Archive

A collection of 62 issues

Latest

👩‍💻IW Weekly #61: CVE-2023-2822, PII breach, IDOR’s impacting organizations, Open Redirect to Account Takeover, File upload Vulnerabilities, Root an AVD and many more..

cyberninja8881 uncovers a reflected cross-site scripting vulnerability lurking in the Ellucian Ethos Identity CAS Logout Page. Welcome to the #IWWeekly61 - the Monday newsletter that brings the best in Infosec straight to your inbox. To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 GitHub Repos and

👩‍💻IW Weekly #59: Authentication Bypass and multiple RCEs in Sitecore, IDOR while attending school, Directory listing to RCE, Integration misconfiguration to privilege escalation and many more..

@AayushVishnoi10 shows how a simple directory listing can help you gain PII disclosure and Remote code execution Welcome to the #IWWeekly59 - the Monday newsletter that brings the best in Infosec straight to your inbox. To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 GitHub Repos

👩‍💻IW Weekly #55: CVE-2023-22620, XSSI Vulnerability, Bugs in Pretalx, ChatGPT Plugin Leak, Hacking with MFA, Cloud Hacking, BAC to Account Takeover and Many more…

First part of SecurePwn series by @MrTuxracer uncovers CVE-2023-22620 vulnerability and provides insights on bypassing SecurePoint UTM's authentication. Welcome to the #IWWeekly55 - the Monday newsletter that brings the best in Infosec straight to your inbox. To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 GitHub

👩‍💻IW Weekly #50: Authentication and Authorization Vulnerabilities in Datahub, Leaky GraphQL, Account Takeover via Preset Passwords, Insecure Deserialization, $10000 Bounty and much more…

@GHSecurityLab discovered authentication and authorization vulnerabilities in DataHub, an open-source metadata platform, potentially allowing unauthorized access to sensitive data stored on the platform. Welcome to the #IWWeekly50 - the Monday newsletter that brings the best in Infosec straight to your inbox. Thank you for making it so far with us!

👩‍💻IW Weekly #47: SSRF to Infrastructure Access, HubSpot Full Account Takeover, RCE to S3 Leak, SQL Injections, Stored XSS, Broken Access Control and many more…

Breaking Boundaries: @basu_banakar uncovers SSRF vulnerability providing access to complete infrastructure and web services. Welcome to the #IWWeekly47 - the Monday newsletter that brings the best in Infosec straight to your inbox. To help you out, we have 5 Articles, 4 Threads, 3 Videos, 2 GitHub Repos and Tools,

👩‍💻IW Weekly #40: Open Redirection Vulnerability, Misconfigured Jira, Bugs in Red Bull, ChatGPT for Security, OSCP Guide for Beginners, Bypass Authentication, and much more…

Disclosing this vulnerability in Google Smart speakers bagged the author a bounty of $100k 😲 Welcome to the #IWWeekly40 - the Monday newsletter that brings the best in Infosec straight to your inbox. We wish you a prosperous and productive new year 😊 May you find amazing bugs, earn bounties, and make

Subscribe to The Infosec Newsletter

Sign up now to get access to the library of members-only issues.
Jamie Larson
Subscribe