SSLoad Malware Utilizes MSI Installer to Initiate Delivery Chain
Malware distributors exploit MSI installers because Windows OS inherently trusts them to run with administrative rights, bypassing security controls. This makes MSI files a convenient method for disseminating ransomware, spyware, [...]
Biometric Terminal Exposed to QR Code SQL Injection Vulnerability
A popular ZKTeco biometric terminal has critical vulnerabilities, including an SQL injection flaw via QR codes. This discovery raises serious concerns about the security of widely used biometric access control [...]
EmailGPT Vulnerability Exposes Sensitive Data to Attackers
A new prompt injection vulnerability, CVE-2024-5184, has been found in EmailGPT, the service and Chrome plugin that assists Gmail users in composing emails with OpenAI's GPT model. This vulnerability allows [...]
PoC Exploit Released for Veeam Authentication Bypass Flaw
A PoC exploit has been released for the critical Veeam Backup Enterprise Manager authentication bypass vulnerability, CVE-2024-29849, with a CVSS score of 9.8. This article explores the vulnerability, exploit, and [...]
Muhstik Malware Attacks Apache RocketMQ for Remote Code Execution
Apache RocketMQ, a widely used messaging system for handling high volumes of data and critical operations, often attracts hackers. Exploiting RocketMQ vulnerabilities allows attackers to disrupt communications, access sensitive information, [...]
FHN 
