Posts

CVE-2023-46865 - Post-Auth Unrestricted File Upload and Code Execution via IDAT in Crater Invoice

Understand the Ransomware TTPs: The BlackBit Under the Microscope

SMS Stealer APK use "Kahwin" theme targeting Malaysian: Kad Kahwin Digital APK

Detection Engineering Part 1: Setting up Elastic, Kibana and Fleet Server for SIEM and EDR

Multiple Stored XSS vulnerability in phpMyFAQ

Post-Authenticate Stored XSS in Wordpress Plugin Similar Posts

Deserialization Journey: The case of CVE-2023-28115

Scam Android app steals Bank Credentials and SMS: MyPetronas APK

Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)

CVE-2022-30190 aka "Follina" MSDT: Advisory and Technical Analysis

Scam and Malicious APK targeting Malaysian: MyMaidKL Technical Analysis

RTF template injection sample targeting Malaysia

Broken Access Control To Post-Auth Remote Code Execution in Webmin