Facebook Proof of Concept

Patched Facebook Vulnerability Could Have Exposed Private Information About You and Your Friends

In a previous blog we highlighted a vulnerability in Chrome that allowed bad actors to steal Facebook users’ personal information; and, while digging around for bugs, thought it prudent to see if there were any more loopholes that bad actors might be able to exploit. What popped up was a ... Read More
A Bug in Chrome Gives Bad Actors License to Play ‘20 Questions’ with Your Private Data

A Bug in Chrome Gives Bad Actors License to Play ‘20 Questions’ with Your Private Data

In a 2013 interview with The Telegraph, Eric Schmidt, then CEO of Google was quoted as saying: “You have to fight for your privacy or lose it.” Five years later, with the ‘Cambridge Analytica’ data breach scandal fresh in our memory, Eric Schmidt’s statement rings as a self-evident truth. Similarly ... Read More
WordPress Arbitrary File Deletion Vulnerability Plugged With Patch 4.9.7

WordPress Arbitrary File Deletion Vulnerability Plugged With Patch 4.9.7

On Jun 26 an arbitrary file deletion vulnerability in the WordPress core was publicly disclosed, the vulnerability could allow an authenticated attacker to delete any file and in some cases execute arbitrary code. WordPress is a free, popular, and open-source content management system currently powering over 30% of the known ... Read More

Drupalgeddon3: Third Critical Flaw Discovered

For the third time in the last 30 days, Drupal site owners are forced to patch their installations. As the Drupal team noted a few days ago, new versions of the Drupal CMS were released, to patch one more critical RCE vulnerability affecting Drupal 7 and 8 core. The vulnerability, ... Read More