Monero 18.3.4 zero-day DoS vulnerability has been dropped publicly on social network.
Posted by upper.underflow via Fulldisclosure on Feb 16 Hello, About an hour ago, a group appearing to be named WyRCV2 posted a note on the...
Netgear Router Administrative Web Interface Lacks Transport Encryption By Default
Posted by Ryan Delaney via Fulldisclosure on Feb 16 <!-- # Exploit Title: Netgear Router Administrative Web Interface Lacks Transport Encryption By Default # Date:...
[CVE-2024-54756] GZDoom <= 4.13.1 Arbitrary Code Execution via Malicious ZScript
Posted by Gabriel Valachi via Fulldisclosure on Feb 15 In GZDoom 4.13.1 and below, there is a vulnerability involving array sizes in ZScript, the game...
Re: Text injection on https://www.google.com/sorry/index via ?q parameter (no XSS)
Posted by David Fifield on Feb 15 Today at about 2025-02-13 19:00 I noticed the "≠" is back, but now the type 0x12 payload of...
python3.8-3.8.20-2.fc40
FEDORA-2025-b353a46e0c Packages in this update: python3.8-3.8.20-2.fc40 Update description: Security fixes for CVE-2024-11168 and CVE-2025-0938 Read More
Friday Squid Blogging: Squid the Care Dog
The Vanderbilt University Medical Center has a pediatric care dog named “Squid.” Blog moderation policy. Read More
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at Boskone 62 in Boston, Massachusetts, USA, which runs...
python3.8-3.8.20-2.fc41
FEDORA-2025-bec494726c Packages in this update: python3.8-3.8.20-2.fc41 Update description: Security fixes for CVE-2024-11168 and CVE-2025-0938 Read More
Russian Hackers Target Microsoft 365 Accounts with Device Code Phishing
Volexity highlighted how Russian nation-state actors are stealing Microsoft device authentication codes to compromise accounts Read More
AI and Civil Service Purges
Donald Trump and Elon Musk’s chaotic approach to reform is upending government operations. Critical functions have been halted, tens of thousands of federal staffers are...