Articles Categorized as Exploits
-
Bypassing a WAF and a CSP with Google Tag Manager: An Attacker’s Perspective and Remediation AdviceRyan Chaplin takes an in-depth look at how attackers can use unsafe directives to bypass CSP, notably in Google Tag Manager, and how to remediate the issue. -
CVE-2025-59886 Eaton Exploit Code PublishedWith exploit code available for the vulnerabilities in Eaton’s xComfort Ethernet Communication Interface, Jason Taylor recommends replacing or isolating. -
Publicly Accessible Database Discovered Hosting 149 Million CredentialsAndrew Trexler looks at a recently discovered public database of stolen usernames and passwords and what you can do now to protect your access and information. -
The Growing Threat: Attackers Using GitHub Repositories as Malware Staging MechanismsRecent attacks, including GitVenom and Lumma Stealer, underscore the threat of Attackers using GitHub repositories as malware staging mechanisms. -
CVE‑2020‑12812 and Why It’s Still an Issue Five Years LaterPrincipal Penetration Tester Scottie Cole explains why Fortinet released a new security advisory about CVE‑2020‑12812 and what your organization should check. -
Data Theft Exploit Part 2: DNS Exfiltration AttackRaxis’ Jason Taylor is back with a detailed tutorial on performing both manual and automated DNS exfiltration attacks for pentesting.
