SolarWinds Hackers Continue Assault With New Microsoft Breach

The company says the Nobelium hacking group compromised a support agent's computer and levied brute-force attacks against some of its customers...

CS Money: Cookie poisoning leads to DOS and Privacy Violation

Summary, submitted by gatolouco requires no additions by us and fully expresses impact and reasons behind the vulnerability. Summary By change the value of the cookie avatar, a hacker could not only get information of the support agent IP address, but also disconnect all the supports without...

CVE-2019-3719

Dell support agent fails to properly identify the origin of updates. By DNS spoofing and crafted payloads, an attacker can serve up an executable file that the support agent will run as system. Recent assessments: bwatters-r7 at July 18, 2019 9:47pm UTC reported: As exploits go, being able to ser...

Zomato: [www.zomato.com] Blind XSS in one of the Admin Dashboard

@sandeephodkasia identified a Blind XSS vulnerability that fired in one of our admin dashboard. POC - @sandeephodkasia added "alert0; XSS Hunter was used in this case in address field while placing an order. - XSS triggered when one of our support agent viewed the order details. Thanks...