CyberSecurity - Oleg Zaytsev

Sign in Subscribe

CyberSecurity

A collection of 2 posts

360XSS Main Image

CyberSecurity Featured

360XSS: Mass Website Exploitation via Virtual Tour Framework for SEO Poisoning

Hackers are exploiting a reflected XSS vulnerability in the "Krpano" VR library across hundreds of websites, injecting malicious scripts to hijack Google’s search index and distribute spam ads at scale.

Subdomailing: The Campaign That Abused Thousands of Hijacked Subdomains

Subdomailing: The Campaign That Abused Thousands of Hijacked Subdomains

Back in my Guard.io days, Nati Tal and I wrote about one of the most impressive subdomain takeover campaigns we’d ever seen—a sprawling, industrial-scale operation that weaponized thousands of abandoned subdomains belonging to major brands. This wasn’t your everyday security blog; this was Subdomailing—a term