All posts by John Doe

🍎CVE-2025-31200: Apple iPhone RCE by opening a video file. 🎞https://youtu.be/nTO3TRBW00E

■□□□□ Microsoft admits to the support of genocide via its cyber capability.

■■■□□ South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware. High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder. https://www.acronis.com/en-us/cyber-protection-center/posts/from-banks-to-battalions-sidewinders-attacks-on-south-asias-public-sector/ https://thehackernews.com/2025/05/south-asian-ministries-hit-by.html

■■■■□ Full-Blown SSRF to Gain Access to Millions of Users’ Records and Multiple Internal Panels. https://medium.com/@skycer_00/full-blown-ssrf-to-gain-access-to-millions-of-users-records-and-multiple-internal-panels-3719d9b802e9

■■■□□ Chinese Hackers Deploy MarsSnake Backdoor in Multi-Year Attack on Saudi Organization. Threat hunters have exposed the tactics of a China-aligned threat actor called UnsolicitedBooker, which targeted an unnamed international organization in Saudi Arabia with a previously undocumented backdoor dubbed MarsSnake. https://thehackernews.com/2025/05/chinese-hackers-deploy-marssnake.html

■■■■■ kASLR Internals and Evolution. https://r0keb.github.io/posts/kASLR-Internals-and-Evolution/

■■■■■ Bypassing kASLR via Cache Timing. https://r0keb.github.io/posts/Bypassing-kASLR-via-Cache-Timing/

■■■■□ Pwnable.tw, a wargame site for hackers to test and expand their binary exploiting skills. https://pwnable.tw/ ●The co-founder of this site just got OSEE. Thought of sharing.

■■■■■ Cache poisoning via race-condition in Next.js https://zhero-web-sec.github.io/research-and-things/eclipse-on-nextjs-conditioned-exploitation-of-an-intended-race-condition

■□□□□ A Silicon Valley VC Says He Got the IDF Starlink Access Within Days of October 7 Attack. Sequoia Capital partner Shaun Maguire said in a webinar hosted by Israel’s Defense Ministry that he connected the IDF with SpaceX’s Starlink satellite internet far sooner than believed. https://www.wired.com/story/shaun-maguire-starlink-idf-israel-gaza/