All posts in Uncategorized

💧🌊 Hydroph0bia (CVE-2025-4275) – a trivial SecureBoot bypass for UEFI-compatible firmware based on Insyde H2O. Secure Boot bypass for laptops, embedded and medical devices, and car ECUs: technical details and exploit. Security researcher Nikolaj Schlej shared yesterday a new and quite effective (even trivial) way to bypass Secure Boot in Insyde H20 UEFI BIOS. The…

🚘🎙 Streaming Zero-Fi Shells to Your Smart Speaker. Exploiting the Sonos Era 300 with malicious HLS playlist. Pwn²Own Ireland 🇮🇪 Exploit: https://github.com/ret2/Pwn2Own-Ireland2024-Sonos Reference: Sonos advisory https://www.sonos.com/en-us/security-advisory-2024-0002

■■■■■ 💻 Windows SMB Client Zero-Day Vulnerability Exploited Using Reflective Kerberos Relay Attack. Windows SMB Client Zero-Day Vulnerability Exploited Using Reflective Kerberos Relay Attack

■■■■□ Israel vs. Iran war: Use of OSINT in kinetic war as Iran uses videos posted online (social media) to fine tune accuracy. https://t.me/Middle_East_Spectator/19567

■■■■■ #Intelligence: Israeli op as per their source. Mossad set up drone base in Iran; UAVs were activated overnight to strike surface-to-surface missile launchers aimed at Israel. https://www.timesofisrael.com/liveblog_entry/mossad-set-up-a-drone-base-in-iran-uavs-were-activated-overnight-to-strike-surface-to-surface-missile-launchers-aimed-at-israel/

■■■□□ Telegram, the FSB, and the Man in the Middle. The technical infrastructure that underpins Telegram is controlled by a man whose companies have collaborated with Russian intelligence services. An investigation by IStories https://storage.googleapis.com/istories/en/stories/2025/06/10/telegram-fsb/index.html

■□□□□ Google Cloud and Cloudflare hit by widespread service outages. https://www.bleepingcomputer.com/news/technology/google-cloud-and-cloudflare-hit-by-widespread-service-outages/

■■□□□ The FLOCKER Ransomware group claims on their Darkweb site that they have stolen data from the Department of Land and Real Estate Regulation in Ajman, United Arab Emirates 🇦🇪.

■■■■■ Apple just patched a zero-day under active attack. CVE-2025-24201 let hackers escape the WebKit sandbox-Apple calls the exploit extremely sophisticated.

■■■□□ The Pakistan Airports Authority (PAA) appears to have been compromised, their email infrastructure being used to distribute password-protected ZIP archives containing a previously undocumented malware. https://x.com/WhichbufferArda/status/1933300356370325981