OFFSITE.DARK

OFFSITE.DARK https://offsitedark.com Open source security research, malware analysis, and offensive tooling. <![CDATA[Burst Statistics WordPress Auth Bypass (CVE-2026-8181)]]> https://offsitedark.com/news/burst-statistics-auth-bypass-cve-2026-8181 Thu, 25 Jun 2026 00:00:00 GMT <![CDATA[Cisco CUCM SSRF to RCE Chain (CVE-2026-20230)]]> https://offsitedark.com/news/cisco-cucm-ssrf-rce-cve-2026-20230 Thu, 25 Jun 2026 00:00:00 GMT <![CDATA[Claude Desktop Cowork VM Integrity Bypass (CVE-2026-7574)]]> https://offsitedark.com/news/claude-cowork-vm-bypass-cve-2026-7574 Thu, 25 Jun 2026 00:00:00 GMT <![CDATA[Krayin CRM TinyMCE Upload RCE (CVE-2026-38526)]]> https://offsitedark.com/news/krayin-crm-rce-cve-2026-38526 Wed, 24 Jun 2026 00:00:00 GMT <![CDATA[SP Page Builder Joomla Unauthenticated RCE (CVE-2026-48908)]]> https://offsitedark.com/news/sp-page-builder-joomla-rce-cve-2026-48908 Mon, 22 Jun 2026 00:00:00 GMT <![CDATA[BIND 9 Resolver Unbounded Loop DoS (CVE-2026-5950)]]> https://offsitedark.com/news/bind-resolver-loop-cve-2026-5950 Fri, 19 Jun 2026 00:00:00 GMT <![CDATA[ek0ms savi0r Publishes REAPER GitHub Secret Scanner]]> https://offsitedark.com/news/com-reaper-github-secrets-scanner Fri, 19 Jun 2026 00:00:00 GMT <![CDATA[GitLab WebAuthn 2FA Bypass (CVE-2026-2745)]]> https://offsitedark.com/news/gitlab-webauthn-auth-bypass-cve-2026-2745 Fri, 19 Jun 2026 00:00:00 GMT <![CDATA[JupyterHub CSRF XSRF Bypass (CVE-2026-40864)]]> https://offsitedark.com/news/jupyterhub-xsrf-bypass-cve-2026-40864 Fri, 19 Jun 2026 00:00:00 GMT <![CDATA[kit-exploits-prv — Sploitus PoC Collection Roundup]]> https://offsitedark.com/news/kit-exploits-prv-poc-collection Fri, 19 Jun 2026 00:00:00 GMT <![CDATA[10k GitHub Repos Found Distributing Trojan Malware]]> https://offsitedark.com/news/github-trojan-malware-campaign Thu, 18 Jun 2026 00:00:00 GMT <![CDATA[Nginx HTTP/3 QUIC Zero-Day (CVE-2026-42530)]]> https://offsitedark.com/news/nginx-quic-zero-day-cve-2026-42530 Thu, 18 Jun 2026 00:00:00 GMT <![CDATA[Popa Botnet Linked to NetNut Proxy Provider]]> https://offsitedark.com/news/popa-botnet-residential-proxy Thu, 18 Jun 2026 00:00:00 GMT <![CDATA[mastercodeon Publishes Peercord P2P Chat on Church of Malware Git]]> https://offsitedark.com/news/com-peercord-decentralized-chat Wed, 17 Jun 2026 00:00:00 GMT <![CDATA[FortiBleed Leaks VPN Credentials for 73k Devices]]> https://offsitedark.com/news/fortibleed-fortinet-vpn-leak Wed, 17 Jun 2026 00:00:00 GMT <![CDATA[Mastra NPM Scope Compromise Targets Crypto Wallets]]> https://offsitedark.com/news/mastra-npm-crypto-stealer Wed, 17 Jun 2026 00:00:00 GMT <![CDATA[Malicious Steam Workshop Wallpapers Steal Accounts]]> https://offsitedark.com/news/steam-wallpaper-engine-malware Wed, 17 Jun 2026 00:00:00 GMT <![CDATA[152 Chrome Wallpaper Extensions Hide Ad Fraud]]> https://offsitedark.com/news/chrome-wallpaper-extension-ad-fraud Tue, 16 Jun 2026 00:00:00 GMT <![CDATA[Mirai Variant Targets IoT Telnet]]> https://offsitedark.com/news/mirai-variant-iot-telnet Mon, 15 Jun 2026 00:00:00 GMT <![CDATA[shell-quote quote() Newline Command Injection (CVE-2026-9277)]]> https://offsitedark.com/news/shell-quote-injection-cve-2026-9277 Mon, 15 Jun 2026 00:00:00 GMT <![CDATA[Bookly WordPress Stored XSS via Cookie (CVE-2026-5513)]]> https://offsitedark.com/news/bookly-stored-xss-cve-2026-5513 Sun, 14 Jun 2026 00:00:00 GMT <![CDATA[Apache HTTP/2 Bomb DoS (CVE-2026-49975)]]> https://offsitedark.com/news/apache-http2-bomb-cve-2026-49975 Sat, 13 Jun 2026 00:00:00 GMT <![CDATA[Avada Builder WordPress Unauthenticated RCE (CVE-2026-6279)]]> https://offsitedark.com/news/avada-builder-rce-cve-2026-6279 Sat, 13 Jun 2026 00:00:00 GMT <![CDATA[PeopleSoft SSRF PoC Enables Unauthenticated RCE (CVE-2026-35273)]]> https://offsitedark.com/news/peoplesoft-ssrf-poc-cve-2026-35273 Sat, 13 Jun 2026 00:00:00 GMT <![CDATA[JCE Joomla Unauthenticated RCE (CVE-2026-48907)]]> https://offsitedark.com/news/jce-joomla-rce-cve-2026-48907 Thu, 11 Jun 2026 00:00:00 GMT <![CDATA[Patch Tuesday: 3 Zero-Days Addressed]]> https://offsitedark.com/news/patch-tuesday-zero-days Thu, 11 Jun 2026 00:00:00 GMT <![CDATA[Windows Shellcode Entry Points]]> https://offsitedark.com/research/windows-shellcode-entry-points Wed, 10 Jun 2026 00:00:00 GMT <![CDATA[WP Maps Pro Unauthenticated Admin Creation (CVE-2026-8732)]]> https://offsitedark.com/news/wp-maps-pro-admin-cve-2026-8732 Sat, 30 May 2026 00:00:00 GMT <![CDATA[Static Malware Triage: YARA-First Workflow]]> https://offsitedark.com/research/static-malware-triage-yara Thu, 28 May 2026 00:00:00 GMT <![CDATA[NGINX Rift Heap Overflow RCE (CVE-2026-42945)]]> https://offsitedark.com/news/nginx-rift-cve-2026-42945 Fri, 22 May 2026 00:00:00 GMT <![CDATA[React2Shell RCE in React Server Components (CVE-2025-55182)]]> https://offsitedark.com/news/react2shell-cve-2025-55182 Sat, 13 Dec 2025 00:00:00 GMT