Roblox Hit With Multimillion-Dollar Suit By L.A. County Claiming Gaming Platform Leaves "Children Easy Prey For Pedophiles"

In a sprawling lawsuit filed today against Roblox by Los Angeles County, the hugely popular online gaming platform has been ...
Bleeping Computer

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.
IEEE

Mapping Exploit Code on Paste Sites to the MITRE ATT&CK Framework: A Multi-label Transformer Approach

Abstract: Cyber-criminals often use information-sharing platforms such as paste sites (e.g., Pastebin) to share vast amounts of malicious text content, such as exploit source code. Careful analysis of ...
GitHub

The repo contains all the work surrounding the development of the PoC for how a simple OOB(Out-of-bound) read can result in jail escapes as well as broken access control.

Exploiting OOB to Jail escape/ Broken Access control: While debugging the buffer in GDB, we noticed that the OOB read was making the user land into something called the replybuf. Upon further analysis ...
GitHub

JWT Algorithm Confusion Scanner

JSON Web Tokens (JWTs) are commonly used for authentication and session management. When improperly implemented, they can be vulnerable to various attacks, particularly "algorithm confusion" where ...