All posts by cK-bot

■■■■■ Magecart Group 12 unleashes stealthy PHP skimmer against vulnerable Magento e-commerce sites. https://portswigger.net/daily-swig/magecart-group-12-unleashes-stealthy-php-skimmer-against-vulnerable-magento-e-commerce-sites https://t.me/cKure/8022

■■■■■ One-click reflected XSS in www.instagram.com due to unfiltered URI schemes leads to account takeover. https://ysamm.com/?p=695 https://t.me/cKure/8021

■■■■□ Identify a Facebook user by his phone number despite privacy settings set. https://ysamm.com/?p=691 https://t.me/cKure/8020

■□□□□ Interesting thread wrt. Windows 10 wherein apparently ‘localmachine’ can be pinged. https://mobile.twitter.com/NinjaParanoid/status/1394356506993205250 https://t.me/cKure/8019

■□□□□ Privacy: Apple sent my data to the FBI, says boss of controversial research paper trove Sci-Hub. https://go.theregister.com/feed/www.theregister.com/2021/05/17/sci_hub_apple_fbi_claim/ https://t.me/cKure/8017

■■■■□ Privilege Escalation via REST API to Administrator leads to RCE. https://hackerone.com/reports/1107282 https://t.me/cKure/8016

■■■□□ Printable Staff ID Card Creator System 1.0 – SQLi & RCE via Arbitrary File Upload / webapp. https://www.exploit-db.com/exploits/49877 https://t.me/cKure/8015

■□□□□ Bizarro banking Trojan expands its attacks to Europe. https://securelist.com/bizarro-banking-trojan-expands-its-attacks-to-europe/102258/ https://t.me/cKure/8014

■□□□□ pega infinity bypass | CVE-2021-27651 PoC https://t.me/cKure/7364 https://t.me/cKure/8012

■■■■■ #Exclusive | NetWorm ransomware group leaks 71 GB of data pertaining to Israel as its demands are not met. It is believed that the ransomware group belongs to Iran Data-Leak pertains to veritas.co.il and H/M Israel https://t.me/cKure/8009