CVE-2020-35774: twitter-server XSS Vulnerability Discovered

According to its official documentation, “twitter-server” is a Twitter OSS project used to provide a template from which servers at Twitter are built. It provides common application components such as an administrative HTTP server, tracing, stats, and more, and is used, amongst other things, by both the Finagle and Finatra frameworks. After researching twitter-server, theRead More ›

Bug Bytes #105 - Playing with Spring Boot Actuators, recon API sources, JS encryption & A heaps of writeups - Intigriti

CVE-2020-1350: Wormable Remote Code Execution Vulnerability in Windows DNS Server Disclosed (SIGRed) - Blog

Checkmarx Research: Apache Dubbo 2.7.3 – Unauthenticated RCE via Deserialization of Untrusted Data (CVE-2019-17564) - Security Boulevard

ZeroLogon exploit detected within 24 hours of vulnerability notice

Drupal Core: Behind the Vulnerability - Security Boulevard

Twitter users fall victim to new XSS worm

Checkmarx Research: Apache Dubbo 2.7.3 – Unauthenticated RCE via Deserialization of Untrusted Data (CVE-2019-17564) - Security Boulevard

Woody RAT: A new feature-rich malware spotted in the wild - vulnerability database

Zerologon (CVE-2020-1472): Technical Deep Dive into a Critical Windows Authentication Vulnerability - vsociety