Security Boulevard

When Proxies Become Attack Vectors Through Header Injection

This assumption breaks down because HTTP RFC flexibility allows different servers to interpret the same header field in fundamentally different ways, creating exploitable gaps that attackers are ...
The Hacker News

Coruna iOS Exploit Kit Uses 23 Exploits Across Five Chains Targeting iOS 13–17.2.1

Google said it identified a "new and powerful" exploit kit dubbed Coruna (aka CryptoWaters) targeting Apple iPhone models running iOS versions between 13.0 and 17.2.1. The exploit kit featured five ...
GitHub

Command Injection in Cloud Compliance Scanning in HummerRisk

Project: HummerRisk Repository: https://github.com/HummerRisk/HummerRisk Affected Version: <=1.5.0 Affected Component: Cloud compliance scanning module A critical ...