SoloSecurities: Cybersecurity Consulting & Training – SoloSecurities provide top-notch Application Security, Pentest Services, & Security Trainings. Our experienced team identifies and remediates security vulnerabilities in your software and applications.

Blog

CISA Alerts to Expanding SaaS Attacks: Secrets, Misconfigs, and Nation-State Intrusion

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a serious warning about ongoing cyberattacks targeting SaaS infrastructures—highlighting a breach involving Commvault’s Metallic SaaS...

SoloSecurities

Add comment

Blog

Chrome Loader Policy Flaw Enables Cross-Origin Data Leaks

Google has issued urgent security updates for its Chrome web browser to address four newly discovered vulnerabilities, one of which — CVE-2025-4664 — is being actively exploited in the wild. This critical...

SoloSecurities

Add comment

Blog

Microsoft Patch Tuesday May 2025: 78 Flaws Fixed, 5 Zero-Days Exploited in the Wild

In its May 2025 Patch Tuesday release, Microsoft has addressed a total of 78 security vulnerabilities, including five zero-day flaws that have been actively exploited in the wild. These vulnerabilities span...

SoloSecurities

Add comment

Editor’s pick

Deceptive AI: How Fake AI Tools Are Spreading Noodlophile Malware to 62,000+ Users via Facebook

10 months ago

OtterCookie v4: North Korea’s Silent Browser Heist

11 months ago

FreeDrain Crypto Heist: 38,000+ Subdomains Exploit SEO to Steal Wallets

11 months ago

LOSTKEYS Malware via ClickFix: How Russian Hackers Are Escalating Espionage

11 months ago

NSO Group Fined $168M for Illegal Use of Pegasus Spyware on WhatsApp Users

11 months ago

This week’s hottest

Bug Bounty Cyber Security Network Penetration Testing

Hackers Use Polymorphic Extensions to Hijack Browser Add-Ons & Steal Data

Introduction Cybersecurity researchers have uncovered a highly sophisticated attack technique that enables malicious browser extensions to impersonate any installed add-on. This novel approach, referred to as a...

SoloSecurities

48 views

Bug Bounty Cyber Security Web Application Penetration Testing

How earned $500 from Google – Flaw in Authentication

Hello Everyone! Today I will share the write-up of my first accepted bug in Google, Which is in “Google Cloud Partner Advantage Portal” where I was able to modify personal details for victim account via Broken...

SoloSecurities

Add comment

Blog Bug Bounty Cyber Security Web Application Penetration Testing

218 GitHub Repositories’ CI/CD Secrets Exposed: 5 Key Insights from the Coinbase Supply Chain Attack

💡 Introduction: The Growing Threat of Supply Chain Attacks In recent years, supply chain attacks have emerged as one of the most significant cybersecurity threats, targeting the interconnected ecosystems of software...

SoloSecurities

Add comment

Bug Bounty Cyber Security Web Application Penetration Testing

Subdomain Takeover

What is a subdomain? A domain name typically has two parts: The top-level domain (TLD) is the extension, such as .com or .org, and the second-level domain (SLD) is the unique part of the domain name, often a business or...

SoloSecurities

Add comment

Bug Bounty Cyber Security Network Penetration Testing

Apple Releases Urgent Security Update for WebKit Zero-Day

Introduction Apple has once again stepped up to reinforce the security of its ecosystem by releasing a crucial patch for a zero-day vulnerability in its WebKit browser engine. The flaw, identified as CVE-2025-24201, has...

SoloSecurities

Add comment