New PHP7 bug CVE-2019-11043 can allow even non-technical attackers to take over servers. A recently patched security flaw in modern versions of the PHP programming language is being exploited in the wild to take over servers, ZDNet has learned from threat intelligence firm Bad Packets. The vulnerability is a remote code execution (RCE) in PHP… Read More


Cybersecurity researchers at AdaptiveMobile Security disclosed a critical vulnerability in SIM cards dubbed SimJacker that could be exploited by remote attackers to compromise targeted mobile phones and spy on victims just by sending an SMS. The SimJacker vulnerability resides in the S@T (SIMalliance Toolbox) Browser dynamic SIM toolkit that is embedded in most SIM cards… Read More


A security flaw in Exim mail servers could be exploited by local or remote attackers to execute arbitrary code with root privileges. The Exim development team has addressed a vulnerability in Exim mail server, tracked as CVE-2019-15846, that could be exploited by local and remote attackers to execute arbitrary code with root privileges. The vulnerability… Read More


Tulsi Gabbard’s email account went down right after the Democratic Debate and I believe I can provide assistance on where to focus your discovery efforts because I saw how other accounts, such as Jordan B. Peterson, was taken down. I’m going to recount how this happened to him so as to assist you in your… Read More


Speakers are everywhere, whether it’s expensive, standalone sound systems, laptops, smart home devices, or cheap portables. And while you rely on them for music or conversation, researchers have long known that commercial speakers are also physically able to emit frequencies outside of audible range for humans. At the Defcon security conference in Las Vegas on… Read More


At the Black Hat security conference in Las Vegas next week, a group of network communication security researchers will present findings on flaws in the 5G protections meant to thwart the surveillance devices known as stingrays. Also called ‘IMSI catchers’ after the international mobile subscriber identity number attached to every cell phone, stingrays masquerade as… Read More


Computer peripheral giant Logitech has finally issued a patched version of its Logitech Options desktop app, after being taken to task for a months-old security flaw. The bug could of allowed adversaries to launch keystroke injection attacks against Logitech keyboard owners that used the app. Google Project Zero security researcher Tavis Ormandy found the bug… Read More


Cybersecurity researchers have discovered a critical vulnerability in widely used SQLite database software that exposes billions of deployments to hackers. Dubbed as ‘Magellan’ by Tencent’s Blade security team, the newly discovered SQLite flaw could allow remote attackers to execute arbitrary or malicious code on affected devices, leak program memory or crash applications. Source: thehackernews… Read More


Why x86 won’tsurvivex86 is a micro-architecture created by Intel that has been around since 1978. It powers most laptops, and more than likely powers the one you’re using right now. It’s considered powerful, effective, and reliable… until a few months ago. A short history of leaks and exploits found in the x86 micro-architecture found in… Read More


German identity cards issued since 2010 come with a radio frequency identification chip that stores information about the holder. This includes name, date of birth and a biometric picture. If the holder so chooses, it can also store their fingerprints. The new cards are machine-readable and can be used as travel documents in most countries… Read More