101010.pl

Hackread.com⚠️ Critical <a href="https://mstdn.social/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> flaw actively exploited in Zimbra Collaboration Suite, putting over 129,000 servers at risk. Researchers suspect involvement of <a href="https://mstdn.social/tags/Sednit" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sednit</a> (aka Fancy Bear).Read: <a href="https://hackread.com/zimbra-cve-2024-27443-xss-flaw-hit-sednit-servers/" rel="nofollow noopener" translate="no" target="_blank">https://hackread.com/zimbra-cve-2024-27443-xss-flaw-hit-sednit-servers/</a><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mstdn.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vulnerability</a> <a href="https://mstdn.social/tags/FancyBear" class="mention hashtag" rel="nofollow noopener" target="_blank">#FancyBear</a> <a href="https://mstdn.social/tags/Zimbra" class="mention hashtag" rel="nofollow noopener" target="_blank">#Zimbra</a>

The New OilSpies hack high-value mail servers using an exploit from yesteryear<a href="https://arstechnica.com/security/2025/05/spies-hack-high-value-mail-servers-using-an-exploit-from-yesteryear/" rel="nofollow noopener" translate="no" target="_blank">https://arstechnica.com/security/2025/05/spies-hack-high-value-mail-servers-using-an-exploit-from-yesteryear/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mastodon.thenewoil.org/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://mastodon.thenewoil.org/tags/Roundcube" class="mention hashtag" rel="nofollow noopener" target="_blank">#Roundcube</a> <a href="https://mastodon.thenewoil.org/tags/MDaemon" class="mention hashtag" rel="nofollow noopener" target="_blank">#MDaemon</a> <a href="https://mastodon.thenewoil.org/tags/Horde" class="mention hashtag" rel="nofollow noopener" target="_blank">#Horde</a> <a href="https://mastodon.thenewoil.org/tags/Zimbra" class="mention hashtag" rel="nofollow noopener" target="_blank">#Zimbra</a>

heise online EnglishKunbus RevolutionPi: CISA warning about security vulnerabilitiesSeveral gaps affect PiCtory, a web application for configuring the mini industrial systems. Kunbus has published patches and its own warning messages.<a href="https://www.heise.de/en/news/Kunbus-RevolutionPi-CISA-warning-about-security-vulnerabilities-10372387.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/en/news/Kunbus-RevolutionPi-CISA-warning-about-security-vulnerabilities-10372387.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/IdentityManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#IdentityManagement</a> <a href="https://social.heise.de/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#IT</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a>

heise SecurityKunbus RevolutionPi: CISA-Warnung vor SicherheitslückenMehrere Lücken betreffen PiCtory, eine Webapplikation zur Konfiguration der Mini-Industriesysteme. Kunbus hat Patches und eigene Warnmeldungen veröffentlicht.<a href="https://www.heise.de/news/Kunbus-RevolutionPi-CISA-Warnung-vor-Sicherheitsluecken-10372184.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Kunbus-RevolutionPi-CISA-Warnung-vor-Sicherheitsluecken-10372184.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/IdentityManagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#IdentityManagement</a> <a href="https://social.heise.de/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener" target="_blank">#IT</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a>

Frontend DogmaHow to Protect Your Web Applications From XSS, by <a href="https://mastodon.social/@torgo" class="u-url mention" rel="nofollow noopener" target="_blank">@torgo</a> (<a href="https://w3c.social/@w3c" class="u-url mention" rel="nofollow noopener" target="_blank">@w3c</a>):<a href="https://www.w3.org/blog/2025/how-to-protect-your-web-applications-from-xss/" rel="nofollow noopener" translate="no" target="_blank">https://www.w3.org/blog/2025/how-to-protect-your-web-applications-from-xss/</a><a href="https://mas.to/tags/howtos" class="mention hashtag" rel="nofollow noopener" target="_blank">#howtos</a> <a href="https://mas.to/tags/webapps" class="mention hashtag" rel="nofollow noopener" target="_blank">#webapps</a> <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#security</a> <a href="https://mas.to/tags/xss" class="mention hashtag" rel="nofollow noopener" target="_blank">#xss</a>

Hackread.com🚨 Over 350 high-profile websites hit by 360XSS attack! Hackers exploited a <a href="https://mstdn.social/tags/Krpano" class="mention hashtag" rel="nofollow noopener" target="_blank">#Krpano</a> XSS flaw to hijack search results & distribute spam ads on government, university, & news sites.Read: <a href="https://hackread.com/over-350-high-profile-websites-hit-by-360xss-attack/" rel="nofollow noopener" translate="no" target="_blank">https://hackread.com/over-350-high-profile-websites-hit-by-360xss-attack/</a><a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mstdn.social/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://mstdn.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vulnerability</a> <a href="https://mstdn.social/tags/SEO" class="mention hashtag" rel="nofollow noopener" target="_blank">#SEO</a>

Niebezpiecznik NewsJak wykryć (i poprawnie załatać) XSS w swoich webaplikacjach?Kuba, nasz wieloletni trener szkolenia “Atakowanie i Ochrona Webaplikacji” przygotował krótki, ale mocno treściwy kurs online, który skupia się XSS, czyli na najpowszechniejszej dziurze w webaplikacjach. I zapewne poprzednie zdanie sporą część z Was już przekonało do zakupu, więc tutaj link wprost do koszyka. A dla reszty poniżej umieszczamy krótki opis, dlaczego warto zapoznać się z tym materiałem: 30 lekcji video, ~3h nagrań wieczysty dostęp do materiałów, oglądasz kiedy Ci pasuje i ile razy chcesz platforma z labami, dzięki której szybko nabierzesz wprawy oraz przećwiczysz materiał i narzędzia w praktyce dodatkowe notatki do lekcji doświadczony trener, który ma praktyczną wiedzę z zakresu bezpieczeństwa webaplikacji certyfikat udziału, więc części z Was ten kurs może opłacić pracodawca Kurs porusza tematykę od strony ofensywnej (zarówno w wariancie ręcznego testowania webaplikacji, jak i narzędzi wyszukujących podatności w sposób automatyczny) oraz od strony defensywnej (np. nagłówki bezpieczeństwa dotyczące XSS takie jak Content Security Policy). Poznaj techniki ataków XSS, które dotyczą większości współczesnych webaplikacji. Naucz się obsługi narzędzi, dzięki którym będziesz w stanie samodzielnie namierzyć dziury w Twoich serwisach internetowych, zanim zrobią to inni. Zwiększ kompetencje swojego firmowego zespołu o aspekty cyberbezpieczeństwa. Zobacz pełną agendę i lekcję demo na stronie kursu. Ile to kosztuje? To pierwsza edycja tego kursu, więc sprzedajemy go za jedyne 366zł. Ale uwaga! Sprzedaż potrwa tylko do 10 marca 23:59. Potem cena znacząco wzrośnie, a taniej nigdy nie będzie. Aktualna cena to kwota [...]<a href="https://mastodon.com.pl/tags/JakubMrugalski" class="mention hashtag" rel="nofollow noopener" target="_blank">#JakubMrugalski</a> <a href="https://mastodon.com.pl/tags/KursXSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#KursXSS</a> <a href="https://mastodon.com.pl/tags/Niebezpiecznik" class="mention hashtag" rel="nofollow noopener" target="_blank">#Niebezpiecznik</a> <a href="https://mastodon.com.pl/tags/SzkoleniaOnline" class="mention hashtag" rel="nofollow noopener" target="_blank">#SzkoleniaOnline</a> <a href="https://mastodon.com.pl/tags/SzkoleniaPrzezInternet" class="mention hashtag" rel="nofollow noopener" target="_blank">#SzkoleniaPrzezInternet</a> <a href="https://mastodon.com.pl/tags/SzkoleniaZCyberbezpiecze%C5%84%C5%9Btwa" class="mention hashtag" rel="nofollow noopener" target="_blank">#SzkoleniaZCyberbezpieczeńśtwa</a> <a href="https://mastodon.com.pl/tags/SzkoleniaZdalne" class="mention hashtag" rel="nofollow noopener" target="_blank">#SzkoleniaZdalne</a> <a href="https://mastodon.com.pl/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a><a href="https://niebezpiecznik.pl/post/jak-wykryc-i-poprawnie-zalatac-xss-w-swoich-webaplikacjach/" rel="nofollow noopener" translate="no" target="_blank">https://niebezpiecznik.pl/post/jak-wykryc-i-poprawnie-zalatac-xss-w-swoich-webaplikacjach/</a>

V0lk3n :verified:I published my WriteUp of MagicGardens box from @hackthebox_eu👇👇👇<a href="https://v0lk3n.github.io/writeup/HackTheBox/Box/MagicGardens/HTB-MagicGardens_WriteUp" rel="nofollow noopener" translate="no" target="_blank">https://v0lk3n.github.io/writeup/HackTheBox/Box/MagicGardens/HTB-MagicGardens_WriteUp</a>I hope that you will like it :)<a href="https://infosec.exchange/tags/HTB" class="mention hashtag" rel="nofollow noopener" target="_blank">#HTB</a> <a href="https://infosec.exchange/tags/BufferOverflow" class="mention hashtag" rel="nofollow noopener" target="_blank">#BufferOverflow</a> <a href="https://infosec.exchange/tags/CSRF" class="mention hashtag" rel="nofollow noopener" target="_blank">#CSRF</a> <a href="https://infosec.exchange/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://infosec.exchange/tags/DevTools" class="mention hashtag" rel="nofollow noopener" target="_blank">#DevTools</a> <a href="https://infosec.exchange/tags/Missconfiguration" class="mention hashtag" rel="nofollow noopener" target="_blank">#Missconfiguration</a> <a href="https://infosec.exchange/tags/docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#docker</a> <a href="https://infosec.exchange/tags/django" class="mention hashtag" rel="nofollow noopener" target="_blank">#django</a> <a href="https://infosec.exchange/tags/Pentest" class="mention hashtag" rel="nofollow noopener" target="_blank">#Pentest</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/HackTheBox" class="mention hashtag" rel="nofollow noopener" target="_blank">#HackTheBox</a>

heise online EnglishPatch now: Cross-site scripting and denial of service possible in GitLabGitLab warns of three vulnerabilities, one of which has a threat level of "high". Patches are available for the newer versions. <a href="https://www.heise.de/en/news/Patch-now-Cross-site-scripting-and-denial-of-service-possible-in-GitLab-10255012.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/en/news/Patch-now-Cross-site-scripting-and-denial-of-service-possible-in-GitLab-10255012.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://social.heise.de/tags/DoSSchwachstelle" class="mention hashtag" rel="nofollow noopener" target="_blank">#DoSSchwachstelle</a> <a href="https://social.heise.de/tags/Git" class="mention hashtag" rel="nofollow noopener" target="_blank">#Git</a> <a href="https://social.heise.de/tags/Patchday" class="mention hashtag" rel="nofollow noopener" target="_blank">#Patchday</a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sicherheitslücken</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Versionskontrolle" class="mention hashtag" rel="nofollow noopener" target="_blank">#Versionskontrolle</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a>

heise online EnglishHome server operating system: Updates fix security vulnerabilities in UnraidAttackers could exploit the gaps to inject their own JavaScript code or malicious plug-ins into the UnRAID admin.<a href="https://www.heise.de/en/news/Home-server-operating-system-Updates-fix-security-vulnerabilities-in-Unraid-10253478.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/en/news/Home-server-operating-system-Updates-fix-security-vulnerabilities-in-Unraid-10253478.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://social.heise.de/tags/NAS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NAS</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a>

heise SecurityHeimserver-Betriebssystem: Updates beheben Sicherheitslücken in UnraidAngreifer könnten die Lücken ausnutzen, um dem UnRAID-Admin eigenen Javascript-Code oder bösartige Plug-ins unterzuschieben.<a href="https://www.heise.de/news/Heimserver-Betriebssystem-Updates-beheben-Sicherheitsluecken-in-Unraid-10253366.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Heimserver-Betriebssystem-Updates-beheben-Sicherheitsluecken-in-Unraid-10253366.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://social.heise.de/tags/NAS" class="mention hashtag" rel="nofollow noopener" target="_blank">#NAS</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a>

yamato93🚀 I’m excited to share my Stored XSS Testing Tool! This tool automates Stored XSS testing by injecting payloads and checking their persistence in web applications. 🕵️‍♂️💻Check it out on GitHub: 🔗 GitHub RepoLooking forward to connecting with the cybersecurity community! 👨‍💻🔐<a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mastodon.social/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://mastodon.social/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#PenTesting</a> <a href="https://mastodon.social/tags/Docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#Docker</a> <a href="https://mastodon.social/tags/GoLang" class="mention hashtag" rel="nofollow noopener" target="_blank">#GoLang</a> <a href="https://mastodon.social/tags/WebSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebSecurity</a> <a href="https://mastodon.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mastodon</a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a>

yamato93🌐 My First Post on Mastodon! 🚀I’m excited to share my Reflected XSS Testing Tool with the community! This tool helps penetration testers automate Reflected XSS testing by injecting payloads and logging responses. 🕵️‍♂️💻 Features: Fully Dockerized for portability Predefined payloads HTTP response logs Check it out on GitHub: 🔗 GitHub Repo Looking forward to connecting with the cybersecurity community! 👨‍💻🔐 <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a> <a href="https://mastodon.social/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://mastodon.social/tags/PenTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#PenTesting</a> <a href="https://mastodon.social/tags/GoLang" class="mention hashtag" rel="nofollow noopener" target="_blank">#GoLang</a> <a href="https://mastodon.social/tags/Docker" class="mention hashtag" rel="nofollow noopener" target="_blank">#Docker</a> <a href="https://mastodon.social/tags/WebSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#WebSecurity</a> <a href="https://mastodon.social/tags/Mastodon" class="mention hashtag" rel="nofollow noopener" target="_blank">#Mastodon</a> <a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#OpenSource</a>

heise online EnglishCyberPanel: Attackers can infiltrate malicious codeTwo vulnerabilities have been discovered in the CyberPanel server management software. They allow attackers to inject arbitrary code.<a href="https://www.heise.de/en/news/CyberPanel-Attackers-can-infiltrate-malicious-code-10203262.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/en/news/CyberPanel-Attackers-can-infiltrate-malicious-code-10203262.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sicherheitslücken</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a>

heise SecurityCyberPanel: Angreifer können Schadcode einschleusenIn der Server-Verwaltungssoftware CyberPanel wurden zwei Schwachstellen entdeckt. Sie erlauben Angreifern das Einschleusen beliebigen Codes.<a href="https://www.heise.de/news/CyberPanel-Angreifer-koennen-Schadcode-einschleusen-10202632.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/CyberPanel-Angreifer-koennen-Schadcode-einschleusen-10202632.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sicherheitslücken</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a>

heise online EnglishWeb-Security: With Content Security Policy against Cross-Site Scripting, Part 2Extended CSP directives help to protect applications efficiently against cross-site scripting. <a href="https://www.heise.de/en/background/Web-Security-With-Content-Security-Policy-against-Cross-Site-Scripting-Part-2-10175628.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/en/background/Web-Security-With-Content-Security-Policy-against-Cross-Site-Scripting-Part-2-10175628.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/JavaScript" class="mention hashtag" rel="nofollow noopener" target="_blank">#JavaScript</a> <a href="https://social.heise.de/tags/Programmiersprachen" class="mention hashtag" rel="nofollow noopener" target="_blank">#Programmiersprachen</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener" target="_blank">#Sicherheitslücken</a> <a href="https://social.heise.de/tags/Webentwicklung" class="mention hashtag" rel="nofollow noopener" target="_blank">#Webentwicklung</a> <a href="https://social.heise.de/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a>

sekurak NewsAtakują komputery Apple dwoma podatnościami 0day. Łatajcie się ASAP!Dla pewności – podatność 0day, to taka, która jest znana atakującym, ale jeszcze nieznana producentowi danego oprogramowania. W skrócie – nawet jak jesteś w pełni załatany to i tak ktoś może Cię zaatakować. Podatności, w przeglądarce Safari, o których piszę właśnie zostały załatane, wiec w zasadzie przestały być 0day (ale...<a href="https://mastodon.com.pl/tags/WBiegu" class="mention hashtag" rel="nofollow noopener" target="_blank">#WBiegu</a> <a href="https://mastodon.com.pl/tags/0Day" class="mention hashtag" rel="nofollow noopener" target="_blank">#0Day</a> <a href="https://mastodon.com.pl/tags/Appke" class="mention hashtag" rel="nofollow noopener" target="_blank">#Appke</a> <a href="https://mastodon.com.pl/tags/Exploit" class="mention hashtag" rel="nofollow noopener" target="_blank">#Exploit</a> <a href="https://mastodon.com.pl/tags/Macos" class="mention hashtag" rel="nofollow noopener" target="_blank">#Macos</a> <a href="https://mastodon.com.pl/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a><a href="https://sekurak.pl/atakuja-komputery-apple-dwoma-podatnosciami-0day-latajcie-sie-asap/" rel="nofollow noopener" translate="no" target="_blank">https://sekurak.pl/atakuja-komputery-apple-dwoma-podatnosciami-0day-latajcie-sie-asap/</a>

heise online EnglishCross-site scripting: vulnerabilities in pfSense enable admin cookie theftThe open source firewall pfSense has several holes through which attackers can inject their own Javascript code. Updates are available.<a href="https://www.heise.de/en/news/Cross-site-scripting-vulnerabilities-in-pfSense-enable-admin-cookie-theft-9697995.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/en/news/Cross-site-scripting-vulnerabilities-in-pfSense-enable-admin-cookie-theft-9697995.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a>

heise online EnglishFree admin panel: Code smuggling through cross-site scripting in Froxlor Thanks to sloppy input filtering, attackers can execute JavaScript in the server admin's browser without logging in. A patch is available.<a href="https://www.heise.de/en/news/Freies-Admin-Panel-Codeschmuggel-durch-Cross-Site-Scripting-in-Froxlor-9721705.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/en/news/Freies-Admin-Panel-Codeschmuggel-durch-Cross-Site-Scripting-in-Froxlor-9721705.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#XSS</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#Security</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener" target="_blank">#news</a>

pancake :radare2:Croissant Scripting <a href="https://infosec.exchange/tags/xss" class="mention hashtag" rel="nofollow noopener" target="_blank">#xss</a>

Recent searches

Search options

Administered by:

Server stats:

#xss