New: Patchstack Web Host Integration Unlocks Proactive Website Security with Industry-Leading Upsell Conversions - Patchstack
https://patchstack.com/articles/new-patchstack-web-host-integration-unlocks-proactive-website-security-with-industry-leading-upsell-conversions/
https://patchstack.com/articles/new-patchstack-web-host-integration-unlocks-proactive-website-security-with-industry-leading-upsell-conversions/
❤2👍1
Two Critical Vulnerabilities in WordPress King Addons for Elementor Plugin Affecting 10k+ Sites - Patchstack
https://patchstack.com/articles/two-critical-vulnerabilities-in-wordpress-king-addons-for-elementor-plugin-affecting-10k-sites/
https://patchstack.com/articles/two-critical-vulnerabilities-in-wordpress-king-addons-for-elementor-plugin-affecting-10k-sites/
❤2
Vulnerabilities in LUKS2 disk encryption for confidential VMs
https://blog.trailofbits.com/2025/10/30/vulnerabilities-in-luks2-disk-encryption-for-confidential-vms/
https://blog.trailofbits.com/2025/10/30/vulnerabilities-in-luks2-disk-encryption-for-confidential-vms/
The Trail of Bits Blog
Vulnerabilities in LUKS2 disk encryption for confidential VMs
Trail of Bits is disclosing vulnerabilities in confidential computing systems that use LUKS2 for disk encryption. These vulnerabilities allow attackers with access to storage disks to extract confidential data and modify contents.
❤5
How Android provides the most effective protection to keep you safe from mobile scams
http://security.googleblog.com/2025/10/how-android-protects-you-from-scams.html
http://security.googleblog.com/2025/10/how-android-protects-you-from-scams.html
Google Online Security Blog
How Android provides the most effective protection to keep you safe from mobile scams
Posted by Lyubov Farafonova, Product Manager, Phone by Google; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Ab...
❤2
Modular DS Adds Patchstack-Powered Security: Introducing Patch & Protect - Patchstack
https://patchstack.com/articles/modular-ds-adds-patchstack-powered-security-introducing-patch-protect/
https://patchstack.com/articles/modular-ds-adds-patchstack-powered-security-introducing-patch-protect/
❤3
Forwarded from Android Security & Malware
[beginners] Deep dive into Android Pentesting
Covered everything from static & dynamic analysis, Frida, Drozer, SSL pinning bypass, deep links, broadcast receivers, and more
If you're into mobile security, this one's packed with real-world scenarios & tools
https://coal-memory-97b.notion.site/Android-Pentest-1f6923af30cc80bdafa4f3c581f4c5f8
Covered everything from static & dynamic analysis, Frida, Drozer, SSL pinning bypass, deep links, broadcast receivers, and more
If you're into mobile security, this one's packed with real-world scenarios & tools
https://coal-memory-97b.notion.site/Android-Pentest-1f6923af30cc80bdafa4f3c581f4c5f8
❤11
Intigriti Bug Bytes #229 - October 2025 🚀
https://www.intigriti.com/researchers/blog/bug-bytes/intigriti-bug-bytes-229-october-2025
https://www.intigriti.com/researchers/blog/bug-bytes/intigriti-bug-bytes-229-october-2025
The cryptography behind electronic passports
https://blog.trailofbits.com/2025/10/31/the-cryptography-behind-electronic-passports/
https://blog.trailofbits.com/2025/10/31/the-cryptography-behind-electronic-passports/
The Trail of Bits Blog
The cryptography behind electronic passports
This blog post describes how electronic passports work, the threats within their threat model, and how they protect against those threats using cryptography. It also discusses the implications of using electronic passports for novel applications, such as…
❤6
Hacktober 2025 - Nuclei Templates — ProjectDiscovery Blog
https://projectdiscovery.io/blog/hacktober-2025-nuclei-templates
https://projectdiscovery.io/blog/hacktober-2025-nuclei-templates
ProjectDiscovery
Hacktober 2025 - Nuclei Templates — ProjectDiscovery Blog
Summary of Releases v10.3.0 & v10.3.1
This month, we had two major releases of Nuclei Templates, introducing numerous improvements and new templates for Nuclei users.
🚀 Hacktober Stats
Release
New Templates Added
CVEs Added
First-time Contributors…
This month, we had two major releases of Nuclei Templates, introducing numerous improvements and new templates for Nuclei users.
🚀 Hacktober Stats
Release
New Templates Added
CVEs Added
First-time Contributors…
How Android provides the most effective protection to keep you safe from mobile scams
http://security.googleblog.com/2025/10/how-android-protects-you-from-scams.html
http://security.googleblog.com/2025/10/how-android-protects-you-from-scams.html
Google Online Security Blog
How Android provides the most effective protection to keep you safe from mobile scams
Posted by Lyubov Farafonova, Product Manager, Phone by Google; Alberto Pastor Nieto, Sr. Product Manager Google Messages and RCS Spam and Ab...
❤1
Release v3.4.5 · projectdiscovery/nuclei
https://github.com/projectdiscovery/nuclei/releases/tag/v3.4.5
https://github.com/projectdiscovery/nuclei/releases/tag/v3.4.5
GitHub
Release v3.4.5 · projectdiscovery/nuclei
What’s Changed
Bug Fixes
Fix memory blowup in multi-protocol templates by @dwisiswant0 #6258
Fix JSON unmarshalling for dynamic auth type in authx by @dwisiswant0 #6268
Use proxy settings in DNS a...
Bug Fixes
Fix memory blowup in multi-protocol templates by @dwisiswant0 #6258
Fix JSON unmarshalling for dynamic auth type in authx by @dwisiswant0 #6268
Use proxy settings in DNS a...
❤3
How has AI changed your workflow? Share your story in Sonar
https://www.sonarsource.com/blog/developer-survey-request/
https://www.sonarsource.com/blog/developer-survey-request/
Sonarsource
How has AI changed your workflow? Share your story in Sonar's State of Code developer survey
Artificial intelligence is rapidly changing how we develop software. But beyond the hype, how are developers like you actually using these new tools in your daily workflows? To find out, we're kicking off our first annual State of Code developer research…
❤5
Next.js Security Testing Guide for Bug Hunters and Pentesters
https://deepstrike.io/blog/nextjs-security-testing-bug-bounty-guide
https://deepstrike.io/blog/nextjs-security-testing-bug-bounty-guide
DeepStrike
Next.js Security Testing Guide for Bug Hunters and Pentesters
Learn how to assess Next.js apps for SSRF, XSS, CSTI, SSTI, CSRF, cache issues, and data leaks. Practical tips, checks, and tools for bug bounty and pentesting.
❤14
CVE-2025-52665 - RCE in Unifi Access ($25,000)
https://www.catchify.sa/post/cve-2025-52665-rce-in-unifi-os-25-000
https://www.catchify.sa/post/cve-2025-52665-rce-in-unifi-os-25-000
Catchify
CVE-2025-52665 - $25K RCE in UniFi Access | Catchify
Technical writeup: Pre-auth RCE via command injection in Ubiquiti UniFi Access backup API. Discovered by Catchify Security.
👍3👎2
❤6
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
https://labs.watchtowr.com/whats-that-coming-over-the-hill-monsta-ftp-remote-code-execution-cve-2025-34299/
https://labs.watchtowr.com/whats-that-coming-over-the-hill-monsta-ftp-remote-code-execution-cve-2025-34299/
watchTowr Labs
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
Happy Friday, friends and.. others.
We’re glad/sorry to hear that your week has been good/bad, and it’s the weekend/but at least it’s almost the weekend!
What’re We Doing Today, Mr Fox?
Today, in a tale that seems all too familar at this point,
We’re glad/sorry to hear that your week has been good/bad, and it’s the weekend/but at least it’s almost the weekend!
What’re We Doing Today, Mr Fox?
Today, in a tale that seems all too familar at this point,
Infrastructure Collapse: How a Forgotten Folder in Coca-Cola’s Network Exposed Critical…
https://medium.com/legionhunters/infrastructure-collapse-how-a-forgotten-folder-in-coca-colas-network-exposed-critical-a4d9dc1ab8a6
https://medium.com/legionhunters/infrastructure-collapse-how-a-forgotten-folder-in-coca-colas-network-exposed-critical-a4d9dc1ab8a6
Medium
Infrastructure Collapse: How a Forgotten Folder in Coca-Cola’s Network Exposed Critical Administrative Data
Hello Bug Hunters!
👏2
At the forefront of ethical hacking: What’s Intigriti’s impact and position?
https://www.intigriti.com/blog/business-insights/at-the-forefront-of-ethical-hacking-what-s-intigriti-s-impact-and-position
https://www.intigriti.com/blog/business-insights/at-the-forefront-of-ethical-hacking-what-s-intigriti-s-impact-and-position
Intigriti
At the forefront of ethical hacking: What’s Intigriti’s impact and position?
Organizations are increasingly seeking platforms that prioritize quality over quantity, fast response times, and strict data compliance. Here are eight elements to consider when selecting your bug bounty provider.
Release v3.4.8 · projectdiscovery/nuclei
https://github.com/projectdiscovery/nuclei/releases/tag/v3.4.8
https://github.com/projectdiscovery/nuclei/releases/tag/v3.4.8
GitHub
Release v3.4.8 · projectdiscovery/nuclei
What's Changed
Features & Improvements
Remove singletons from Nuclei engine (continuation of #6210) (#6296) by @hdm
Address race conditions in http.Request and MemGuardian (#6321) by @hdm
...
Features & Improvements
Remove singletons from Nuclei engine (continuation of #6210) (#6296) by @hdm
Address race conditions in http.Request and MemGuardian (#6321) by @hdm
...
Exploiting JWT Vulnerabilities: Advanced Exploitation Guide
https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-jwt-vulnerabilities
https://www.intigriti.com/researchers/blog/hacking-tools/exploiting-jwt-vulnerabilities
Intigriti
Exploiting JWT Vulnerabilities: Advanced Exploitation Guide
Learn how to identify and exploit JSON Web Token (JWT) vulnerabilities using several different testing methods. Read the article now!