All posts by John Doe

🍏 CVE-2024-44236: Remote Code Execution vulnerability in Apple macOS. An out-of-bounds write vulnerability has been reported in macOS. The vulnerability is due to the lack of proper validation of “lutAToBType” and “lutBToAType” tag types. A remote attacker could exploit this vulnerability by enticing a victim to open a crafted file. A successful attack may result…

■■□□□ Pakistan Air Force commander, with DG-ISPR in a press conference, released military radio conversation between Indian pilots in which they claimed shooting 5 jets and a drone within over an hour of dog-fight between Indian and Pakistani jets. ✈️✈️✈️🚜☄☄🚀🚀🚀🛩 Inference: 🤍It is very improbable that Indian Air-Force used unencrypted communication. 🤍If it was encrypted,…

■■■□□ Cyber War waged by multiple non state actors on Indian cyber assets. Quoting verbatim: Currently we have taken down radio service in India and caused a total outage of online audio streaming from radioindia.in servers Proofs: https://check-host.net/check-report/25ec3f01k9e6 https://check-host.net/check-report/25ec38b7k137 https://check-host.net/check-report/25ec37fck284 #DieNet

■■■□□ Unsafe at Any Speed: Abusing Python Exec for Unauth RCE in Langflow AI. Unsafe at Any Speed: Abusing Python Exec for Unauth RCE in Langflow AI

■■■□□ 7,000-Device Proxy Botnet Using IoT, EoL Systems Dismantled in U.S. – Dutch Operation A joint law enforcement operation undertaken by Dutch and U.S. authorities has dismantled a criminal proxy network that’s powered by thousands of infected Internet of Things (IoT) and end-of-life (EoL) devices, enlisting them into a botnet for providing anonymity to malicious…

■■■■□ Ransomware as a Service group, LockBit, suffered an internal database leaked. While the dump is a goldmine for researchers – revealing BTC addresses, victim chat logs, ransomware build info, and many other datapoints – there’s one detail that stands out: They stored their passwords in plaintext. For a group that prides itself on encryption,…

■□□□□ An official account of 𝕏 itself is withheld in India 🇮🇳 amid ongoing information war order by the government of India. https://x.com/zoo_bear/status/1920705872742830319

■■■■□ 𝕏 reports that Indian government has asked to block 8,000 accounts, which are causing hindrances in disinformation campaigns run by the state on its people. https://x.com/GlobalAffairs/status/1920522981744238814

■■■■□ Cyber-Kinetic warfare. Pakistan 🇵🇰 uses EW (electronic warfare) to take out Israel 🇮🇱 made Harop drones fired by India 🇮🇳 in Pakistan’s Lahore area amid ongoing conflict, which is still not a full-scale war. 🛩 30 drones from India were taken out in defenseive measures. Around 5% seem to have made it through.

❤️ Running code on Tesla security ECU from tire: dlDetails on new CVE-2025-2082 vulnerability. Security researchers Thomas Imbert, Vincent Dehors, and David Bérard found and responsibly disclosed recently a remote code execution (RCE) vulnerability in Tesla’s VCSEC ECU. Technical overview: By manipulating the response sent from the Tire Pressure Monitoring System (TPMS), an attacker can…