Pierluigi Paganini
February 25, 2019
A security expert discovered a critical cross-site scripting (XSS) flaw in Yahoo Mail that could have been exploited to steal the targeted userâs emails and attach malicious code to their outgoing messages. Yahoo addressed a critical cross-site scripting (XSS) vulnerability in Yahoo Mail that could have been exploited by hackers to steal userâs emails and […]
Pierluigi Paganini
February 17, 2019
Facebook paid a $25,000 bounty for a critical cross-site request forgery (CSRF) vulnerability that could have been exploited to hijack accounts simply by tricking users into clicki on a link. The white hat hacker who goes online with the moniker âSamm0udaâ discovered a critical CSRF vulnerability in Facebook and the social network giant paid a […]
Pierluigi Paganini
December 21, 2018
Hack the Air Force 3.0 – The US DoD announced that more than 30 white hat hackers earned $130,000 for more than 120 vulnerabilities. The U.S. Defense Department, along with bug bounty platform HackerOne, presented the results of the third bug bounty program Hack the Air Force. The program started on October 19 and lasted […]
Pierluigi Paganini
May 21, 2018
Google awarded the 18-year-old student Ezequiel Pereira a total of $36,337 for the discovery of a critical remote code execution vulnerability that affected the Google App Engine. The Google App Engine is a framework that allows Google users to develop and host web applications on a fully managed serverless platform. In February, Pereira gained access to […]
Pierluigi Paganini
February 28, 2018
The security researcher Mohamed Baset discovered a vulnerability in Facebook that exposed email and other details of a page administrator. Facebook has recently addressed an information disclosure vulnerability discovered by the security researcher Mohamed Baset that exposed page administrator. According to Baset, the flaw is a âlogical errorâ that he discovered after receiving an invitation […]
Pierluigi Paganini
January 22, 2018
Google has awarded a record $112,500 to a security researcher for reporting an exploit chain that could be used to hack Pixel smartphones. Last week the Google disclosed the technical details of the exploit chain that was devised in August 2017 by the Guang Gong from Alpha Team at Qihoo 360 Technology. The exploit chain triggers two […]
Pierluigi Paganini
January 17, 2018
Facebook has fixed a couple of vulnerabilities that could have been exploited by attackers to hijack accounts by abusing integration with the Oculus virtual reality headset. In March 2014, Facebook founder Mark Zuckerberg announced the acquisition of Oculus VR and included the handsets produced by the company to its bug bounty program. White hat hackers […]
Pierluigi Paganini
November 22, 2017
Unbelievable: Uber concealed data breach that exposed 57 Million records in 2016 and paid hackers to delete stolen records. Uber CEO Dara Khosrowshahi announced on Tuesday that hackers broke into the company database and accessed the personal data of 57 million of its users, the bad news is that the company covered up the hack […]
Pierluigi Paganini
September 23, 2017
Google has just released an updated version of Chrome 61, version 61.0.3163.100, that addresses 3 security flaws, two of which rated high-severity. The new version is already available for Windows, Mac, and Linux users and includes a total of three vulnerabilities. The first high-risk bug, tracked as CVE-2017-5121, is an Out-of-bounds access in V8 reported by Jordan […]
Pierluigi Paganini
September 14, 2017
The company ZERODIUM announced it will pay up to $1 million for fully working zero day exploits for Tor Browser on Tails Linux and Windows OSs. The zero-day broker Zerodium offers $1 million for Tor Browser exploits with the intent to unmask Tor users. The controversial firm will then resell the zero-day exploit for Tor […]
