New Pacu Module: Secret Enumeration in Elastic Beanstalk
https://ift.tt/5jXNica
Submitted April 22, 2025 at 10:01PM by hackers_and_builders
via reddit https://ift.tt/rGHM91N
https://ift.tt/5jXNica
Submitted April 22, 2025 at 10:01PM by hackers_and_builders
via reddit https://ift.tt/rGHM91N
Rhino Security Labs
New Pacu Module: Secret Enumeration in Elastic Beanstalk
Pacu's newest scenario, enumerating Elastic Beanstalk for Secrets, was built to save users hours of testing during an AWS penetration test.
Why RAG is Crucial For LLM Analysis Workflows
https://ift.tt/QmiO9Xq
Submitted April 22, 2025 at 10:54PM by peyton-cyber
via reddit https://ift.tt/jqi2tGa
https://ift.tt/QmiO9Xq
Submitted April 22, 2025 at 10:54PM by peyton-cyber
via reddit https://ift.tt/jqi2tGa
Substack
AI Agents: Why RAG is Crucial for Cyber Security Workloads
Cybersecurity analysts often rely on Google to find relevant information while performing analysis.
Glitching STM32 Read Out Protection - Anvil Secure
https://ift.tt/ThtL7yX
Submitted April 23, 2025 at 12:16AM by tlxio
via reddit https://ift.tt/BRuaiNW
https://ift.tt/ThtL7yX
Submitted April 23, 2025 at 12:16AM by tlxio
via reddit https://ift.tt/BRuaiNW
Anvil Secure
Glitching STM32 Read Out Protection - Anvil Secure
Security Engineer Luigi Fragale demonstrates how to glitch the STM32F401 to read protected memory using Python and fault injection.
Local privilege escalation on Zyxel USG FLEX H Series (CVE-2025-1731)
https://ift.tt/H3eFjAI
Submitted April 23, 2025 at 11:07AM by 0xdea
via reddit https://ift.tt/Bz9Heyd
https://ift.tt/H3eFjAI
Submitted April 23, 2025 at 11:07AM by 0xdea
via reddit https://ift.tt/Bz9Heyd
hn security
Local privilege escalation on Zyxel USG FLEX H Series (CVE-2025-1731) - hn security
“So we wait, this is our […]
XRP Supplychain attack: Official NPM package infected with crypto stealing backdoor
https://ift.tt/krtMqYg
Submitted April 22, 2025 at 05:22PM by DebugDucky
via reddit https://ift.tt/FLz3QmT
https://ift.tt/krtMqYg
Submitted April 22, 2025 at 05:22PM by DebugDucky
via reddit https://ift.tt/FLz3QmT
www.aikido.dev
XRP supply chain attack: Official NPM package infected with crypto stealing backdoor
The official XPRL (Ripple) NPM package was compromised by sophisticated attackers who put in a backdoor to steal cryptocurrency private keys and gain access to cryptocurrency wallets.
Authenticated Remote Code Execution on USG FLEX H Series (CVE-2025-1731 / CVE-2025-1732)
https://0xdeadc0de.xyz/blog/cve-2025-1731_cve-2025-1732
Submitted April 24, 2025 at 06:09AM by Advanced_Rough8330
via reddit https://ift.tt/98Gzu5v
https://0xdeadc0de.xyz/blog/cve-2025-1731_cve-2025-1732
Submitted April 24, 2025 at 06:09AM by Advanced_Rough8330
via reddit https://ift.tt/98Gzu5v
0xdeadc0de.xyz
0xdeadc0de Infosec
Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028) - watchTowr Labs
https://ift.tt/TNhE46Q
Submitted April 24, 2025 at 03:31PM by dx7r__
via reddit https://ift.tt/76sZ0hM
https://ift.tt/TNhE46Q
Submitted April 24, 2025 at 03:31PM by dx7r__
via reddit https://ift.tt/76sZ0hM
watchTowr Labs
Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)
As we pack our bags and prepare for the adult-er version of BlackHat (that apparently doesn’t require us to print out stolen mailspoolz to hand to people at their talks), we want to tell you about a recent adventure - a heist, if you will.
No heist story…
No heist story…
GitHub potential leaking of private emails and Hacker One
https://ift.tt/m2C09ep
Submitted April 24, 2025 at 04:01PM by omarous
via reddit https://ift.tt/3hdigmD
https://ift.tt/m2C09ep
Submitted April 24, 2025 at 04:01PM by omarous
via reddit https://ift.tt/3hdigmD
Omar Abid - Personal Blog
GitHub potential leaking of private emails and Hacker One
TBD
2 New UAF Vulnerabilities in Chrome
https://ift.tt/7SXv1nT
Submitted April 24, 2025 at 06:11PM by Straight-Zombie-646
via reddit https://ift.tt/lzJA49i
https://ift.tt/7SXv1nT
Submitted April 24, 2025 at 06:11PM by Straight-Zombie-646
via reddit https://ift.tt/lzJA49i
SSD Secure Disclosure
SSD Advisory - How MiraclePtr Crushed Two Sandbox Escapes - SSD Secure Disclosure
Summary In the wild exploit targeting Chrome, UAF within the Browser process have frequently been a key vector for sandbox escapes. In this post, we introduce two newly discovered UAF within the Browser process, identified during our vulnerability research.…
Spring Security CVE-2025-22234 Introduces Username Enumeration Vector
https://ift.tt/bNyQwSi
Submitted April 24, 2025 at 09:58PM by MelissaAtHeroDevs
via reddit https://ift.tt/81HbAQM
https://ift.tt/bNyQwSi
Submitted April 24, 2025 at 09:58PM by MelissaAtHeroDevs
via reddit https://ift.tt/81HbAQM
Herodevs
Vulnerability Directory | CVE-2025-22234 | HeroDevs
Patch CVE-2025-22234 immediately to secure your systems from critical vulnerabilities. Protect your applications and prevent exploits with the latest updates and fixes—don’t wait, act now!
io_uring Is Back, This Time as a Rootkit
https://ift.tt/vbfi8Pd
Submitted April 25, 2025 at 02:35AM by Swimming_Version_605
via reddit https://ift.tt/ev2bUIQ
https://ift.tt/vbfi8Pd
Submitted April 25, 2025 at 02:35AM by Swimming_Version_605
via reddit https://ift.tt/ev2bUIQ
ARMO
io_uring Rootkit Bypasses Linux Security Tools - ARMO
ARMO reveals how io_uring enables rootkits to bypass major Linux security tools like Falco, and Defender. Learn about the Curing rootkit and detection strategies.
Addressing a Large-Scale Data Breach: Seeking Network Security Expertise
http://Nksaz.us
Submitted April 25, 2025 at 05:53AM by 666Inkjo
via reddit https://ift.tt/53ZlILy
http://Nksaz.us
Submitted April 25, 2025 at 05:53AM by 666Inkjo
via reddit https://ift.tt/53ZlILy
Reddit
Addressing a Large-Scale Data Breach: Seeking Network Security Expertise : r/netsec
525K subscribers in the netsec community. /r/netsec is a community-curated aggregator of technical information security content. Our mission is to…
5 CVEs and a CISA Advisory for Planet Technology industrial switches
https://ift.tt/YHpBl6W
Submitted April 25, 2025 at 03:41PM by kev-thehermit
via reddit https://ift.tt/TeYwGNb
https://ift.tt/YHpBl6W
Submitted April 25, 2025 at 03:41PM by kev-thehermit
via reddit https://ift.tt/TeYwGNb
Three new vulnerabilities found related to IXON VPN client resulting in Local Privilege Escalation (LPE) and [REDACTED] | Shelltrail - Swedish offensive security experts
https://ift.tt/jDvmbos
Submitted April 25, 2025 at 04:59PM by ivxrehc
via reddit https://ift.tt/mRzfpQI
https://ift.tt/jDvmbos
Submitted April 25, 2025 at 04:59PM by ivxrehc
via reddit https://ift.tt/mRzfpQI
Shelltrail - Swedish offensive security experts
Three new vulnerabilities found related to IXON VPN client resulting in Local Privilege Escalation (LPE) and [REDACTED] | Shelltrail…
The post explains the process of finding and exploiting three vulnerabilities found in the IXON VPN client
Is airplane mode lying? A browser behavior demo that messes with expectations.
https://ift.tt/4C2Iqcb
Submitted April 25, 2025 at 04:58PM by repawel
via reddit https://ift.tt/fypS5iC
https://ift.tt/4C2Iqcb
Submitted April 25, 2025 at 04:58PM by repawel
via reddit https://ift.tt/fypS5iC
Remote Code Execution on Viasat Modems (CVE-2024-6198)
https://ift.tt/5mh2Stv
Submitted April 25, 2025 at 06:45PM by g_e_r_h_a_r_d
via reddit https://ift.tt/giWHtOu
https://ift.tt/5mh2Stv
Submitted April 25, 2025 at 06:45PM by g_e_r_h_a_r_d
via reddit https://ift.tt/giWHtOu
Onekey
Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198) | ONEKEY Research | Research | ONEKEY
Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.
Ghosting AMSI: Cutting RPC to disarm AV
https://ift.tt/9tdDBYy
Submitted April 25, 2025 at 11:15PM by Echoes-of-Tomorroww
via reddit https://ift.tt/5DieBwL
https://ift.tt/9tdDBYy
Submitted April 25, 2025 at 11:15PM by Echoes-of-Tomorroww
via reddit https://ift.tt/5DieBwL
Medium
Ghosting AMSI: Cutting RPC to disarm AV
In this post, we explore how to bypass AMSI’s scanning logic by hijacking the RPC layer it depends on — specifically the NdrClientCall3…
RomHack 2025 Call for Papers
https://ift.tt/KgeFlLf
Submitted April 27, 2025 at 12:02PM by smaury
via reddit https://ift.tt/ONrFpk1
https://ift.tt/KgeFlLf
Submitted April 27, 2025 at 12:02PM by smaury
via reddit https://ift.tt/ONrFpk1
Comprehensive 2025 Report: Software Security Market Trends and User Pain Points in China
https://ift.tt/6eWzUxL
Submitted April 27, 2025 at 09:12PM by repoog
via reddit https://ift.tt/O3Rn91d
https://ift.tt/6eWzUxL
Submitted April 27, 2025 at 09:12PM by repoog
via reddit https://ift.tt/O3Rn91d
Medium
Software Security Market Demand Research Report (2025 Edition)
Understanding the Evolving Needs, Challenges, and Trends of China’s Software Security Landscape in 2025
Symbol Database for Reverse Engineers
https://ift.tt/X3ZaT8n
Submitted April 28, 2025 at 12:21AM by pwntheplanet
via reddit https://ift.tt/feiH5mc
https://ift.tt/X3ZaT8n
Submitted April 28, 2025 at 12:21AM by pwntheplanet
via reddit https://ift.tt/feiH5mc
RSAC Freeroll Poker Tournament
https://lu.ma/67vfrwzo
Submitted April 28, 2025 at 03:27AM by Even-Owl5829
via reddit https://ift.tt/NOu05mp
https://lu.ma/67vfrwzo
Submitted April 28, 2025 at 03:27AM by Even-Owl5829
via reddit https://ift.tt/NOu05mp
Luma
RSA Poker Tournament · Luma
Ready your poker face and join us for an exclusive RSA Poker Night with the ZeroPath team. We're bringing together cybersecurity professionals for an evening…