Sophos Secure Workspace App Password Bypass using Race Condition

A race condition in Sophos Secure Workspace (Android) version 9.7.3081 that bypassed the App Password.
Read more →

How I could have stolen your candy from ShippingCart

Vulnerabilities in ShippingCart that lets me leak parcel data and checkout other users package.
Read more →

Breaking the Doors: Paypal 2-Factor Bypass

Two-factor authentication is an extra layer of security for your Paypal Account designed to ensure that you’re the only person who can access your account, even if someone knows your password.
Read more →

404 Not Found: Vulnerability Disclosure in the Philippines

We could have avoided Biggest Data Breaches in the Country if there is a platform or channel where Security Researchers can report Vulnerabilities, frankly we don’t have one.
Read more →

CVE-2020-12832

WordPress Plugin Simple File List is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input.
Read more →