All posts by John Doe

■■□□□ Researchers claim ChatGPT o3 bypassed shutdown in controlled test. https://www.bleepingcomputer.com/news/artificial-intelligence/researchers-claim-chatgpt-o3-bypassed-shutdown-in-controlled-test/ https://x.com/PalisadeAI/status/1926084635903025621

■■■■□ Android VPN interceptor to send HTTP and HTTPS traffic to a proxy. https://github.com/raise-isayan/TunProxy

■■■■■ CVE-2025-32756: PoC Published For Fortinet 0-Day Vulnerability That Being Exploited in the Wild. CVE-2025-32756: Low-Rise Jeans are Back and so are Buffer Overflows PoC Published For Fortinet 0-Day Vulnerability That Being Exploited in the Wild Sample PoC; requires custom gadget tuning based on firmware version etc: import requests target = “https://” attacker_ip = “8.7.0.3”…

■■■■■ SafeLine WAF: Open Source Web Application Firewall with Zero-Day Detection and Bot Protection. From zero-day exploits to large-scale bot attacks — the demand for a powerful, self-hosted, and user-friendly web application security solution has never been greater. SafeLine is currently the most starred open-source Web Application Firewall (WAF) on GitHub, with over 16.4K stars…

■□□□□ Fortinet acquires Israeli cyber startup Suridata for tens of millions to boost SaaS protection. Suridata raised around $14 million and built an AI-powered platform to protect SaaS apps. https://www.calcalistech.com/ctechnews/article/r1i21132blx

■■□□□ United States / China: Chinese hackers breach US local governments using Cityworks zero-day. https://www.bleepingcomputer.com/news/security/chinese-hackers-breach-us-local-governments-using-cityworks-zero-day/

■■■□□ BadSuccessor: Abusing dMSA to Escalate Privileges in Active Directory. https://www.akamai.com/blog/security-research/abusing-dmsa-for-privilege-escalation-in-active-directory https://thehackernews.com/2025/05/critical-windows-server-2025-dmsa.html

■■□□□ Marks & Spencer said hackers broke into its systems by tricking employees at a third-party contractor, skirting its digital defences to launch a cyberattack. https://www.thehindu.com/sci-tech/technology/ms-says-cyber-hackers-broke-in-through-third-party-contractor/article69604614.ece

■■□□□ CVE-2025-4123 Grafana open redirect → XSS/SSRF via path traversal.

■■■■□□ OSINT: A race of speed and lies (in war context). https://m.economictimes.com/news/india/lies-now-open-sourced-india-pakistan-conflict-puts-spotlight-on-open-source-intelligence-and-credibility-problem/articleshow/121240828.cms