■■■□□ CVE-2025-32463: Another critical EoP in sudo has been discovered. https://www.bleepingcomputer.com/news/security/cisa-warns-of-critical-linux-sudo-flaw-exploited-in-attacks/
All posts in Uncategorized
September 30, 2025 at 03:11PM
■■□□□ Ransomware group sought BBC reporter’s help in hacking media giant. https://www.bleepingcomputer.com/news/security/ransomware-gang-sought-bbc-reporters-help-in-hacking-media-giant/
September 30, 2025 at 10:18AM
■■□□□ Hackers Can Bypass EDR by Downloading a Malicious File as an In-Memory PE Loader. Hackers Can Bypass EDR by Downloading a Malicious File as an In-Memory PE Loader
September 29, 2025 at 07:18PM
■■■■□ Zero-Day: DefCon lock picking.
September 28, 2025 at 05:55PM
■■■■□ Write-up focuses on bypass of file upload. Known technique. https://infosecwriteups.com/new-technique-bypass-file-upload-4c18cef9f9ed
September 28, 2025 at 04:13PM
■■■■□ Iranian State Sponsored Hackers Use SSL.com Certificates to Sign Malware. Security researchers say multiple threat groups, including Iran’s Charming Kitten APT offshoot Subtle Snail, are deploying malware with code-signing certificates from the Houston-based company. https://www.darkreading.com/vulnerabilities-threats/iranian-hackers-ssl-certificates-sign-malware
September 28, 2025 at 01:17PM
■■■■□ 🔥CVE-2025-59934: Critical Flaw in Formbricks Allows Unauthorized Password Resets via Forged JWT Tokens 🚀POC -https://github.com/formbricks/formbricks/security/advisories/GHSA-7229-q9pv-j6p4 Dorks: http://product.name=”Formbricks”
September 28, 2025 at 12:30PM
■■■□□ Hackers Compromise Active Directory to Steal NTDS.dit that Leads to Full Domain Compromise. Hackers Compromise Active Directory to Steal NTDS.dit that Leads to Full Domain Compromise
September 27, 2025 at 10:16PM
Claude is hacker as it gets Kali tools via MCP
September 27, 2025 at 12:40PM
■■■□□ Federal agencies given one day to patch exploited Cisco firewall bugs. https://therecord.media/cisco-asa-firewall-bugs-cisa-federal-agencies-warning