BMC Series
Linux Privilege Escalation – the Practical Hacking Cheatsheet Series
Tutorials
Breaking the Monolith: The Definitive Guide to Switching from systemd to OpenRC on Debian
Critical Gogs RCE Vulnerability: Unpatched 0-Day Sitting Open for Over Two Months
A critical CVSS 9.4 zero-day RCE vulnerability has been found in Gogs. Learn how the git rebase exploit works and how to secure your server today
The TrapDoor Supply Chain Attack: Coordinated Multi-Registry Campaign Hits npm, PyPI, and Crates.io
Inside the TrapDoor supply chain attack. Discover how 34+ packages across npm, PyPI, and Crates.io use AI prompt injection to steal dev secrets
Mini Shai-Hulud Worm Hits npm: TanStack and Mistral Among 160+ Packages Compromised in Massive Supply Chain Attack
Full list of 160+ packages compromised by the Mini Shai-Hulud worm, including TanStack, Mistral AI, and UiPath. Technical deep-dive and recovery
Nitrogen Ransomware Claims 8TB Theft from Foxconn’s Wisconsin Plant
8TB breach hits Foxconn Wisconsin! Nitrogen ransomware group claims 11 million files stolen, including Apple & Google specs
Malicious “OpenAI Privacy Filter” Hits #1 on Hugging Face: 244K Downloads of Stealthy Infostealer
A fake OpenAI Privacy Filter repository reached #1 on Hugging Face, tricking 244K users into downloading a Rust-based infostealer. Learn about it
Remote Desktop Software AnyDesk Hacked, Users Urged to Change Passwords
AnyDesk hacked: Cyberattack compromises production systems, raising concerns over source code security and user data. Immediate actions taken, passwords revoked, and new security measures implemented
Jenkins Security Alert: Critical Vulnerability Exposes Servers to Remote Code Execution (RCE) Attacks
Jenkins Security Alert: Critical vulnerability poses remote code execution risk. Servers exposed. Immediate action required to patch and safeguard systems against potential exploitation. Stay vigilant