■■■□□ Unauthenticated RCE in Motorola’s MR2600 Router https://mrbruh.com/motorola/
All posts in Uncategorized
July 9, 2026 at 06:44PM
■■□□□ Intruding thread on privacy. https://x.com/i/status/2075226136229863475
July 9, 2026 at 04:25PM
■■■□□ no-gdid: Read, understand, and silence the Windows Global Device Identifier (GDID) — the hidden per-account device ID that helped the FBI locate a suspect who was using a VPN. 👮 the best option is to switch Microsoft products out of environment completely. At ckure, we use Fedora. https://github.com/Korben00/no-gdid
July 9, 2026 at 11:46AM
■■■□□ Proxyware actor behind fake 7-Zip is bigger than most assumed. Fake Installers, Fake Reviews, Fake Services – Real Proxies, Real Victims
July 9, 2026 at 12:58AM
■■■■■ 💻 Windows kernel exploitation series. https://mdanilor.github.io/posts/hevd-0/ https://mdanilor.github.io/posts/hevd-1/ https://mdanilor.github.io/posts/hevd-2/ https://mdanilor.github.io/posts/hevd-3/ https://mdanilor.github.io/posts/hevd-4/
July 8, 2026 at 08:31PM
🎚 The Mosad Playbook: How One Alias Built a Cross-Platform Leak Network. https://stealthmole-intelligence-hub.blogspot.com/2026/07/the-mosad-playbook-how-one-alias-built.html
July 8, 2026 at 08:28PM
■■■■■ EvilTokens phishing can look clean during URL checks. The real page stays encrypted until it opens in the victim’s browser, then uses Microsoft device-code phishing to push toward Microsoft 365 account takeover. The blind spot is browser visibility, not just email scanning. https://thehackernews.com/2026/07/new-ghost-phishing-wave-is-breaking.html
July 6, 2026 at 04:39PM
■■■□□ 🇮🇷 Cavern Manticore: Exposing Iran-Linked Modular C2 Framework CP reveals: 🎯 Israeli Gov & IT sector targeted 🧩 Novel modular “Cavern” C2 framework, 3 .NET formats 🕵️ Iran-nexus; MOIS ties to MuddyWater & Lyceum 👻 Most samples: zero VT hits https://research.checkpoint.com/2026/cavern-manticore-exposing-iran-linked-modular-c2-framework/
July 6, 2026 at 07:51AM
■■■■□ ⚪️⚪️⚪️🔺🔺⚪️ ⚪️⚪️🔺⚪️🔺⚪️🔺 Exploit for Exynos devices to gain ACE in BootROM context. A length parameter left unchecked in the USB Control Request code allows iRAM to be dumped, modified and resent to the device, allowing for code execution. https://github.com/halal-beef/houston-pub
July 5, 2026 at 08:44PM
■■□□□ Why DMARC’s new “NP” tag can fail with DNSSEC. https://dmarcwise.io/blog/dmarc-np-incompatibility-with-dnssec
