SecurityWeek

Gogs Zero-Day Exposes Servers to Remote Code Execution

Open source Git service Gogs is affected by a critical-severity zero-day vulnerability that exposes servers to remote code execution.

No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out

Researcher reported the vuln in March. Maintainers haven't responded to his messages since ...
The Hacker News

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an ...

Root Evidence Research Finds Only 1.4% of Vulnerabilities Are Known to Be Exploited in Real-World Attacks

Root Evidence, the cybersecurity startup championing evidence-based security, today released new research showing that the ...
Bleeping Computer

Flaw in Grandstream VoIP phones allows stealthy eavesdropping

A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications. VoIP communication ...
GitHub

Metasploit Guide Post Gather Modules

Metasploit's post modules are useful after a Metasploit session has opened. This guide focuses on Post modules for gathering additional information from a host after a Metasploit session has opened.
GitHub

metasploit-modules

This Metasploit module exploits an unauthenticated remote code execution vulnerability which exists in Apache version 2.4.49 (CVE-2021-41773). If files outside of the document root are not protected ...
TechRepublic

Homebrew: How to install vulnerability tools on macOS

We’ll guide you through the process of using Homebrew package manager to install security tools on macOS to assess vulnerabilities and the security posture of the devices on your network. When ...