📣 New hack announcement: Hacking into a Toyota/Eicher Motors insurance company by exploiting their premium calculator website: eaton-works.com/2024/01/17/tti…

Excited to announce the immediate availability of combined Xbox 360 XL patches! Get them in today's J-Runner V3.3.0 r3 update and enjoy the potential of up to 48 TB in total possible storage!

CERT-In has published Vulnerability notes on its website (18-12-2023)
CIVN-2023-0366 - Multiple Vulnerabilities in Siemens User Management Component (UMC)
CIVN-2023-0365 - Improper Authentication Vulnerability in ADiTaaS
Visit CERT-In website (cert-in.org.in)

📣 Introducing CVE-2023-6483: Improper/missing API authentication in ADiTaaS v5.1
ADiTaaS is a SaaS platform that handles IT/support ticket, HR, cybersecurity, and much more. It is used by a wide variety of companies in various industries.
Thanks to my responsible disclosure, no

👀

📣 New from me today: My latest writeup detailing an API flaw that exposed a multi-billion dollar telecommunications company's office cameras: eaton-works.com/2023/11/14/tel…

Security researcher uncovers major vulnerabilities in Honda's e-commerce platform, exposing sensitive dealer information. This flaw could have allowed unrestricted access to data.

Learn more: thehackernews.com/2023/06/passwo…

#hacking #cybersecurity

ICYMI ⬇️

Vulnerabilities in Honda eCommerce Platform Exposed Customer, Dealer Data
securityweek.com/vulnerabilitie…

Honda said it has fixed a vulnerability that could have allowed anyone to take over accounts on a platform used by Honda Power Equipment and Honda Marine dealers in the United States. therecord.media/honda-power-eq…

Honda API flaws exposed customer data, dealer panels, internal docs - Bill Toulas
bleepingcomputer.com/news/security/…

Learn how Eaton Z. compromised an industrial e-commerce platform (marine, garden & power equipment) of Honda via a vulnerable password reset API:

eaton-works.com/2023/06/06/hon…

📣 Big news from me today: Introducing my biggest security disclosure yet - compromising Honda's eCommerce platform and gaining access to over 1k dealer websites and all customer records. Internal financial reports, API keys, and more were left vulnerable. eaton-works.com/2023/06/06/hon…

Hacker gained access to Toyota's Mexican customers' information dlvr.it/SkZ0Lj

Auto industry risks security breaches by underpaying white hat hackers dlvr.it/SkYz0F

New Toyota security writeup published! I broke into a Toyota CRM and discovered an insecure production API exposed via loading spinner settings😅. eaton-works.com/2023/03/06/toy…

High praise coming from Sabu (Hector X. Monsegur) regarding my recent Toyota writeup. Glad you enjoyed it!😀 Podcast link here - starts at 39:25: podcasts.apple.com/podcast/a-majo…

Not the 'passwordless authentication' you wanted 🤡

Researcher breaches Toyota supplier portal with info on 14,000 partners - Bill Toulas
bleepingcomputer.com/news/security/…

Toyota addressed a vulnerability that could have exposed sensitive data associated with thousands of suppliers worldwide, reveals Eaton Z.

portswigger.net/daily-swig/toy…