❏ </Mr. SAM/> ❏
░▒▓█ SecurityWeek █▓▒░
Australia’s TPG Telecom Investigating iiNet Hack
🔗 ➢➣➤ More ...
░▒▓█ SecurityWeek █▓▒░
Australia’s TPG Telecom Investigating iiNet Hack
🔗 ➢➣➤ More ...
SecurityWeek
Australia’s TPG Telecom Investigating iiNet Hack
TPG Telecom has disclosed a cybersecurity incident after discovering unauthorized access to an iiNet order management system.
❏ </Mr. SAM/> ❏
░▒▓█ Bleeping Computer █▓▒░
Microsoft: August security updates break Windows recovery, reset
🔗 ➢➣➤ More ...
░▒▓█ Bleeping Computer █▓▒░
Microsoft: August security updates break Windows recovery, reset
🔗 ➢➣➤ More ...
BleepingComputer
Microsoft: August security updates break Windows recovery, reset
Microsoft has confirmed that the August 2025 Windows security updates are breaking reset and recovery operations on systems running Windows 10 and older versions of Windows 11.
❏ </Mr. SAM/> ❏
░▒▓█ cybersecurity █▓▒░
New Exploit for SAP 0-Day Vulnerability Allegedly Released in the Wild by ShinyHunters Hackers
🔗 ➢➣➤ More ...
░▒▓█ cybersecurity █▓▒░
New Exploit for SAP 0-Day Vulnerability Allegedly Released in the Wild by ShinyHunters Hackers
🔗 ➢➣➤ More ...
Cyber Security News
New Exploit for SAP 0-Day Vulnerability Allegedly Released in the Wild by ShinyHunters Hackers
A working exploit targeting critical SAP vulnerabilities CVE-2025-31324 and CVE-2025-42999 has been publicly released by the notorious cybercriminal group "Scattered LAPSUS$ Hunters – ShinyHunters" via Telegram channels, with VX Underground subsequently publishing…
❏ </Mr. SAM/> ❏
░▒▓█ TheHackersNews █▓▒░
Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution
🔗 ➢➣➤ More ...
░▒▓█ TheHackersNews █▓▒░
Public Exploit for Chained SAP Flaws Exposes Unpatched Systems to Remote Code Execution
🔗 ➢➣➤ More ...
❏ </Mr. SAM/> ❏
░▒▓█ DarkReading █▓▒░
10 Major GitHub Risk Vectors Hidden in Plain Sight
🔗 ➢➣➤ More ...
░▒▓█ DarkReading █▓▒░
10 Major GitHub Risk Vectors Hidden in Plain Sight
🔗 ➢➣➤ More ...
Dark Reading
10 Major GitHub Risk Vectors Hidden in Plain Sight
By addressing these overlooked risk vectors, organizations can continue leveraging GitHub's innovation while protecting against sophisticated supply chain attacks targeting interconnected software.
❏ </Mr. SAM/> ❏
░▒▓█ Bleeping Computer █▓▒░
Pharma firm Inotiv says ransomware attack impacted operations
🔗 ➢➣➤ More ...
░▒▓█ Bleeping Computer █▓▒░
Pharma firm Inotiv says ransomware attack impacted operations
🔗 ➢➣➤ More ...
BleepingComputer
Pharma firm Inotiv says ransomware attack impacted operations
American pharmaceutical company Inotiv has disclosed that some of its systems and data have been encrypted in a ransomware attack, impacting the company's business operations.
❏ </Mr. SAM/> ❏
░▒▓█ cybersecurity █▓▒░
MCDonald’s Free Nuggets Hack Leads to Expose of Confidential Data
🔗 ➢➣➤ More ...
░▒▓█ cybersecurity █▓▒░
MCDonald’s Free Nuggets Hack Leads to Expose of Confidential Data
🔗 ➢➣➤ More ...
Cyber Security News
McDonald’s Free Nuggets Hack Leads to Exposure of Confidential Data
A series of alarming vulnerabilities in McDonald's digital infrastructure, from free food exploits to exposed executive data.
❏ </Mr. SAM/> ❏
░▒▓█ PortSwigger █▓▒░
Beware the false false-positive: how to distinguish HTTP pipelining from request smuggling
🔗 ➢➣➤ More ...
░▒▓█ PortSwigger █▓▒░
Beware the false false-positive: how to distinguish HTTP pipelining from request smuggling
🔗 ➢➣➤ More ...
PortSwigger Research
Beware the false false-positive: how to distinguish HTTP pipelining from request smuggling
Sometimes people think they've found HTTP request smuggling, when they're actually just observing HTTP keep-alive or pipelining. This is usually a false positive, but sometimes there's actually a real
❏ </Mr. SAM/> ❏
░▒▓█ RedCanary █▓▒░
Respond faster and empower users with Red Canary Managed Phishing Response
🔗 ➢➣➤ More ...
░▒▓█ RedCanary █▓▒░
Respond faster and empower users with Red Canary Managed Phishing Response
🔗 ➢➣➤ More ...
Red Canary
Respond faster and empower users with Red Canary Managed Phishing Response | Red Canary
Managed Phishing Response offers AI-powered triage, rapid expert analysis, and tailored feedback for every user-reported phishing email
❏ </Mr. SAM/> ❏
░▒▓█ TheRecord █▓▒░
North Korea-linked hackers target embassies in Seoul in new espionage campaign
🔗 ➢➣➤ More ...
░▒▓█ TheRecord █▓▒░
North Korea-linked hackers target embassies in Seoul in new espionage campaign
🔗 ➢➣➤ More ...
therecord.media
North Korea-linked hackers target embassies in Seoul in new espionage campaign
North Korea-linked hackers were seen targeting more than a dozen embassies in Seoul with phishing emails.
❏ </Mr. SAM/> ❏
░▒▓█ hackday █▓▒░
How to Sink a Ship: Preparing the SS United States For its Final Journey
🔗 ➢➣➤ More ...
░▒▓█ hackday █▓▒░
How to Sink a Ship: Preparing the SS United States For its Final Journey
🔗 ➢➣➤ More ...
Hackaday
How To Sink A Ship: Preparing The SS United States For Its Final Journey
When we last brought you word of the SS United States, the future of the storied vessel was unclear. Since 1996, the 990 foot (302 meter) ship — the largest ocean liner ever to be constructed…
❏ </Mr. SAM/> ❏
░▒▓█ cybersecurity █▓▒░
Microsoft Defender AI to Uncover Plain Text Credentials Within Active Directory
🔗 ➢➣➤ More ...
░▒▓█ cybersecurity █▓▒░
Microsoft Defender AI to Uncover Plain Text Credentials Within Active Directory
🔗 ➢➣➤ More ...
Cyber Security News
Microsoft Defender AI to Uncover Plain Text Credentials Within Active Directory
Microsoft has unveiled a groundbreaking AI-powered security feature that addresses one of cybersecurity's most persistent vulnerabilities: plain text credentials stored in Active Directory (AD) free text fields.
❏ </Mr. SAM/> ❏
░▒▓█ cybersecurity █▓▒░
Scans From Hacked Cisco Small Business Routers, Linksys and Araknis are at the Raise
🔗 ➢➣➤ More ...
░▒▓█ cybersecurity █▓▒░
Scans From Hacked Cisco Small Business Routers, Linksys and Araknis are at the Raise
🔗 ➢➣➤ More ...
Cyber Security News
Scans From Hacked Cisco Small Business Routers, Linksys and Araknis are at the Raise
Researchers have identified a significant surge in malicious HTTP scanning activities originating from approximately 2,200 compromised small business routers across multiple vendors.
❏ </Mr. SAM/> ❏
░▒▓█ Bleeping Computer █▓▒░
Elastic rejects claims of a zero-day RCE flaw in Defend EDR
🔗 ➢➣➤ More ...
📢 @NullError_ir
░▒▓█ Bleeping Computer █▓▒░
Elastic rejects claims of a zero-day RCE flaw in Defend EDR
🔗 ➢➣➤ More ...
📢 @NullError_ir
BleepingComputer
Elastic rejects claims of a zero-day RCE flaw in Defend EDR
Enterprise search and security company Elastic is rejecting reports of a zero-day vulnerability impacting its Defend endpoint detection and response (EDR) product.
❏ </Mr. SAM/> ❏
░▒▓█ cybersecurity █▓▒░
OpenAI Launches $4 ChatGPT Go Plan with Unlimited Access to GPT-5
🔗 ➢➣➤ More ...
📢 @NullError_ir
░▒▓█ cybersecurity █▓▒░
OpenAI Launches $4 ChatGPT Go Plan with Unlimited Access to GPT-5
🔗 ➢➣➤ More ...
📢 @NullError_ir
Cyber Security News
OpenAI Launches $4 ChatGPT Go Plan with Unlimited Access to GPT-5
OpenAI has unveiled ChatGPT Go, a budget-friendly subnoscription plan priced at just ₹399 per month (approximately $4 USD, GST included).
❏ </Mr. SAM/> ❏
░▒▓█ DarkReading █▓▒░
PipeMagic Backdoor Resurfaces as Part of Play Ransomware Attack Chain
🔗 ➢➣➤ More ...
@NullError_ir 📢
░▒▓█ DarkReading █▓▒░
PipeMagic Backdoor Resurfaces as Part of Play Ransomware Attack Chain
🔗 ➢➣➤ More ...
@NullError_ir 📢
Dark Reading
PipeMagic Backdoor Resurfaces as Part of Play Ransomware Attack Chain
Attackers are wielding the sophisticated modular malware while exploiting CVE-2025-29824, a previously zero-day flaw in Windows Common Log File System (CLFS) that allows attackers to gain system-level privileges on compromised systems.
❏ </Mr. SAM/> ❏
░▒▓█ hackday █▓▒░
Food Irradiation Is Not As Bad As It Sounds
🔗 ➢➣➤ More ...
@NullError_ir 📢
░▒▓█ hackday █▓▒░
Food Irradiation Is Not As Bad As It Sounds
🔗 ➢➣➤ More ...
@NullError_ir 📢
Hackaday
Food Irradiation Is Not As Bad As It Sounds
Radiation is a bad thing that we don’t want to be exposed to, or so the conventional wisdom goes. We’re most familiar with it in the context of industrial risks and the stories of nucle…
cai
این پروژه توسط یک شرکت اسپانیایی متخصص در امنیت رباتها به نام Alias Robotics ساخته شده.
به طور خلاصه،
cai یک جعبه ابزار امنیت سایبری برای رباتهای صنعتی است.۔
cai مخفف Cybersecurity Armory for Industrial robots به معنی زَرادخانه امنیت سایبری برای رباتهای صنعتی است.وظیفه اصلی این ابزار، کمک به متخصصان امنیت و مهندسان رباتیک برای تست و ارزیابی امنیت رباتها است.
۔
cai یک ابزار واحد نیست، بلکه یک فریمورک (Framework) است که شامل چندین ابزار (ماژول) مختلف برای کارهای گوناگون مثل اسکن شبکه، تحلیل پروتکلهای ارتباطی ربات و پیدا کردن ضعفهای امنیتی میشود.این پروژه بیشتر برای گروههای زیر کاربرد دارد:
متخصصان امنیت سایبری
مهندسان رباتیک
محققان دانشگاهی
به طور خلاصه، پس از نصب کارهایی که میتوانید با آن انجام دهید به چند دسته اصلی تقسیم میشوند:
۱. اکتشاف و شناسایی 🕵️
پیدا کردن رباتها در شبکه: شبکههای کارخانهها را اسکن کنید تا دستگاههایی که ربات هستند یا با رباتها در ارتباطند را شناسایی کنید.
جمعآوری اطلاعات از ربات ها
۲. اسکن آسیبپذیری 🛡
بعد از شناسایی، نوبت به پیدا کردن اسکن خودکار آسیبپذیریهای شناختهشده در رباتها مثل:
بررسی رمزهای عبور پیشفرض
شناسایی نرمافزارهای قدیمی
پیکربندیهای ناامن
۳. تحلیل و دستکاری پروتکلهای صنعتی ⚙️
رباتها از پروتکلهای ارتباطی خاصی استفاده میکنند که در شبکههای IT معمولی رایج نیستند (مثل EtherNet/IP, PROFINET و غیره).
cai به شما اجازه میدهد:شنود ترافیک
ارسال بستههای مخرب (Fuzzing)
تزریق دستور (Command Injection)
۴. تست نفوذ و بهرهبرداری 💥
در صورت پیدا کردن یک آسیبپذیری، یک متخصص میتواند با
cai:ربات را متوقف کند (Denial of Service):
کنترل ربات را به دست بگیرد .
اطلاعات حساس را سرقت کند
سیستمهای ایمنی را دور بزند
جمعبندی
به زبان ساده، با نصب
cai: شما میتوانید همان تستهای امنیتی که با ابزارهایی مثل Nmap, Metasploit و Wireshark روی سرورها و وبسایتها انجام میدهید را به شکلی کاملاً تخصصی روی رباتهای صنعتی پیادهسازی کنید.@NullError_ir
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - aliasrobotics/cai: Cybersecurity AI (CAI), the framework for AI Security
Cybersecurity AI (CAI), the framework for AI Security - aliasrobotics/cai
❏ </Mr. SAM/> ❏
░▒▓█ Bleeping Computer █▓▒░
Okta open-sources catalog of Auth0 rules for threat detection
🔗 ➢➣➤ More ...
@NullError_ir 📢
░▒▓█ Bleeping Computer █▓▒░
Okta open-sources catalog of Auth0 rules for threat detection
🔗 ➢➣➤ More ...
@NullError_ir 📢
BleepingComputer
Okta open-sources catalog of Auth0 rules for threat detection
Okta has open-sourced ready-made Sigma-based queries for Auth0 customers to detect account takeovers, misconfigurations, and suspicious behavior in event logs.