.webp?w=324&resize=324,235&ssl=1 "Next.js Framework Vulnerability Exposes Websites To Cache Poisoning & XSS Attacks")
Next.js Framework Vulnerability Exposes Websites To Cache Poisoning & XSS Attacks
A critical vulnerability, identified as CVE-2024-46982, has been discovered in the popular Next.js framework, widely used for building full-stack web applications.
This flaw exposes websites to cache poisoning and stored cross-site scripting (XSS) attacks, posing...
GitLab Patches Critical HTML Injection Flaw Leading To XSS Attacks
GitLab has released new patch versions 17.5.1, 17.4.3, and 17.3.6 for both its Community Edition (CE) and Enterprise Edition (EE).
These updates address a critical HTML injection vulnerability that could lead to cross-site scripting...
48 Vulnerabilities Uncovered In AI systems : Surge By 220%
Since the initial disclosure of 15 vulnerabilities in November 2023, a 220% increase in vulnerabilities impacting AI systems has been discovered, bringing the total to 48 vulnerabilities.
The world's first AI/ML bug bounty program, Protect...
$30 Million Bounty Rewards For Android, iOS, & Chrome Zero-day
This year, Crowdfense is expanding its scope to encompass additional major research fields like Enterprise Software, WiFi/Baseband, and Messengers and is proposing a larger 30 million USD acquisition program.
Crowdfense is the world's premier research...
Chrome Zero-Day Vulnerability Exploited At Pwn2Own : Patch Now
Google fixed three vulnerabilities in the Chrome browser on Tuesday, along with another zero-day exploit that was exploited during the Pwn2Own Vancouver 2024 hacking contest.
Google recently fixed two more zero-day vulnerabilities that were exploited during the...
2 Chrome Zero-Days Exploited At Pwn2Own 2024 : Patch Now
Google patched seven vulnerabilities in the Chrome browser on Tuesday, including two zero-day exploits that were exploited at the Pwn2Own Vancouver 2024 hacking contest.
Researchers at Pwn2Own challenge exploited the zero-days tagged as Type Confusion...
29 0-days Uncovered : Hackers Earned $1,132,500 Pwn2Own Vancouver 2024
The Pwn2Own Vancouver 2024 has come to an end, with researchers receiving a total of $1,132,500 for uncovering 29 distinct zero-day vulnerabilities.
Manfred Paul has been granted the title of Pwn Master. In all, he...
.webp?w=324&resize=324,235&ssl=1 "Pentagon Received 50,000+ Vulnerability Reports Since November 2016")
Pentagon Received 50,000+ Vulnerability Reports Since November 2016
The Department of Defense (DoD) Cyber Crime Center (DC3) recently announced a significant milestone in its cybersecurity efforts.
The processing of over 50,000 vulnerability reports since the inception of its Vulnerability Disclosure Program (VDP) in...
Researchers Uncovered 24 Zero-days in Pwn2Own Automotive : Day 1
Pwn2Own 2024 Automotive is a unique event aimed at identifying and fixing flaws in connected automotive technologies. Tokyo, Japan, hosts the Pwn2Own 2024 Automotive from January 24–26, 2024.
Tesla is the title sponsor, and VicOne...
Facebook Awarded $100,000 for Bug that Allows Internal Access to Server
Facebook has awarded a $100,000 bug bounty to security researcher Ben Sadeghipour for discovering a critical vulnerability in the company's ad platform.
The flaw, identified in October 2024, allowed Sadeghipour to execute commands on Facebook's...
Recent Posts
New Context Compliance Attack Jailbreaks Most of The Major AI Models
A new, surprisingly simple method called Context Compliance Attack (CCA) has proven effective at bypassing safety guardrails in most leading AI systems.
Unlike complex prompt...