3241
Talk and help about bugbounty
https://youtube.com/shorts/lqzWKotFNAU?feature=share
Читать полностью…
Anyone looking for cybersecurity tutorials like
Soc Analyst
Vapt
Splunk Admin
Qradar Admin
Pentesting
Can ping for complete resources like videos docs and interview questions
Guys question so im testing a site on the subject of data exfiltration or data bounce dns querys so i added a payload with interactsh out of band obb so in fields for testing like name last name nothing no reflection but i reached to an endpoint on where you purchase on the page i tried that url with an html and run it in the same brower where im logged in now i got a call back but my question is what from there where does the exfil happen
Читать полностью…
💀🚨 Critical Zero-Day Vulnerability Exposes Viasat Satellite Modems to Remote Code Execution: CVE-2024-6198 Uncovered in Multiple Models
Hey hackers, were you aware that a significant zero-day attack recently affected Viasat’s satellite modems? A serious flaw in these devices, which are essential for satellite internet, could allow attackers to run remote code without authentication. Read on to learn how this attack operates and why it is important it will change the face of embedded device security.
Executive Summary : “An attacker might change the responses in order to inject code that causes a buffer overflow on the modem if they manage to obtain access to the WAN interface and intercept the Dynamic DNS (DDNS) communication between the modem and DDNS services. This vulnerability does not, however, affect users who have not activated Dynamic DNS on their devices.“
Viasat offers satellite internet services to a variety of businesses, including rural broadband and military communications. These services rely on their modems, which are used in situations where security is of the utmost importance.
Want To Get Into Depth, have a look at the Article For 0'Day 👉🏻 https://hackingblogs.com/critical-zero-day-vulnerability-viasat-satellite/
For Free Resources and daily alert on Cybersec Article , Blogs And News, You Can Join The Telegram Group 👉🏻 /channel/HackingBlogsGroup
https://hackingblogs.com/indian-cyber-force-breaches-pakistan-largest-bank/
Читать полностью…
https://hackingblogs.com/major-ai-models-affected-by-prompt-injection-pppi
Читать полностью…
Caused i received msg for my first bounty and this happened
Читать полностью…
https://play.google.com/store/apps/details?id=authenticator.two.factor.authentication.otp
Читать полностью…
Hii everyone I'm in big trouble
I turned on the 2FA on yeswehack with the help of a third party authenticator but recently i reset my phone and lost the access of the authenticator and there are no options for backup code on authenticator or on yeswehack What can I do please help
https://hackingblogs.com/tiktok-hacked-972528-passwords-at-risk-in-leak
Читать полностью…
https://hackingblogs.com/supercard-x-2025s-most-dangerous-android-malware/
Читать полностью…
Methodology ....i know all the concepts so .
... u count me in a beginner level so can u guide me
Hy guyz can u guide me how to start bug bounty....
Читать полностью…
i get a .env file and while opening that it give me 403 error how to bypass and access the data any methods or tricks for this
Читать полностью…
🚨🐧Linux Kernel Hacked: CVE-2025-21756 – Exploiting the Vsock UAF for Root Access
Executive Summary : The Linux kernel’s Vsock subsystem has a privilege escalation vulnerability known as CVE-2025-21756. It is brought on by an incorrect reference count decrease in the vsock_remove_sock function, which results in a Use After Free (UAF) condition. An attacker may cause a memory corruption by taking advantage of this UAF, which would enable the recovery of a freed vsock object.
By overwriting function pointers, the attacker can obtain control of the execution flow, circumvent kASLR via a brute-force technique, and leak kernel memory. In order to exploit this issue, it was necessary to get past AppArmor security checks and use side channels, such as the vsock_diag_dump function, to change the kernel’s memory state. A well-planned ROP chain was then used to gain root access.
“CVE-2025-21756 is a vulnerability discovered in the Linux kernel related to the handling of vsock objects, which are used in communication between virtual machines. This issue allows for privilege escalation, meaning that an attacker with limited access to a system can exploit this vulnerability to gain root access.“
The Article Can Be Found Here https://hackingblogs.com/linux-kernel-hacked-cve-2025-21756/
Hackingblogs Official Telegram Channel /channel/HackingBlogsGroup
💀🚨 Critical Zero-Day Vulnerability Exposes Viasat Satellite Modems to Remote Code Execution: CVE-2024-6198 Uncovered in Multiple Models
Hey hackers, were you aware that a significant zero-day attack recently affected Viasat’s satellite modems? A serious flaw in these devices, which are essential for satellite internet, could allow attackers to run remote code without authentication. Read on to learn how this attack operates and why it is important it will change the face of embedded device security.
Executive Summary : “An attacker might change the responses in order to inject code that causes a buffer overflow on the modem if they manage to obtain access to the WAN interface and intercept the Dynamic DNS (DDNS) communication between the modem and DDNS services. This vulnerability does not, however, affect users who have not activated Dynamic DNS on their devices.“
Viasat offers satellite internet services to a variety of businesses, including rural broadband and military communications. These services rely on their modems, which are used in situations where security is of the utmost importance.
Want To Get Into Depth, have a look at the Article For 0'Day 👉🏻 https://hackingblogs.com/critical-zero-day-vulnerability-viasat-satellite/
For Free Resources and daily alert on Cybersec Article , Blogs And News, You Can Join The Telegram Group 👉🏻 /channel/HackingBlogsGroup
https://hackingblogs.com/microsoft-defender-error-triggers-data-leak/
Читать полностью…
Yeh i thought it was legit but🥲 what is the solution on this
Читать полностью…
Has anyone passed (or attempted) the HTB CWEE certification exam?
I would like some advice, thanks a lot
do anyone have Aws account i just want to check subdomain takeover bug
Читать полностью…
Being able to see the domain of the email and last 4 digits of phone number isn't a valid bug. Unless you can get the full email and phone number.
Читать полностью…