The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.16.3 via deserialization of untrusted input from the give_company_name parameter. This makes it possible for unauthenticated attackers to inject a PHP Object. The additional presence of a POP chain allows attackers to achieve remote code execution.
#RESEARCH

This subreddit is for technical professionals to discuss cybersecurity news, research, threats, etc.

The Intelligence and research arm of Check Point Technologies provides leading cyber threat intelligence to Check Point customers and the greater intelligence community.

Cybersecurity News, Awards, eSummits, Research.

RTC security Research, talks and tools. We are researchers in cyber-security, continually educating ourselves and developing knowledge and code. By sharing what we learn, we hope to push RTC security forward.

Learn how to protect your ML advantage. Check out HiddenLayer’s recent releases, announcements, and musings on protecting your algorithms.

Interactive data from scam reports including amount lost, scam types, types of scam and delivery methods.

Kaspersky's threat research and reports.

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

MDSec was founded on the principles that traditional security assessment describes problems, but Security Education helps fix or avoid them.

Our research findings are for everyone’s benefit.

The Barracuda blog brings you the latest news, research, and insights you can’t get anywhere else.

Elastic Security Labs empowers security teams across the globe with novel security intelligence research and free to use tools.

Recorded Future’s Insikt Group produces research that creates action to disrupt adversaries. We write on a range of cyber and geopolitical topics, including state-sponsored threat groups; financially-motivated threat actors on the darknet and criminal underground; newly emerging malware and attacker infrastructure; strategic geopolitics; and influence operations.

NEW

Read McAfee Labs blogs for the latest threat research, threat intelligence, and thought leadership from the Threat Research team.

Talos intelligence and world-class threat research team better protects you and your organization against known and emerging cybersecurity threats.

Understandable online privacy & cybersecurity information to keep you and your data safe. Latest cybersecurity research & trends.

Read SafeBreach’s original threat research reports and learn about updates to our Hacker’s Playbook.

Defuse Security. Home of PIE Bin, TRENT, and more...

Unit 42 brings together world-renowned threat researchers, incident responders and security consultants to create an intelligence-driven, response-ready organization that's passionate about helping you proactively manage cyber risk.

The latest cybersecurity trends, best practices, security vulnerabilities, and more.

The list of research articles compiled by SecurityScorecard.

Thoughts, research, reports, and more from Truffle Security Co.

Get the intelligence you need to detect, prevent & respond to cyber threats. Read the Intel 471 cyber threat intelligence blog.