Affected versions ledgerhq/connect-kit 1.1.5 ledgerhq/connect-kit 1.1.6 ledgerhq/connect-kit 1.1.7 Event Analysis The Numen security team discovered that Ledger’s Ledgerhq/connect-kit module has been implanted with malicious phishing
01 – Introduction On November 2, 2023, POC2023 took place as scheduled in South Korea. I was fortunate to attend this conference where YYJB and
Preface OctoPrint is an open source 3D printer controller application that provides a web interface for connected printers. It displays printer status and key parameters,
Preface Apache ShenYu is a Java native API Gateway for service proxy, protocol conversion and API governance. Description Numen Cyber Labs vulnerability researchers have discovered
0x00-Preface On July 21, 2023, @5aelo published a new discussion document on v8 sandbox: Function Pointer Wrapping. Given that this bypass will be patched by Chrome’s pointer wrapping
Analyzing CVE-2023-29336 Win32k vulnerability, its exploitation, and mitigation measures in the context of evolving security practices.
In March 2023, two vulnerabilities were discovered in HTTP: a local elevation of privilege vulnerability and an RCE Vulnerability.
The second of a six-part series on the Introduction to Zero-Knowledge Proofs to help everyone better understand the concept.
Our researcher discovered a deserialization vulnerability that can result in remote code execution in Apache Linkis.
After a bout of deep research, we found another high-risk vulnerability which is an integer overflow.
ZK is the top open-source Java web framework for creating enterprise web applications with over 2 million downloads.
Using untrusted configuration values can result in vulnerability to remote code execution with a NVD score of 9.8.