GitHub potential leaking of private emails and Hacker One
https://ift.tt/m2C09ep
Submitted April 24, 2025 at 04:01PM by omarous
via reddit https://ift.tt/3hdigmD
https://ift.tt/m2C09ep
Submitted April 24, 2025 at 04:01PM by omarous
via reddit https://ift.tt/3hdigmD
Omar Abid - Personal Blog
GitHub potential leaking of private emails and Hacker One
TBD
2 New UAF Vulnerabilities in Chrome
https://ift.tt/7SXv1nT
Submitted April 24, 2025 at 06:11PM by Straight-Zombie-646
via reddit https://ift.tt/lzJA49i
https://ift.tt/7SXv1nT
Submitted April 24, 2025 at 06:11PM by Straight-Zombie-646
via reddit https://ift.tt/lzJA49i
SSD Secure Disclosure
SSD Advisory - How MiraclePtr Crushed Two Sandbox Escapes - SSD Secure Disclosure
Summary In the wild exploit targeting Chrome, UAF within the Browser process have frequently been a key vector for sandbox escapes. In this post, we introduce two newly discovered UAF within the Browser process, identified during our vulnerability research.…
Spring Security CVE-2025-22234 Introduces Username Enumeration Vector
https://ift.tt/bNyQwSi
Submitted April 24, 2025 at 09:58PM by MelissaAtHeroDevs
via reddit https://ift.tt/81HbAQM
https://ift.tt/bNyQwSi
Submitted April 24, 2025 at 09:58PM by MelissaAtHeroDevs
via reddit https://ift.tt/81HbAQM
Herodevs
Vulnerability Directory | CVE-2025-22234 | HeroDevs
Patch CVE-2025-22234 immediately to secure your systems from critical vulnerabilities. Protect your applications and prevent exploits with the latest updates and fixes—don’t wait, act now!
io_uring Is Back, This Time as a Rootkit
https://ift.tt/vbfi8Pd
Submitted April 25, 2025 at 02:35AM by Swimming_Version_605
via reddit https://ift.tt/ev2bUIQ
https://ift.tt/vbfi8Pd
Submitted April 25, 2025 at 02:35AM by Swimming_Version_605
via reddit https://ift.tt/ev2bUIQ
ARMO
io_uring Rootkit Bypasses Linux Security Tools - ARMO
ARMO reveals how io_uring enables rootkits to bypass major Linux security tools like Falco, and Defender. Learn about the Curing rootkit and detection strategies.
Addressing a Large-Scale Data Breach: Seeking Network Security Expertise
http://Nksaz.us
Submitted April 25, 2025 at 05:53AM by 666Inkjo
via reddit https://ift.tt/53ZlILy
http://Nksaz.us
Submitted April 25, 2025 at 05:53AM by 666Inkjo
via reddit https://ift.tt/53ZlILy
Reddit
Addressing a Large-Scale Data Breach: Seeking Network Security Expertise : r/netsec
525K subscribers in the netsec community. /r/netsec is a community-curated aggregator of technical information security content. Our mission is to…
5 CVEs and a CISA Advisory for Planet Technology industrial switches
https://ift.tt/YHpBl6W
Submitted April 25, 2025 at 03:41PM by kev-thehermit
via reddit https://ift.tt/TeYwGNb
https://ift.tt/YHpBl6W
Submitted April 25, 2025 at 03:41PM by kev-thehermit
via reddit https://ift.tt/TeYwGNb
Three new vulnerabilities found related to IXON VPN client resulting in Local Privilege Escalation (LPE) and [REDACTED] | Shelltrail - Swedish offensive security experts
https://ift.tt/jDvmbos
Submitted April 25, 2025 at 04:59PM by ivxrehc
via reddit https://ift.tt/mRzfpQI
https://ift.tt/jDvmbos
Submitted April 25, 2025 at 04:59PM by ivxrehc
via reddit https://ift.tt/mRzfpQI
Shelltrail - Swedish offensive security experts
Three new vulnerabilities found related to IXON VPN client resulting in Local Privilege Escalation (LPE) and [REDACTED] | Shelltrail…
The post explains the process of finding and exploiting three vulnerabilities found in the IXON VPN client
Is airplane mode lying? A browser behavior demo that messes with expectations.
https://ift.tt/4C2Iqcb
Submitted April 25, 2025 at 04:58PM by repawel
via reddit https://ift.tt/fypS5iC
https://ift.tt/4C2Iqcb
Submitted April 25, 2025 at 04:58PM by repawel
via reddit https://ift.tt/fypS5iC
Remote Code Execution on Viasat Modems (CVE-2024-6198)
https://ift.tt/5mh2Stv
Submitted April 25, 2025 at 06:45PM by g_e_r_h_a_r_d
via reddit https://ift.tt/giWHtOu
https://ift.tt/5mh2Stv
Submitted April 25, 2025 at 06:45PM by g_e_r_h_a_r_d
via reddit https://ift.tt/giWHtOu
Onekey
Security Advisory: Remote Code Execution on Viasat Modems (CVE-2024-6198) | ONEKEY Research | Research | ONEKEY
Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Viasat modems. Learn about the risks and recommended actions.
Ghosting AMSI: Cutting RPC to disarm AV
https://ift.tt/9tdDBYy
Submitted April 25, 2025 at 11:15PM by Echoes-of-Tomorroww
via reddit https://ift.tt/5DieBwL
https://ift.tt/9tdDBYy
Submitted April 25, 2025 at 11:15PM by Echoes-of-Tomorroww
via reddit https://ift.tt/5DieBwL
Medium
Ghosting AMSI: Cutting RPC to disarm AV
In this post, we explore how to bypass AMSI’s scanning logic by hijacking the RPC layer it depends on — specifically the NdrClientCall3…
RomHack 2025 Call for Papers
https://ift.tt/KgeFlLf
Submitted April 27, 2025 at 12:02PM by smaury
via reddit https://ift.tt/ONrFpk1
https://ift.tt/KgeFlLf
Submitted April 27, 2025 at 12:02PM by smaury
via reddit https://ift.tt/ONrFpk1
Comprehensive 2025 Report: Software Security Market Trends and User Pain Points in China
https://ift.tt/6eWzUxL
Submitted April 27, 2025 at 09:12PM by repoog
via reddit https://ift.tt/O3Rn91d
https://ift.tt/6eWzUxL
Submitted April 27, 2025 at 09:12PM by repoog
via reddit https://ift.tt/O3Rn91d
Medium
Software Security Market Demand Research Report (2025 Edition)
Understanding the Evolving Needs, Challenges, and Trends of China’s Software Security Landscape in 2025
Symbol Database for Reverse Engineers
https://ift.tt/X3ZaT8n
Submitted April 28, 2025 at 12:21AM by pwntheplanet
via reddit https://ift.tt/feiH5mc
https://ift.tt/X3ZaT8n
Submitted April 28, 2025 at 12:21AM by pwntheplanet
via reddit https://ift.tt/feiH5mc
RSAC Freeroll Poker Tournament
https://lu.ma/67vfrwzo
Submitted April 28, 2025 at 03:27AM by Even-Owl5829
via reddit https://ift.tt/NOu05mp
https://lu.ma/67vfrwzo
Submitted April 28, 2025 at 03:27AM by Even-Owl5829
via reddit https://ift.tt/NOu05mp
Luma
RSA Poker Tournament · Luma
Ready your poker face and join us for an exclusive RSA Poker Night with the ZeroPath team. We're bringing together cybersecurity professionals for an evening…
How a Single Line Of Code Could Brick Your iPhone
https://ift.tt/G2auVkl
Submitted April 28, 2025 at 05:15AM by _vavkamil_
via reddit https://ift.tt/a2zk7fH
https://ift.tt/G2auVkl
Submitted April 28, 2025 at 05:15AM by _vavkamil_
via reddit https://ift.tt/a2zk7fH
Rambo Codes
How a Single Line Of Code Could Brick Your iPhone | Rambo Codes
Gui Rambo writes about his coding and reverse engineering adventures.
Introducing HANAlyzer: An Open-Source Tool to Secure Your HANA databases - Anvil Secure
https://ift.tt/5bleUAJ
Submitted April 28, 2025 at 04:55PM by tlxio
via reddit https://ift.tt/aScJoKZ
https://ift.tt/5bleUAJ
Submitted April 28, 2025 at 04:55PM by tlxio
via reddit https://ift.tt/aScJoKZ
Anvil Secure
Introducing HANAlyzer: An Open-Source Tool to Secure Your HANA databases - Anvil Secure
Senior Security Engineer Alex Conti introduces HANAlyzer, an open-source tool that automates SAP HANA security checks.
Fuzzing Windows ARM64 closed-source binary with QBDI and libFuzzer
https://ift.tt/t59kNq6
Submitted April 28, 2025 at 06:07PM by rh0main
via reddit https://ift.tt/Z8wsOdq
https://ift.tt/t59kNq6
Submitted April 28, 2025 at 06:07PM by rh0main
via reddit https://ift.tt/Z8wsOdq
Romain Thomas
Fuzzing Windows ARM64 closed-source binary | Romain Thomas
This blog post introduces coverage-guided fuzzing with QBDI and libFuzzer targeting Windows ARM64.
Using an LLM with MCP for Threat Hunting
https://ift.tt/VYKkCUA
Submitted April 29, 2025 at 07:51AM by eitot8
via reddit https://ift.tt/UZ92DP3
https://ift.tt/VYKkCUA
Submitted April 29, 2025 at 07:51AM by eitot8
via reddit https://ift.tt/UZ92DP3
Tier Zero Security
Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team
Ruby on Rails Cross-Site Request Forgery
https://ift.tt/EHG2m8Q
Submitted April 29, 2025 at 05:30PM by thricethagr8est
via reddit https://ift.tt/dFPpEhi
https://ift.tt/EHG2m8Q
Submitted April 29, 2025 at 05:30PM by thricethagr8est
via reddit https://ift.tt/dFPpEhi
seclists.org
Full Disclosure: Ruby on Rails Cross-Site Request Forgery
AirBorne: Wormable Zero-Click RCE in Apple AirPlay Puts Billions of Devices at Risk
https://ift.tt/1tx2wuJ
Submitted April 29, 2025 at 08:07PM by cov_id19
via reddit https://ift.tt/4jVG6oY
https://ift.tt/1tx2wuJ
Submitted April 29, 2025 at 08:07PM by cov_id19
via reddit https://ift.tt/4jVG6oY
www.oligo.security
Airborne: Wormable Zero-Click RCE in Apple AirPlay Puts Billions of Devices at Risk | Oligo Security | Oligo Security
Oligo Security reveals AirBorne, a new set of vulnerabilities in Apple’s AirPlay protocol and SDK. Learn how zero-click RCEs, ACL bypasses, and wormable exploits could endanger Apple and IoT devices worldwide — and how to protect yourself.
Shadow Roles: AWS Defaults Can Open the Door to Service Takeover
https://ift.tt/YqzHDnN
Submitted April 29, 2025 at 09:57PM by Pale_Fly_2673
via reddit https://ift.tt/PYJ80Ij
https://ift.tt/YqzHDnN
Submitted April 29, 2025 at 09:57PM by Pale_Fly_2673
via reddit https://ift.tt/PYJ80Ij
Aqua
Shadow Roles: AWS Defaults Can Open the Door to Service Takeover
Shadow roles in AWS defaults can expose hidden attack paths enabling privilege escalation, cross-service access, and even account compromise