SEC-SEE: Maven Security site

Latest Security News

Security Affairs

CVE-2026-3888: Ubuntu Desktop 24.04+ vulnerable to Root exploit - Ubuntu flaw CVE-2026-3888 lets attackers gain root via a systemd timing exploit, affecting Desktop 24.04+ with high severity. Qualys researchers found a hi...
1 hour ago
Schneier on Security

Meta’s AI Glasses and Privacy - Surprising no one, Meta’s new AI glasses are a privacy disaster. I’m not sure what can be done here. This is a technology that will exist, whether we lik...
2 hours ago
BleepingComputer

Apple pushes first Background Security Improvements update to fix WebKit flaw - Apple has released its first Background Security Improvements update to fix a WebKit flaw tracked as CVE-2026-20643 on iPhones, iPads, and Macs without req...
12 hours ago
Didier Stevens

Update: oledump.py Version 0.0.85 - Fixing newlines in some plugins. oledump_V0_0_85.zip (http)MD5: D972CE411B395EF77DBCE9A63059E8C1SHA256: 721C095F3126745A42720316A0B3AC1BCCB9DCDBBA9FF59F5FE...
1 day ago
Kaspersky Lab official blog

When AI hallucinations turn fatal: how to stay grounded in reality | Kaspersky official blog - A 36-year-old American man took his own life after two months of interacting with Gemini, with the chatbot reportedly pushing the concept of digital immort...
1 day ago
Elusive Thougts

- 🔗 Connecting Claude AI with Kali Linux & Burp Suite via MCP The Practical Guide to AI-Augmented Penetration Testing in 2026 📅 March 2026 ✍️ altcoinwonder...
2 days ago
Dancho Danchev's Blog - Mind Streams of Information Security Knowledge

IoCs (Indicators of Compromise) for the Coruna iOS iPhone Web Malware Client Side Exploits Serving Web Malware Exploitation Kit - Dear blog readers, I recently took the time and effort and do some research on the recently made public Coruna iOS iPhone client-side exploits serving we...
5 days ago
Krebs on Security

Iran-Backed Hackers Claim Wiper Attack on Medtech Firm Stryker - A hacktivist group with links to Iran's intelligence agencies is claiming responsibility for a data-wiping attack against Stryker, a global medical technol...
6 days ago
Digital Whisper - גיליונות

הגליון המאה שמונים ושלושה של DigitalWhisper שוחרר! - הגליון המאה שמונים ושלושה של DigitalWhisper שוחרר!פורסם ב- March 1, 2026 16:56:42, על ידי- sapirxfed ברוכים הבאים לדברי הפתיחה של הגליון ה-183 של Digital...
2 weeks ago
TaoSecurity

Happy 23rd Birthday TaoSecurity Blog - Happy birthday TaoSecurity Blog, born on this day in 2003! The best way to digest the key lessons from this site is to browse my four volume Best of Ta...
2 months ago
Dr Anton Chuvakin Blog PERSONAL Blog

Recommended: MCP Is Broken and Anthropic Just Admitted It - I recommended MCP Is Broken and Anthropic Just Admitted It on TysonRhame. About me: http://www.chuvakin.org
2 months ago
XyliBox

BestAV (Fake Antispyware affiliate) exposed - Hello everyone, it's been a while. One of the first affiliate systems I ever infiltrated was BestAV, back in 2011, the same year I started XyliBox. Over...
6 months ago
‫לא בטוח - בלוג אבטחת המידע של איתן כספי‬

רעיון לשיפור אבטחת SSL VPN – צמצום משטח התקיפה של ה-Gateway על ידי מתן גישה רק ללקוחות DDNS שאושרו מראש - (שלום רב קוראים יקרים – אם אתם מכירים מישהו שעובד עבור יצרנית של SSL VPN – בפיתוח תוכנה, ניהול מוצר וכדומה, אנא שלחו לו או לה קישור לפוסט הזה, בתקווה שהר...
7 months ago
Healthcare IT News - Privacy & Security

Readying hospital defenses for the AI-powered phishing surge - Artificial Intelligence Privacy & Security Workforce As phishing tactics evolve, healthcare organizations need to act quickly to shore up defenses and close...
8 months ago
Lenny Zeltser on Information Security

How Security and Privacy Teams Break Barriers Together - While cybersecurity and data privacy leaders have distinct expertise, our fundamental goals are aligned. By understanding each other’s perspectives and pri...
8 months ago
KitPloit - PenTest Tools!

Shodan-Dorks - Dorks for Shodan; a powerful tool used to search for Internet-connected devices - This GitHub repository provides a range of search queries, known as "dorks," for Shodan, a powerful tool used to search for Internet-connected devices. T...
10 months ago
Andrew Hay

Andrew Hay’s 2025 Cybersecurity Predictions - As we approach 2025, the ever-evolving landscape of cybersecurity continues to challenge professionals and organizations alike. Based on observed trends an...
1 year ago
HITBSecNews

North Korean hackers posing as IT workers steal over $1B in cyberattack - North Korean hackers posing as IT workers steal over $1B in cyberattack l33tdawg Fri, 11/29/2024 - 10:31
1 year ago
HealthITSecurity

Eye care company suffers 377K-record data breach - Panorama Eyecare, a Fort… read more
1 year ago
ToolsWatch.org - The Hackers Arsenal Tools | Repository for vFeed and DPE Projects

Strengthening Security: ToolsWatch Welcomes Dr. Magda Lilia Chelly and Vivek Ramachandran to Black Hat Arsenal’s Board of Review - In the ever-evolving landscape of cybersecurity, staying ahead of the curve is paramount. As digital
1 year ago
Uncommon Sense Security

What a lovely sunset - Oh, hi. Long time no blog, eh? Well, it is time to sunset this blog, I will be deleting it in the next few weeks. So long, and thanks for all the fis...
2 years ago
Room362

Simple PHP webshell with php filter chains - Recently found an LFI in a PHP application and one of the cool things I learned about recently was PHP filter chains. More info here: https://www.synacktiv...
2 years ago
McAfee Blogs

A Scam in the Family—How a Close Relative Lost $100,000 to an Elder Scam - Written by James Schmidt Editor’s Note: We often speak of online scams in our blogs, ones that cost victims hundreds... The post A Scam in the Family—Ho...
3 years ago
Symantec Blogs

Symantec Identity: Stepping Up to Meet the COVID-19 Crisis - COVID-19 confronted healthcare providers and governments with unprecedented requests for access, aid, and assistance. Here’s how one team at Symantec is ri...
5 years ago
shell is only the beginning

Getting DNS Client Cached Entries with CIM/WMI - What is DNS Cache The DNS cache maintains a database of recent DNS resolution in memory. This allows for faster resolution of hosts that have been queried ...
6 years ago
VirusBay Blog

How Reverse Engineering (and Cyber-Criminals’ Mistakes) Can Help You When You’ve Been a Ransomware Victim - Ransomware is a type of malware that threatens to publish the victim’s data or perpetually block access to it unless a ransom is paid. In the last two year...
6 years ago
Hackbusters.com

Tencent Shuts Down PUBG Mobile in China For Patriotic Alternative - Slashdot - Full Abbreviated Hidden /Sea Score: 5 4 3 2 1 0 -1
6 years ago
I Am Security

Random CSO Musing - One of the biggest challenges of running a security organization is balancing the ongoing efforts, with strategic directions, all while keeping the “pressu...
7 years ago
Network Security Blog

Lucky Break - One of the things I do from time to time is throw out an open ended question on Twitter. Sometimes I’m making a point, sometimes I just want to amuse myse...
7 years ago
DeepEnd Research

Indonesian Spam Communities - In our last post we tried to shed some light at what seemed to appear as a very common PayPal phishing email at first glance, but evidently turned out to b...
7 years ago
Technolust since 2005

TekThing 161 – Bitcoin Sucks For Gaming PCs!!! Our Video Gear, Fingbox Home Network Security - —— Thank You Patrons! Without your support via patreon.com/tekthing, we wouldn’t be able to make the show for you every week! https://www.patreon.com/tekth...
8 years ago
טל פבל

Romania is vice-champion at the European Cyber Security - CERT-RO The National Response Center for Cyber Security Incidents affirmed on Friday that Romania, for the second consecutive year, has become the European...
8 years ago
Malware don't need Coffee

CoalaBot : http Ddos Bot - CoalaBot appears to be build on August Stealer code (Panel and Traffic are really alike) I found it spread as a tasks in a Betabot and in an Andromeda sp...
8 years ago
SecManiac.com

Social-Engineer Toolkit (SET) v7.7 “Blackout” Released - TrustedSec is proud to announce a major release of the Social-Engineer Toolkit (SET) v7.7. This version incorporates support for hostnames in the HTA att...
8 years ago
Security Intelligence

Big Changes Around the Corner for the IoT - The IoT is transforming before our eyes due to increasing regulations, growing demand for security standards and advancements in the telecom industry. T...
8 years ago
0xicf

ClearEnergy ransomware can destroy process automation logics in critical infrastructure, SCADA and industrial control systems. - Schneider Electric, Allen-Bradley, General Electric (GE) and more vendors are vulnerable to ClearEnergy ransomware. Researchers at CRITIFENCE® Critical I...
8 years ago
ROOTCON Blog

ROOTCON 10 Capture The Flag Statistics - During ROOTCON 10, we introduced a new dedicated track for our Capture The Flag, with the comfortable CTF tables and chairs the game was well participated ...
9 years ago
חושב אחרת על אבטחת מידע

קיר הבושה: מחצית ראשונה של שנת 2016 - מגמות בפגיעה במידע רפואי בארה"ב - תרגום מאמר : http://www.healthcareinfosecurity.com/wall-shame-mid-year-2016-breach-trends-a-9245 שני דברים שאני, יאיר, לוקח מהמאמר הזה כלקחים נכון להיום:1....
9 years ago
Aten Labs

The ‘Compliance Only / CISSP / Minimum Viable Product / HR firewall’ infosec trapezoid of fuck - Yesterday (thurs, 3/24/16) I went on a tirade on twitter, regarding an experience I had in San Francisco during RSA week, while at a vendor party. I’ll let...
9 years ago
Security Labs

Dridex Down Under - Raytheon | Websense® Security Labs™ has been tracking malicious email campaigns associated with the Dridex banking Trojan since 2014. An interesting deve...
10 years ago
Malware at Stake

[Updated] Nurturing JavaScript Obfuscation and Fast Flux DNS - "Whats App Voicemail Spamming" for Russian Online Pharmacies! - Recently, we analyzed that spammers are doing "Whats App Fake Voicemail" spamming to trick end-users to visit online pharmacies' websites. There are high...
10 years ago
Computer & Incidents | life.

What Verizon Missed in the Latest Threat Reports - * By: Zuk Avraham, Joshua Drake, Yaniv Karta, Jimmy Sha * * Read the full report - here Recently, Veriz...
10 years ago
בלוג אבטחת מידע

Forensic - אחת מהבעיות העיקריות בביצוע תהליך FORENSIC הוא לאחר ביצוע תהליך שיכפול ה - Harddisk (על פי כל התקנים של שיכפול ביט אחרי ביט), היא לבצע מחקר על *מחשב חי...
10 years ago
M86 Security Labs Blog

Blog Moved - Please see the Trustwave SpiderLabs Blog.
10 years ago
SpiderLabs Anterior

TrustKeeper Scan Engine Update – February 4, 2015 - The latest update to the TrustKeeper scan engine that powers our Trustwave Vulnerability Management product (including both internal and external vulnerabi...
11 years ago
Amrit Williams Blog

RSA Announces End of RSA Security Conference - Aims to bring clarity to cloudy marketing messages through exhibit hall chotskies Bedford, MA., – April 1, 2014 – RSA, the security division of EMC, today ...
11 years ago
stratBLOG - stratsec security research

botCloud – an emerging platform for cyber-attacks - Hosting network services on Cloud platforms is getting more and more popular. It is not in the scope of this article to elaborate the advantage of using Cl...
13 years ago
pentestmonkey

mimikatz: Tool To Recover Cleartext Passwords From Lsass - I meant to blog about this a while ago, but never got round to it. Here’s a brief post about very cool feature of a tool called mimikatz. I’m very grateful...
14 years ago
HexEsec | a pentester's view

Pentestify. - i’m over here now.
14 years ago
Site Home

-
sudosecure.net

-
threatpost | The First Stop for Security News

-
Security Art Blog

-
Threat Landscape Dashboard | McAfee

-
WHITE HAT HACKER

-
Seculert Blog

-
Securelist / Blog

-
Narkolayev Shlomi

-

Show All