice for malign interference campaigns, troll farms, revenge porn, and occasionally humorous celebrity face-swaps”. Skepticism that these techniques would work on a grand scale such as an election, remains in place. In the realm of malign...
Why Data Privacy Day matters
Our Lock and Code special episode on Data Privacy Day, featuring guests from Mozilla, DuckDuckGo, and Electronic Frontier Foundation can be listened to here. Today, January 28, is Data Privacy Day, the annual, multinational event in which governments, companies, and schools can inform the public...
Sextortion scammers getting creative
We've covered sextortion before, focusing in on how the core of the threat is an exercise in trust. The threat actor behind the campaign will use whatever information available on the target that causes them to trust that the threat actor does indeed have incriminating information on them. They...
Snowden Makes Case for a Presidential Pardon
Edward Snowden took his case to the media Wednesday arguing a presidential pardon would be an important step in preserving democracy and his only hope in returning to the United States. He argued that under the current Espionage Act, future whistleblowers would be less inclined to come forward to...
Misuse of Language: 'Cyber'
Threatpost Op-Ed is a regular feature where experts contribute essays and commentary on what’s happening in security and privacy. Today’s contributors are Dave Dittrich and Katherine Carpenter. The terms “cyber war” and “cyber weapon” are thrown around casually, often with little thought to their...
Git 版本<=2.7.1 远程代码执行漏洞
参考来源: http://seclists.org/oss-sec/2016/q1/645 Hello, original report describing the overflow is here http://pastebin.com/UX2P2jjg On 11/02/2016 16:50, Jeff King wrote this on the git security mailing list: On Thu, Feb 11, 2016 at 02:31:49PM +0100, 'Laël Cellier' via Git Security wrote: Ok the bug...
Carna Botnet Analysis Enumerates Vulnerable Network Devices
The Carna botnet, more formally known as the Internet Census 2012, stirred up a hornet’s nest of controversy when it was unveiled in March to a number of popular security mailing lists. An unidentified researcher had found more than 420,000 embedded devices that were accessible online with defaul...
Targeted Phishing Attacks
Summary This advisory is intended to provide general guidance to public and private sector organizations on events potentially triggering targeted phishing attacks often referred to as spear phishing and to offer some suggested methods that may minimize the likelihood of a successful attack. This...
Electromagnetic Pulse Attacks : Are we prepared ?
An electromagnetic pulse EMP attack is a threat few Americans are familiar with, yet one which could easily destroy their lives. What would you do if your electricity suddenly went out and didn't come back on for months or even years? How long would you last with the food in your pantry, the...
Authorities Renew Campaign to Disinfect Computers Before July 9
With a deadline to pull surrogate servers extended, the FBI has launched a new campaign to prevent up to 350,000 computer users from losing Internet access this summer – including those tied to Fortune 500 companies and government agencies like NASA. Over the weekend, news media outlets began...
New UK Cyber Security Strategy Released
New UK Cyber Security Strategy Released The UK's intelligence agency GCHQ will become a main port of call for businesses dealing with cyberattacks, under the government's new cybersecurity strategy revealed on Friday. The Cheltenham-based GCHQ agency will receive huge amount of fund for its large...