EUVD-2017-16230

Malware in sbrugna...

EUVD-2017-14962

Malware in sbrugna...

EUVD-2016-6010

Malware in sbrugna...

EUVD-2016-6005

Malware in sbrugna...

CVE-2025-6031

Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported. When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due to end-of-life status...

CVE-2025-6031

Amazon Cloud Cam is a home security camera that was deprecated on December 2, 2022, is end of life, and is no longer actively supported. When a user powers on the Amazon Cloud Cam, the device attempts to connect to a remote service infrastructure that has been deprecated due to end-of-life status...

CVE-2025-6031

CVE-2025-6031 concerns the now-deprecated Amazon Cloud Cam. The vulnerability arises from the device’s default pairing state, which can allow an arbitrary user to bypass SSL pinning and associate the camera with any network, enabling interception and modification of network traffic. Affected prod...

PT-2025-25352 · Amazon · Amazon Cloud Cam

Name of the Vulnerable Software and Affected Versions: Amazon Cloud Cam affected versions not specified Description: The issue concerns a home security camera that is no longer supported due to its end-of-life status. When powered on, the device attempts to connect to a deprecated remote service...

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency

Introduction In August 2024, our team identified a new crimeware bundle, which we named "SteelFox". Delivered via sophisticated execution chains including shellcoding, this threat abuses Windows services and drivers. It spreads via forums posts, torrent trackers and blogs, imitating popular...

CVE-2024-7206

SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware...

CVE-2024-7206 Firmware extraction and Hardware SSL Pinning Bypass

SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware...

CVE-2024-7206 Firmware extraction and Hardware SSL Pinning Bypass

SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware...

Any Indian DigiLocker Account Could've Been Accessed Without Password

The Indian Government said it has addressed a critical vulnerability in its secure document wallet service Digilocker that could have potentially let a remote attacker bypass mobile one-time passwords OTP and sign in as other users. Discovered separately by two independent bug bounty researchers,...

Objection v1.6.6 - Runtime Mobile Exploration

objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. Note: This is not some form of jailbreak / root bypass. By using objection, yo...

Here's How Hackers Could Have Spied On Your DJI Drone Account

Cybersecurity researchers at Check Point today revealed details of a potential dangerous vulnerability in DJI Drone web app that could have allowed attackers access user accounts and synced sensitive information within it, including flight records, location, live video camera feed, and photos tak...

Square, PayPal POS Hardware Open to Multiple Attack Vectors

Mobile point-of-sale POS terminals have revolutionized the retail space in many ways, with devices such as Square offering locations like mall kiosks, small coffee shops and roadside stands a handy and cost-effective way to accept credit cards. Unfortunately, more than half of leading mobile POS...

Mobile Application Hacking Diary Ep.2

Mobile Application Hacking Diary Ep.2 |=--------------------------------------------------------------------=| |=------------= Mobile Application Hacking Diary Ep.2=--------------=| |=------------------------= 18 February 2018 =----------------------=| |=----------------------= By CWH Underground...

Security Flaw Left Major Banking Apps Vulnerable to MiTM Attacks Over SSL

A team of security researchers has discovered a critical implementation flaw in major mobile banking applications that left banking credentials of millions of users vulnerable to hackers. The vulnerability was discovered by researchers of the Security and Privacy Group at the University of...

objection - Runtime Mobile Exploration

objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. The project's name quite literally explains the approach as well, whereby...

Runtime Mobile Exploration: objection

objection is a runtime mobile exploration toolkit, powered by Frida . It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. The project’s name quite literally explains the approach as well, whereby...