Android

A Security Researcher Decompiled The White House App, & What They Found Is Pretty Alarming

A security researcher decompiled the White House’s new official app and found some alarming stuff buried in the code, including a hidden GPS tracking pipeline, JavaScript loaded from a random GitHub ...
GitHub

vallabh-13/MakeUC2025-Security-Scanner

The Solution: We saw that while powerful security testing tools exist (like Nmap, CVE, SSL Labs and Nuclei), they are inaccessible to many. Our goal was to democratize web security by building a ...
The Hacker News

Fortinet Warns Attackers Retain FortiGate Access Post-Patching via SSL-VPN Symlink Exploit

Fortinet has revealed that threat actors have found a way to maintain read-only access to vulnerable FortiGate devices even after the initial access vector used to breach the devices was patched. "A ...
Bleeping Computer

Fortinet warns of auth bypass zero-day exploited to hijack firewalls

Attackers are exploiting a new authentication bypass zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. This security flaw (tracked as ...
Security Boulevard

CVE-2024-55591: Fortinet Authentication Bypass Zero-Day Vulnerability Exploited in the Wild

CVE-2024-55591 is an authentication bypass vulnerability in FortiOS and FortiProxy. An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted request to a ...
IEEE

Safe and Secure Communication Using SSL/TLS

Abstract: In an ever-evolving digital environment, prioritizing user security and authentication processes is critical. It presents a comprehensive approach to creating a secure login page using ...
GitHub

bolt-js does not accept ssl_check requests properly

While doing the final integration tests for v3.11 release, I found that there is a long-lived bug on the ssl_check request handling. As you can see below, an ssl_check request does not have ...