Reproducing n-day vulnerabilities and writing N-day based fuzzer with Qiling | https://devilinside.me/blogs/reproducing-ndays-qiling

[webapps] phpPgAdmin 7.13.0 - COPY FROM PROGRAM Command Execution (Authenticated)
https://www.exploit-db.com/exploits/49736

Android-PIN-Bruteforce
https://github.com/urbanadventurer/Android-PIN-Bruteforce

Exploiting Windows RPC to bypass CFG mitigation: analysis of CVE-2021-26411 in-the-wild sample

The general method of browser render process exploit is: after exploiting the vulnerability to obtain user mode arbitrary memory read/write primitive, the vtable of DOM/js object is tampered to hijack the code execution flow. Then VirtualProtect is called by ROP chain to modify the shellcode memory to PAGE_EXECUTE_READWRITE, and the code execution flow is jumped to shellcode by ROP chain finally. After Windows 8.1, Microsoft introduced CFG (Control Flow Guard)[1] mitigation to verify the indirect function call, which mitigates the exploitation of tampering with vtable to get code execution.

However, the confrontation is not end. Some new methods to bypass CFG mitigation have emerged. For example, in chakra/jnoscript9, the code execution flow is hijacked by tampering with the function return address on the stack; in v8, WebAssembly with executable memory property is used to execute shellcode. In December 2020, Microsoft introduced CET(Control-flow Enforcement Technology)[2] mitigation technology based on Intel Tiger Lake CPU in Windows 10 20H1, which protects the exploitation of tampering with the function return address on the stack. Therefore, how to bypass CFG in a CET mitigation environment has become a new problem for vulnerability exploitation.

https://iamelli0t.github.io/2021/04/10/RPC-Bypass-CFG.html

Iran Calls Natanz Atomic Site Blackout 'Nuclear Terrorism'

https://ift.tt/3mF8sEE

Exclusive: #RUMINT Rumor Intelligence from Iran 🇮🇷 via Israel 🇮🇱.

Nuclear facility at Natanz, Iran has suffered major damage by an attack.

Rumor 1: Israel launched a cyber attack at the facility.

Rumor 2: Israel used local assets and used explosives (likely a sabotage) and / or cyber tactics during the attack.

Rumor 3: It was an accident.

However, the facility sustained power damage and no nuclear leak occurred, as per reliable source.

Remote exploitation of a man-in-the-disk vulnerability in WhatsApp (CVE-2021-24027)
Research: https://census-labs.com/news/2021/04/14/whatsapp-mitd-remote-exploitation-CVE-2021-24027/
PoC: https://github.com/CENSUS/whatsapp-mitd-mitm

1-click RCE in Telegram, Nextcloud, VLC, Libre-/OpenOffice, Bitcoin/Dogecoin Wallets, Wireshark and Mumble

https://ift.tt/3gcdx6d

Telegram bug bounties: XSS, privacy issues, official bot exploitation and more…

https://davtur19.medium.com/telegram-bug-bounties-xss-privacy-issues-official-bot-exploitation-and-more-5277fa78435

An issue was discovered in the AbuseFilter extension for MediaWiki through 1.35.2. It incorrectly logged sensitive suppression deletions, which should not have been visible to users with access to view AbuseFilter log data.

https://cve.reconshell.com/cve/CVE-2021-31546

Researchers Uncover Stealthy Linux Malware That Went Undetected for 3 Years. RotaJakiro

https://thehackernews.com/2021/04/researchers-uncover-stealthy-linux.html