Fri Aug 05 2022
Log4Shell in MobileIron Core
Thanks to jbaines-r7 we have yet another Log4Shell exploit. Similar to the other Log4Shell exploit modules, the exploit works by sending a JNDI string that once received by the server will be dese...
Fri Jul 29 2022
Roxy-WI Unauthenticated RCE
This week, community member Nuri Çilengir added an unauthenticated RCE for Roxy-WI. Roxy-WI is an interface for managing HAProxy, Nginx and Keepalived servers. The vulnerability can be triggered by...
Fri Jul 22 2022
The past, present and future of Metasploit
Don't miss Spencer McIntyre's talk on the Help Net Security's blog. Spencer is the Lead Security Researcher at Rapid7 and speaks about how Metasploit has evolved since its creation b...