All posts in Uncategorized

■■■□□ Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation. https://thehackernews.com/2025/01/critical-flaws-in-wgs-804hpt-switches.html

🔼 baitroute: A web honeypot library to create vulnerable-looking endpoints to detect and mislead attackers. https://github.com/utkusen/baitroute https://utkusen.substack.com/p/how-to-create-vulnerable-looking

■■■■■ GoRedOps: Repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team (Go lang). https://github.com/EvilBytecode/GoRedOps

■■■□□ New UEFI Secure Boot flaw exposes systems to bootkits, patch now. https://www.bleepingcomputer.com/news/security/new-uefi-secure-boot-flaw-exposes-systems-to-bootkits-patch-now/

■■■■■ Zero-Day | Fortinet: Members of a new hacker group have leaked configuration files, IP addresses, and VPN credentials for more than 15,000 FortiGate devices, making them available to the cyber underground for free. The Belsen Group, which announced the leak, first appeared on networks and forums this month. To promote their Belsen Group brand,…

■■■□□ Cyberattackers Hide Infostealers in YouTube Comments. https://www.darkreading.com/threat-intelligence/cyberattackers-infostealers-youtube-comments-google-search

■■■■□ Electronic Warfare: Saab expands EW sensor production in Finland. https://defence-blog.com/saab-expands-ew-sensors-production-in-finland/

■■■■□ Signed FUD sample. https://bazaar.abuse.ch/sample/cbb84155467087c4da2ec411463e4af379582bb742ce7009156756482868859c/

■□□□□ OpenAI’s AI reasoning model ‘thinks’ in Chinese sometimes and no one really knows why. https://techcrunch.com/2025/01/14/openais-ai-reasoning-model-thinks-in-chinese-sometimes-and-no-one-really-knows-why/

■■□□□ Hackers use FastHTTP in new high-speed Microsoft 365 password attacks. https://www.bleepingcomputer.com/news/security/hackers-use-fasthttp-in-new-high-speed-microsoft-365-password-attacks/