QNAP NetBak Exposed: Critical ASP.NET Core Bug Enables Security Bypass
A critical security vulnerability has been identified in QNAP’s NetBak PC Agent software, stemming from a flaw in Microsoft ASP.NET…
Security
Patch Now! Apache Tomcat Vulnerabilities Expose Servers to RCE Risk
The Apache Software Foundation recently addressed two security vulnerabilities affecting multiple versions of Apache Tomcat, a widely-used open-source Java servlet…
Critical XWiki Vulnerability Abused in the Wild for Cryptocurrency Mining
A critical remote code execution (RCE) vulnerability (CVE-2025-24893) in XWiki, a widely-used open-source wiki platform, is being actively exploited in…
Social Engineering People’s Credit Card Details
Good Wall Street Journal article on criminal gangs that scam people out of their credit card information: Your highway toll…
Louvre Jewel Heist
I assume I don’t have to explain last week’s Louvre jewel heist. I love a good caper, and have (like…
First Wap: A Surveillance Computer You’ve Never Heard Of
Mother Jones has a long article on surveillance arms manufacturers, their wares, and how they avoid export control laws: Operating…
How We (Almost) Found Chromium’s Bug via Crash Reports to Report URI
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite…
Weekly Update 475
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite…
Friday Squid Blogging: “El Pulpo The Squid”
There is a new cigar named “El Pulpo The Squid.” Yes, that means “The Octopus The Squid.” As usual, you…
Part Four of The Kryptos Sculpture
Two people found the solution. They used the power of research, not cryptanalysis, finding clues amongst the Sanborn papers at…