All posts by John Doe

■■■■□ OpenAI fixes zero-click ShadowLeak vulnerability affecting ChatGPT Deep Research agent. https://therecord.media/openai-fixes-zero-click-shadowleak-vulnerability

🤖 One of the admins of the channel had a 0-click malware on the Android flagship device. It may be Firefox Zero-Day, now patched. The malware deleted certain video files related to a country in the Middle East.

■■□□□ A recent report revealed that AppCloud, an Israeli application developed by IronSource, comes pre-installed on certain Samsung devices, particularly Galaxy A and Galaxy M models, and cannot be fully removed. The app automatically collects user data, including location, device fingerprints, and IP addresses. https://x.com/QudsNen/status/1968706493181579550 https://t.me/cKure/15664

■■■□□ Interesting thread (Jubair). One of the Scattered Spider guys ransomed a bunch of companies, made $36,000,000, then used the money for Uber Eats and Steam. He was late filmed as he was apologising. https://x.com/vxunderground/status/1968783350518235338

■■□□□ Dubai, UAE 🇦🇪 Dh23,000 routine payment dispute in Dubai unmasks cyber fraud. Hacker had intercepted company emails and diverted funds to fake account. https://gulfnews.com/uae/crime/dh23000-routine-payment-dispute-in-dubai-unmasks-cyber-fraud-1.500277479

■■■■□ Hacker group takes out jpost.com as they quoted ICC war criminal (for Genocide) on their website: https://t.me/DIeNlt/569 The group performed a DoS attack and the site remains down as of now.

■■■■□ The EDR-Freeze tool is a proof-of-concept exploit that leverages Windows’ built-in components to suspend EDR and antivirus processes into a “coma” state, effectively rendering them inactive without installing any third-party drivers. Mechanism: 1. MiniDumpWriteDump API: This function, part of the Windows DbgHelp library, is designed to create memory dumps by suspending all threads of…

■■■■□ New EDR-Freeze Tool That Puts EDRs and Antivirus Into A Coma State. New EDR-Freeze Tool That Puts EDRs and Antivirus Into A Coma State

■■■■■ A token validation flaw allowing adversary to get Global Admin in any Entra ID tenant. https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/

■■■■■ 🟥 Windows Screenshot Utility Greenshot Vulnerability Enable Malicious code execution – PoC Released. Windows Screenshot Utility Greenshot Vulnerability Enable Malicious code execution – PoC Released