CSO Online

HP Poly VoIP vulnerability sets the stage for executive voice deepfakes

The remote code execution flaw enables root access and voice attacks on HP Poly VoIP phones, including eavesdropping and the ...

AI-built ransomware toolkit automates EDR evasion, AD discovery

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade ...

No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out

Researcher reported the vuln in March. Maintainers haven't responded to his messages since ...
The Hacker News

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...

Root Evidence Research Finds Only 1.4% of Vulnerabilities Are Known to Be Exploited in Real-World Attacks

Root Evidence, the cybersecurity startup championing evidence-based security, today released new research showing that the ...
GitHub

exchange_proxylogon_rce.rb

commands on the remote Microsoft Exchange Server. This vulnerability affects (Exchange 2013 Versions < 15.00.1497.012, Exchange 2016 CU18 < 15.01.2106.013, Exchange 2016 CU19 < 15.01.2176.009, ...
GitHub

metasploit-modules

This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected ...
TechRepublic

Homebrew: How to install exploit tools on macOS

We’ll guide you through the process of using Homebrew package manager to install security tools on macOS to exploit vulnerabilities found in your Apple equipment. In this follow-up to the installing ...