A threat actor has been exploiting CVE-2026-48558, a critical SimpleHelp vulnerability, to drop TaskWeaver and Djinn Stealer ...
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
Threat actors are attempting to actively exploit a critical security flaw impacting WP Maps Pro, a WordPress plugin that has had over 15,000 sales on the Envato Market, to create malicious ...
This project is a full-stack web application built as part of a GUVI internship assignment. It implements user registration, login, profile management, and session handling using MySQL, MongoDB, and ...
OWASP 2025: A01:2025 - Broken Access Control (Rank 1, includes CSRF) OWASP 2021: A01:2021 - Broken Access Control (Rank 1) When a logged-in user visits a malicious page, an unintended request is sent ...
"Description": "Dahua DSS-Safe City uses Apache Struts 2 as the website application framework. Because the application framework has a remote command execution vulnerability, an attacker can trigger ...