Another Weblogic deserialization bug.
https://securityaffairs.co/wordpress/84450/breaking-news/oracl...
Read More
Hacky Easter is on! Go get your CTF rolling.
https://hackyeaster.hacking-lab.com/hackyeaster/...
Read More
The Stack Overflow Survey is out and has some interesting insights
https://insights.stackoverflow.co...
Read More
PortSwigger has replaced the exercises in the Web Application Security Hacker's Handbook with the ne...
Read More
No April Fools here.
Solid primer on using burp Collaborator for blind command injection.&nbs...
Read More
Bruce has some thoughts on a well-circulated article suggesting that application security isn't that...
Read More
Android malware had almost 150 MILLION Googe Play Store downloads before it is was discovered and pu...
Read More
The NSA has open sourced their internal reverse engineering tool. It's so good, many consultan...
Read More
As the network boundary becomes more ephemeral, and attackers don't have obvious kickoff points for...
Read More
A new tool for finding malicious JavaScript and securely using external libraries.
https://blog.foca...
Read More
Cool PoC of the Mac vulnerability CVE-2018-4193, an RCE in WindowServer.
https://www.synacktiv.com/r...
Read More
A maintainer of the underlying runtime for Docker and Kubernetes) reported a vulnerability.
htt...
Read More