■■■■□ Fortinet: Hackers retain access to patched FortiGate VPNs using symlinks When the threat actors previously breached servers using older vulnerabilities, they created symbolic links in the language files folder to the root file system on devices with SSL-VPN enabled. This allows them to maintain read-only access to the root filesystem through the publicly accessible…
All posts by John Doe
April 12, 2025 at 12:29PM
■■■■□ Cable – A Post-Exploitation Toolkit For Active Directory Reconnaissance & Exploitation. Cable – A Post-Exploitation Toolkit For Active Directory Reconnaissance & Exploitation
April 12, 2025 at 12:27PM
■■■■□ Russian hackers attack Western military mission using malicious drive. https://www.bleepingcomputer.com/news/security/russian-hackers-attack-western-military-mission-using-malicious-drive/
April 11, 2025 at 08:26PM
🚨 Zero-Day: EPICOR HCM Unauthenticated Blind SQL Injection CVE-2025-22953. https://tinted-hollyhock-92d.notion.site/EPICOR-HCM-Unauthenticated-Blind-SQL-Injection-CVE-2025-22953-170f1fdee211803988d1c9255a8cb904
April 10, 2025 at 05:03PM
■■■■■ United Kingdom 🇬🇧 | China 🇨🇳 Governments identify dozens of Android apps bundled with spyware. Governments identify dozens of Android apps bundled with spyware
April 10, 2025 at 05:01PM
■■■■■ OpenVPN Vulnerability Let Attackers Crash Servers & Execute Remote Code. CVE-2025-2704, affects OpenVPN versions 2.6.1 through 2.6.13 when configured with the –tls-crypt-v2 option, a feature commonly used to enhance privacy and prevent deep packet inspection (DPI). https://community.openvpn.net/openvpn/wiki/Downloads#OpenVPN2.6.14–Released02April2025 OpenVPN Vulnerability Let Attackers Crash Servers & Execute Remote Code
April 10, 2025 at 10:15AM
■■■□□ The Jewish state’s scum: Court document reveals locations of WhatsApp victims targeted by NSO spyware. Court document reveals locations of WhatsApp victims targeted by NSO spyware
April 10, 2025 at 09:19AM
■□□□□ UAE: Gen AI causes major setbacks for cybersecurity in the region, and the expert says. Figures by Gartner show that spending on security services in the Mena region is projected to grow 16.6 per cent in 2025. https://www.khaleejtimes.com/uae/uae-gen-ai-cybersecurity-social-engineering-data-phishing
April 10, 2025 at 06:31AM
■■■■■ CVE-2025-29810: Microsoft has disclosed a significant security vulnerability in Active Directory Domain Services that could allow attackers to elevate their privileges to the system level, potentially gaining complete control over affected systems. Windows Active Directory Domain Vulnerability Let Attackers Escalate Privileges
April 10, 2025 at 06:23AM
■■■■■ WhatsApp flaw can let attackers run malicious code on Windows PCs. https://www.whatsapp.com/security/advisories/2025/ https://www.bleepingcomputer.com/news/security/whatsapp-flaw-can-let-attackers-run-malicious-code-on-windows-pcs/