Search
Kritická chyba v Next.js – umožňuje RCE
4.12.2025
Vývojáři Next.js oznámili kritickou zranitelnost v protokolu React Server Components, která nese skóre CVSS 10.0 a může za určitých podmínek umožnit vzdálené spuštění kódu na serveru. Zranitelnost pramení z chyby v implementaci RSC…
Call Of Duty: WW2 Pulled From Microsoft Store Just Days After Joining Game Pass Because Of Players Getting Hacked
9.7.2025
Call Of Duty: WW2 joined Game Pass on June 30, including for PC subscribers who could now access the game through the Microsoft Store. Days later, that version of the game had to be taken offline amid reports of players getting hacked and trolled with pop up messages on their PC, which seems very...
CertiK Discovers Telegram RCE Vulnerability Allowing Attacks on Users
9.4.2024
On April 9, the blockchain security platform CertiK discovered a Telegram vulnerability that enables hackers to use "primarily designed multimedia content, such as images or videos" to launch a remote code execution (RCE) threat.
The post CertiK Discovers Telegram RCE Vulnerability Allowing Attacks...
Hackers Exploit Apache ActiveMQ Flaw To Mine Crypto
22.11.2023
Source: Pixabay Hackers are currently targeting a critical Apache ActiveMQ vulnerability to download and infect Linux machines with the Kinsing malware and crypto miner. In a blog post published on November 20, Trend Micro researchers reported that the exploitation of the CVE-2023-46604...
Zoom, CORS, and the Web
23.7.2019
It's sorta sad by funny that that big Zoom vulnerability thing was ultimately related to web technology and not really the app itself.
There is this idea of custom protocols or "URL schemes." So, like gittower:// or dropbox:// or whatever. A native app can register them, then URLs that hit them...