CVE-2026-8878

Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that are inadequately obfuscated using a simple Caesar cipher, which can be easily reversed to recover...

CVE-2026-8878

CVE-2026-8878 affects Securly Chrome Extension 3.0.7. Public endpoints allow unauthenticated access to sensitive data; information consists of SHA-1 hashes obfuscated with a Caesar cipher, which can be reversed to reveal original hashes. CVSS 3.1 base score 7.5 (HIGH) with network access and no p...

Forensic journey: hunting evil within AmCache

Introduction When it comes to digital forensics, AmCache plays a vital role in identifying malicious activities in Windows systems. This artifact allows the identification of the execution of both benign and malicious software on a machine. It is managed by the operating system, and at the time o...

Design/Logic Flaw

An access control issue in ICT Protege GX/WX 2.08 allows attackers to leak SHA1 password hashes of other users...

2.7 billion email addresses & plain-text passwords exposed online

By Waqas In addition to email addresses and passwords, the records contained MD5, SHA1, and SHA256 hashes.... This is a post from HackRead.com Read the original post: 2.7 billion email addresses & plain-text passwords exposed online...

Simple IOC and Incident Response Scanner: Loki

LOKI is a free and simple IOC scanner, a complete rewrite of main analysis modules of our full featured APT Scanner THOR. IOC stands for „Indicators of Compromise“. These indicators can be derived from published incident reports, forensic analyses or malware sample collections in your Lab. LOKI...

TIMA Arbitrary Kernel Module Verification Bypass Vulnerability

Samsung's lkmauth feature suffers from a kernel module verification bypass vulnerability. TIMA Arbitrary Kernel Module Verification Bypass In order to ensure the integrity of the Linux Kernel on Android devices, Samsung has introduced a feature called "lkmauth". This feature is meant to make sure...

Kemana Directory 1.5.6 - kemana_admin_passwd Cookie User Password Hash Disclosure

No description provided by source. ? Kemana Directory 1.5.6 kemanaadminpasswd Cookie User Password Hash Disclosure Vendor: C97net Product web page: http://www.c97.net Affected version: 1.5.6 Summary: Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easi...

Kemana Directory 1.5.6 Password Hash Disclosure Vulnerability

Kemana contains a flaw that is due to the 'kemanaadminpasswd' cookie storing user password SHA1 hashes. This may allow a remote MitM attacker to more easily gain access to password information. Version 1.5.6 is affected. Kemana Directory 1.5.6 kemanaadminpasswd Cookie User Password Hash Disclosur...

Kemana Directory 1.5.6 kemana_admin_passwd Cookie User Password Hash Disclosure

Summary Experience the ultimate directory script solution with Kemana. Create your own Yahoo or Dmoz easily with Kemana. Unique Kemana's features including: CMS engine based on our qEngine, multiple directories support, user friendly administration control panel, easy to use custom fields,...