■■■□□ Zero-Day: WinRAR 0-Day Vulnerabilities Exploited in Wild by Hackers – Detailed Case Study. WinRAR 0-Day Vulnerabilities Exploited in Wild by Hackers – Detailed Case Study
All posts in Uncategorized
August 28, 2025 at 04:32PM
■■■□□ The Art of PHP — My CTF Journey and Untold Stories! – 🍊 Tsai https://blog.orange.tw/posts/2025-08-the-art-of-php-ch/
August 28, 2025 at 10:18AM
■■■■□ Zero-Day: PoC Exploit Released for Chrome 0-Day Vulnerability Exploited in the Wild. CVE-2025-5419 is an out-of-bounds (OOB) read and write flaw in V8’s array handling routines. PoC Exploit Released for Chrome 0-Day Vulnerability Exploited in the Wild
August 28, 2025 at 09:30AM
■■■■□ First AI Ransomware ‘PromptLock’ Uses OpenAI gpt-oss-20b Model for Encryption. First AI Ransomware ‘PromptLock’ Uses OpenAI gpt-oss-20b Model for Encryption
August 28, 2025 at 08:39AM
■■■□□ Weaponized PuTTY Via Bing Ads Exploit Kerberos and Attack Active Directory Services. Weaponized PuTTY Via Bing Ads Exploit Kerberos and Attack Active Directory Services
August 27, 2025 at 06:23PM
■□□□□ Threat Actors Weaponizing Windows Scheduled Tasks to Establish Persistence Without Requiring Extra Tools. Threat Actors Weaponizing Windows Scheduled Tasks to Establish Persistence Without Requiring Extra Tools
August 27, 2025 at 05:48PM
■■■■□ New AI attack hides data-theft prompts in downscaled images. https://blog.trailofbits.com/2025/08/21/weaponizing-image-scaling-against-production-ai-systems/ https://www.bleepingcomputer.com/news/security/new-ai-attack-hides-data-theft-prompts-in-downscaled-images/
August 27, 2025 at 10:40AM
■■□□□ Microsoft Copilot Agent Policy Flaw Lets Any User Access AI Agents. Microsoft Copilot Agent Policy Flaw Lets Any User Access AI Agents
August 26, 2025 at 03:46PM
■■□□□ Disinformation: YouTube’s collusion with Israeli government for spreading propaganda. Video Statement: Markets are shown to be from Gaza. Fact: Video is not from Gaza.
August 26, 2025 at 01:56AM
■■■■□ Safeguarding VS Code against prompt injections. When a chat conversation is poisoned by indirect prompt injection, it can result in the exposure of GitHub tokens, confidential files, or even the execution of arbitrary code without the user’s explicit consent. In this blog post, we’ll explain which VS Code features may reduce these risks. Safeguarding…