https://samcurry.net/hacking-subaru A critical security vulnerability in Subaru’s Starlink service could have allowed attackers to remotely control and track vehicles in the United States, Canada, and Japan. The flaw, discovered by security researchers Sam Curry...
https://blog.sekoia.io/targeted-supply-chain-attack-against-chrome-browser-extensions A sophisticated supply chain attack has targeted Chrome extension developers, compromising dozens of extensions and potentially impacting millions of users. The campaign involved...
https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years A critical error in MasterCard’s domain name system (DNS) configuration went unnoticed for nearly five years. This misconfiguration could have allowed attackers to intercept or...
https://www.bleepingcomputer.com/news/security/7-zip-fixes-bug-that-bypasses-the-windows-motw-security-mechanism-patch-now 7-Zip users are urged to update to the latest version (24.09) immediately to address a critical security vulnerability (CVE-2025-0411). This flaw...
Ross Ulbricht's Xitter is being spammed with accounts which appear to be associated with him (image 1). However, the accounts are not. When you try to view the "official" Ross Ulbricht Telegram channel it asks to verify your identity (image 2). It gives...
If you’ve been in AppSec for a while, you’ve probably heard of Security Champions. Maybe you’ve even tried to implement a program. But here’s the thing – most of these programs fail within the first year. Today, we’re going to tell you...
