Đinh Văn MạnhforFIS Securityblog.fiscybersec.com·Nov 22, 2024Palo Alto Networks Phát Hành Bản Vá Khẩn Cấp Cho Lỗ Hổng Zero-DayPalo Alto Networks đã phát hành các bản vá cho hai lỗ hổng zero-day nghiêm trọng trong hệ thống tường lửa của họ. Những lỗ hổng này đã bị khai thác tích cực, đe dọa đến an ninh của nhiều tổ chức sử dụng sản phẩm của công ty. Chi tiết về lỗ hổng Lỗ h...DiscussNewslettersthreat intelligence
Pentest_Testing_CorpforVulnerabilities in Laravelsql-injection-prevention-in-laravel.hashnode.dev·Nov 19, 2024Prevent XSS Attacks in Laravel: Best Practices & ExamplesCross-Site Scripting (XSS) is one of the most prevalent vulnerabilities affecting web applications. Attackers inject malicious scripts into your website, compromising the user experience and potentially stealing sensitive data. As Laravel developers,...Discuss#cybersecurity
Pentest_Testing_CorpforHow to Prevent SQLi in React.jshow-to-prevent-sqli-in-reactjs.hashnode.dev·Nov 14, 2024How to Prevent SQL Injection (SQLi) in React.jsIntroduction to SQL Injection (SQLi) in React.js SQL Injection (SQLi) is one of the most common and dangerous vulnerabilities in web applications. It allows attackers to execute arbitrary SQL queries on your database, potentially exposing sensitive i...Discuss#cybersecurity
Pentest_Testing_CorpforSQL Injection Prevention in Wordpresssql-injection-prevention-in-wordpress.hashnode.dev·Nov 10, 2024Secure Your WordPress Site: SQL Injection (SQLi) Explained and PreventedSQL Injection (SQLi) in WordPress: How to Protect Your Site from Database Attacks With WordPress being one of the most widely used platforms, it’s also a target for many cybersecurity threats, including SQL Injection (SQLi) attacks. These attacks exp...Discuss#cybersecurity
Sergio Medeirosgrumpz.net·Nov 10, 2024My Journey to Passing the CAPenX Certification: A Guide for Aspiring Expert-Level AppSec PentestersIntroduction: As a seasoned cybersecurity researcher and penetration tester, I am constantly on the lookout for certifications that sharpen my skills and keep me at the forefront of web application security. The Certified AppSec Pentesting Expert (CA...Discuss·10 likes·83 readssoftware development
Bhuwan BhetwalforBhuwan Bhetwal's HandBookblog.bhuwanbhetwal.com.np·Nov 7, 2024Breaking In: How RXSS and SQLi Can Lead to Full Account Takeover and Database AccessThese vulnerabilities were Identified on one of the YesWeHack’s Private Program. I was hunting late night when i received an invitation from one of the Private Program. As they Were Interested on critical reports. I was looking for SQLi, Command Exec...Discuss·2 likes·822 readsSQL
Đinh Văn MạnhforFIS Securityblog.fiscybersec.com·Oct 30, 2024Lỗ hổng zero-day mới trong Windows ThemesMột lỗ hổng zero-day mới trong Windows Themes đã được phát hiện, cho phép kẻ tấn công đánh cắp thông tin xác thực NTLM của người dùng từ xa. Lỗ hổng này đã gây ra mối lo ngại lớn trong cộng đồng bảo mật, đặc biệt là khi NTLM đã từng bị khai thác rộng...DiscussNewslettersvulnerability
Abhiramcloudbuddy.hashnode.dev·Oct 25, 2024Software Composition Analysis (SCA): Identifying Open Source Vulnerabilities in Your CodeIn today's software development landscape, open-source components have become an integral part of building applications. While open-source libraries and frameworks offer numerous benefits, they also introduce new security risks. Software Composition ...Discussshiftlefttesting
Bisola Adedijibeesola.hashnode.dev·Oct 23, 2024File Upload VulnerabilitiesWhen files are not uploaded securely, applications are vulnerable. Code injection into the target application by uploading malicious scripts is frequently the first step taken by attackers. The attacker then just has to figure out how to get the code...DiscussSecurity
Shruti RajeshforZySec AIblog.zysec.ai·Oct 19, 2024Critical Vulnerabilities Reported This Week (October 2024): When Software Strikes Back!Gather 'round, tech adventurers, for the tale of the week where software vulnerabilities decided to come out of the woodwork like mischievous sprites dancing through a forest. Here’s the scoop on the latest digital hiccups and how to keep your system...DiscussWeekly Updatesnews
