Educational Python web vulnerability scanner for detecting basic reflected XSS and SQL injection indicators in web applications. The scanner crawls a target website, finds links and HTML forms, sends ...
Threat actors are exploiting a vulnerability in Gitea’s reverse-proxy authentication mechanism to access internet-accessible instances by supplying only a valid username.
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
Nextcloud exposed 367,000 internal records after a hosting misconfiguration left an Elasticsearch database publicly accessible. The leaked files included invoices, contracts, employee details, emails, ...