Affected versions ledgerhq/connect-kit 1.1.5 ledgerhq/connect-kit 1.1.6 ledgerhq/connect-kit 1.1.7 Event Analysis The Numen security team discovered that Ledger’s Ledgerhq/connect-kit module has been implanted with malicious phishing
01 – Introduction On November 2, 2023, POC2023 took place as scheduled in South Korea. I was fortunate to attend this conference where YYJB and
Preface Apache ShenYu is a Java native API Gateway for service proxy, protocol conversion and API governance. Description Numen Cyber Labs vulnerability researchers have discovered
Preface OctoPrint is an open source 3D printer controller application that provides a web interface for connected printers. It displays printer status and key parameters,
0x00-Preface On July 21, 2023, @5aelo published a new discussion document on v8 sandbox: Function Pointer Wrapping. Given that this bypass will be patched by Chrome’s pointer wrapping
Analyzing CVE-2023-29336 Win32k vulnerability, its exploitation, and mitigation measures in the context of evolving security practices.
In March 2023, two vulnerabilities were discovered in HTTP: a local elevation of privilege vulnerability and an RCE Vulnerability.
The second of a six-part series on the Introduction to Zero-Knowledge Proofs to help everyone better understand the concept.
Our researcher discovered a deserialization vulnerability that can result in remote code execution in Apache Linkis.
After a bout of deep research, we found another high-risk vulnerability which is an integer overflow.
ZK is the top open-source Java web framework for creating enterprise web applications with over 2 million downloads.
Using untrusted configuration values can result in vulnerability to remote code execution with a NVD score of 9.8.