All posts in Uncategorized

■■■□□ ​CISA warned on Wednesday that attackers are actively exploiting two security vulnerabilities in N‑able’s N-central remote monitoring and management (RMM) platform. https://www.bleepingcomputer.com/news/security/cisa-warns-of-n-able-n-central-flaws-exploited-in-zero-day-attacks/

■■□□□ Weaponizing WaybackUrls for Recon, BugBounties , OSINT, Sensitive Endpoints and more. https://github.com/anmolksachan/thetimemachine

■■□□□ Time Traveling for Bugs: How The Time Machine v3.0 Uncovered an XSS on a website [Part 1]. https://anmolksachan.medium.com/time-traveling-for-bugs-how-the-time-machine-uncovered-an-xss-on-redacted-com-92e3662a50e4

■■■■□ Apparently, a ChineseNational Arrested for driving Smishing SMS blasters around Vietnam. Risk, Fraud & Security The fake base stations sent messages claiming recipients had to pay a traffic fine. Foreign National Arrested for Driving Smishing SMS Blasters around Vietnam

■■■■□ A critical navigation component used in Shahed-series attack drones is now openly available for purchase on a major Chinese e-commerce platform, according to Ukrainian electronic warfare specialist Serhiy Beskrestnov, widely known by his callsign “Serhiy Flesh.” Beskrestnov wrote that a Chinese-made, 11-element anti-jamming antenna — long identified as a core part of the Shahed’s…

■■■■■ Detect Movement in Your Home with WiFi Motion. Now, the vendor is giving this technology to everyone who has their device. https://www.xfinity.com/hub/smart-home/wifi-motion

■■■■■ 🟥CVE-2025-53783: Heap based BoF resulting in message read, modify and delete. Microsoft Teams RCE Flaw Allows Hackers to Read, Modify, and Delete Messages

■■■□□ A threat actor claims to have taken out WordPress site in a DoS attack. We ran a simple test on WordPress security and were able to bring down the entire infrastructure of the website. That is, the website displays normally, but when executing any command that requires connecting to the server, it does not…

■■□□□ Zoom and Xerox have addressed critical security flaws in Zoom Clients for Windows and FreeFlow Core that could allow privilege escalation and remote code execution. The vulnerability impacting Zoom Clients for Windows, tracked as CVE-2025-49457 (CVSS score: 9.6), relates to a case of an untrusted search path that could pave the way for privilege…

■■■□□ IBM Cloud hit by Severity One incident with the same symptoms as other recent SNAFUs. Outages, degraded service, and login troubles hit 10 regions and 27 services. https://www.theregister.com/2025/08/12/ibm_cloud_severity_one_outage/