Daily Live Feed

Pan-American Life Insurance Group (PALIG), a leading provider of life, accident, and health insurance throughout the Americas, recently announced that it was impacted by a widespread data security incident involving Progress Software’s MOVEit Transfer... The post Pan-American Life Insurance Group Hit by Data Breach appeared first on Penetration Testing. Read more »

In the realm of Java web application development, Apache Struts stands as a paragon of efficiency and modern design. This free, open-source Model-View-Controller (MVC) framework has empowered developers to create elegant web applications with... The post CVE-2023-50164: Apache Struts Remote Code Execution Vulnerability appeared first on Penetration Testing. Read more »

On November 28, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) unraveled a cyber attack that not only breached technological defenses but also posed a threat to public safety. This incident involved the active... The post Hackers attacked US water facility via CVE-2023-6448 vulnerability appeared first on Penetration Testing. Read more »

PipeViewer A GUI tool for viewing Windows Named Pipes and searching for insecure permissions. PipeViewer is a GUI tool that allows users to view details about Windows-named pipes and their permissions. It is designed... The post PipeViewer: shows detailed information about named pipes in Windows appeared first on Penetration Testing. Read more »

In the intricate web of modern computing, a new threat has emerged, casting a shadow over the seemingly simple process of booting up a computer. This threat, known as LogoFAIL, comprises a series of... The post Your Boot Logo is Hackable: LogoFAIL Exposes Millions of Devices appeared first on Penetration… Read more »

A critical security vulnerability patched in the recent WordPress 6.4.2 update could have allowed attackers to take full control of vulnerable websites. While the vulnerability itself resided within WordPress core, its potential for harm... The post Critical WordPress Vulnerability Patched: Remote Code Execution Possible appeared first on Penetration Testing. Read more »

Recently, a new menace has surfaced in the Android ecosystem. Dubbed ‘SpyLoan’, these apps, camouflaged as benign loan services, have been unmasked as digital predators. ESET researchers have unveiled the treacherous nature of these... The post ESET Exposes Android Scam: SpyLoan Apps Steal Data, Not Money appeared first on Penetration… Read more »

In the constantly shifting landscape of cybersecurity, a new, insidious threat has emerged, targeting the macOS ecosystem. Kaspersky researchers have identified several cracked applications disseminated through unofficial channels, harboring a Trojan-Proxy. This malicious software... The post Mac Malware Alert: Cracked Apps Harbor Trojan-Proxy Threat appeared first on Penetration Testing. Read more »

Noir Noir is an attack surface detector from source code. Key Features Automatically identify language and framework from source code. Find API endpoints and web pages through code analysis. Load results quickly through interactions... The post noir v0.10 releases: attack surface detector from source code appeared first on Penetration Testing. Read more »

Apktool It is a tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to the nearly original form and rebuild them after making some modifications; it makes possible to... The post Apktool v2.9.1 releases: A tool for reverse engineering Android apk files appeared first on… Read more »