Kind words can be short and easy to speak, but their echoes are truly endless. — Mother Teresa
📚 SecMisc
📰 SecLinks
Security Alert: CVE-2024-4577 - PHP CGI Argument Injection Vulnerability - A security alert regarding a PHP CGI argument injection vulnerability. Read More
No Way, PHP Strikes Again! (CVE-2024-4577) - An article discussing the impact of CVE-2024-4577. Read More
How AI is Helping Cybersecurity Scale | by James Chiappetta | Jun, 2024 | better appsec - An exploration of how AI is aiding in the scalability of cybersecurity. Read More
Fuzzing Frameworks for Server-side Web Applications: A Survey - A survey on fuzzing frameworks for server-side web applications. Read More
CVE-2024-27822: macOS PackageKit Privilege Escalation | Mykola’s blog - Details about a macOS PackageKit privilege escalation vulnerability. Read More
Debian's /tmpest in a teapot [LWN.net] - An article about Debian's /tmpest in a teapot. Read More
[EN] Unsecure time-based secret and Sandwich Attack - Analysis of my research and release of the “Reset Tolkien” tool - An analysis of research and release of the "Reset Tolkien" tool. Read More
Hacking Millions of Modems (and Investigating Who Hacked My Modem) - An article about hacking millions of modems. Read More
New zine: How Git Works! - A zine explaining how Git works. Read More
Blockchain developer loses over $48,000 after posting private key to Github - A story about a blockchain developer losing over $48,000. Read More
Molding lies into reality || Exploiting CVE-2024-4358 - An article about exploiting CVE-2024-4358. Read More
iOS 16.5.1 safari RCE Analysis (CVE-2023–37450) - An analysis of iOS 16.5.1 safari RCE (CVE-2023–37450). Read More
🎥 SecVideo
- A Hackers' Guide to Language Models - YouTube - A video guide to language models.
💻 SecGit
W01fh4cker/CVE-2024-21683-RCE: CVE-2024-21683 Conflue. ce Post Auth RCE
fiddyschmitt/File-Tunnel: Tunnel TCP connections through a file
For suggestions and any feedback, please contact: securify@rosecurify.com