CVE-2025-0167 - How a Rare `.netrc` Configuration Can Leak Your Credentials in Curl Redirects
When you use cURL, it's natural to expect your credentials to stay private—especially if you took the trouble to set up a
CVE-2024-27137 - How Hackers Can Steal JMX Credentials in Apache Cassandra via RMI Registry Hijack
Apache Cassandra is a favorite distributed database, powering some of the biggest applications for its great performance and scalability. But recently, a new vulnerability—CVE-
CVE-2025-22978 - CSV Injection Vulnerability in eladmin <=2.7 Exception Log Download
Date: June 2024
Author: SecureTech Writeups
Are you running eladmin, the popular open-source admin system? If so, you should know about a dangerous vulnerability
CVE-2024-57432 - Exploiting Insecure Permissions in macrozheng mall-tiny 1..1 with Hardcoded JWT Secrets (Exclusive Guide)
The macrozheng mall-tiny project (version 1..1) is a lightweight e-commerce platform widely used for learning and small business solutions. However, a severe
CVE-2025-23215 - PMD Release Signing Passphrase Exposed — What Happened, Risks, and How It's Fixed
The software security world was rocked by the disclosure of CVE-2025-23215, a major vulnerability involving the widely used static code analysis tool PMD.
Episode
00:00:00
00:00:00