CVE-2024-45332 brings back branch target injection attacks on Intel
https://ift.tt/rHvouAV
Submitted May 22, 2025 at 04:45AM by monster4210
via reddit https://ift.tt/qDM2o6m
https://ift.tt/rHvouAV
Submitted May 22, 2025 at 04:45AM by monster4210
via reddit https://ift.tt/qDM2o6m
How to Enumerate and Exploit CefSharp Thick Clients Using CefEnum
https://ift.tt/5t7OCnF
Submitted May 22, 2025 at 12:53PM by Moopanger
via reddit https://ift.tt/uei7YSF
https://ift.tt/5t7OCnF
Submitted May 22, 2025 at 12:53PM by Moopanger
via reddit https://ift.tt/uei7YSF
Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817)
https://ift.tt/FhgbO6V
Submitted May 22, 2025 at 01:39PM by k8pf
via reddit https://ift.tt/9yCZH3d
https://ift.tt/FhgbO6V
Submitted May 22, 2025 at 01:39PM by k8pf
via reddit https://ift.tt/9yCZH3d
www.8com.de
cve-2025-26817 netwrix rce
Authenticated Remote Code Execution Vulnerability in Netwrix Password Secure
Automating MS-RPC vulnerability research
https://ift.tt/TLiqk2D
Submitted May 22, 2025 at 05:42PM by TangeloPublic9554
via reddit https://ift.tt/4n3VtdH
https://ift.tt/TLiqk2D
Submitted May 22, 2025 at 05:42PM by TangeloPublic9554
via reddit https://ift.tt/4n3VtdH
Incendium.rocks
Automating MS-RPC vulnerability research
Diving into the MS-RPC protocol and how to automate vulnerability research using a fuzzing approach.
Rare Code Base is a free and open-source learning platform for ethical hacking, programming, and more.
https://ift.tt/bPJaVHK
Submitted May 22, 2025 at 08:39PM by Hello_World_00001
via reddit https://ift.tt/8WOgS5c
https://ift.tt/bPJaVHK
Submitted May 22, 2025 at 08:39PM by Hello_World_00001
via reddit https://ift.tt/8WOgS5c
Rarecodebase
Rare Code Base
Rare Code Base offers free ethical hacking, programming tutorials, cybersecurity insights, and much more. Access expert resources to learn coding, master ethical hacking, explore tech trends, and stay ahead in the ever-evolving world of technology.
Live Forensic Collection from Ivanti EPMM Appliances (CVE-2025-4427 & CVE-2025-4428)
https://ift.tt/CaOTDPp
Submitted May 22, 2025 at 09:32PM by GelosSnake
via reddit https://ift.tt/WMCr4Uj
https://ift.tt/CaOTDPp
Submitted May 22, 2025 at 09:32PM by GelosSnake
via reddit https://ift.tt/WMCr4Uj
profero.io
Live Forensic Collection from Ivanti EPMM Appliances (CVE-2025-4427 & CVE-2025-4428)
Two newly discovered vulnerabilities (CVE-2025-4427 CVE-2025-4428) in Ivanti Endpoint Mobile Manager are being actively exploited leading to severe data breach
CVE-2025-32756: Write-Up of a Buffer Overflow in Various Fortinet Products
https://ift.tt/W1LnpBr
Submitted May 23, 2025 at 01:15AM by dinobyt3s
via reddit https://ift.tt/Zw0C9tu
https://ift.tt/W1LnpBr
Submitted May 23, 2025 at 01:15AM by dinobyt3s
via reddit https://ift.tt/Zw0C9tu
Horizon3.ai
CVE-2025-32756: Fortinet RCE Exploited in the Wild
Analyze CVE-2025-32756, a Fortinet buffer overflow flaw under active attack, and see how NodeZero can validate exposure now.
Don't Call That "Protected" Method: Dissecting an N-Day vBulletin RCE
https://ift.tt/9Wbmite
Submitted May 23, 2025 at 07:02PM by eg1x
via reddit https://ift.tt/NrPY8Jz
https://ift.tt/9Wbmite
Submitted May 23, 2025 at 07:02PM by eg1x
via reddit https://ift.tt/NrPY8Jz
Karmainsecurity
Don't Call That "Protected" Method: Dissecting an N-Day vBulletin RCE | Karma(In)Security
This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.
BadUSB Attack Explained: From Principles to Practice and Defense
https://ift.tt/zacHWpv
Submitted May 25, 2025 at 10:48AM by repoog
via reddit https://ift.tt/ucngTDR
https://ift.tt/zacHWpv
Submitted May 25, 2025 at 10:48AM by repoog
via reddit https://ift.tt/ucngTDR
Medium
BadUSB Attack Explained: From Principles to Practice and Defense
Discover how to implement it with Arduino UNO, and what security measures can protect your system.
Threat of TCC Bypasses on macOS
https://ift.tt/qKYiTRu
Submitted May 26, 2025 at 03:54PM by bajk
via reddit https://ift.tt/RhWPDoq
https://ift.tt/qKYiTRu
Submitted May 26, 2025 at 03:54PM by bajk
via reddit https://ift.tt/RhWPDoq
AFINE - digitally secure
Threat of TCC Bypasses on macOS - AFINE - digitally secure
TCC on macOS isn't just an annoying prompt—it's the last line of defense between malware and your private data. Read this article to learn why.
Unauthenticated RCE on Smartbedded MeteoBridge (CVE-2025-4008)
https://ift.tt/olfCpLW
Submitted May 26, 2025 at 06:30PM by g_e_r_h_a_r_d
via reddit https://ift.tt/fCRd6yS
https://ift.tt/olfCpLW
Submitted May 26, 2025 at 06:30PM by g_e_r_h_a_r_d
via reddit https://ift.tt/fCRd6yS
Onekey
Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008) | ONEKEY Research | Research | ONEKEY
Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Smartbedded MeteoBridge. Learn about the risks and recommended actions.
Firefox Security Response to pwn2own 2025
https://ift.tt/FJf2w0k
Submitted May 27, 2025 at 12:20PM by mozfreddyb
via reddit https://ift.tt/A6Yu4lT
https://ift.tt/FJf2w0k
Submitted May 27, 2025 at 12:20PM by mozfreddyb
via reddit https://ift.tt/A6Yu4lT
Mozilla Security Blog
Firefox Security Response to pwn2own 2025
At Mozilla, we consider security to be a paramount aspect of the web. This is why not only does Firefox have a long running bug bounty program but also mature ...
GitHub MCP Exploited: Accessing private repositories via MCP
https://ift.tt/IYUx9M2
Submitted May 27, 2025 at 01:18PM by Proofix
via reddit https://ift.tt/koPM7Bg
https://ift.tt/IYUx9M2
Submitted May 27, 2025 at 01:18PM by Proofix
via reddit https://ift.tt/koPM7Bg
invariantlabs.ai
GitHub MCP Exploited: Accessing private repositories via MCP
We showcase a critical vulnerability with the official GitHub MCP server, allowing attackers to access private repository data. The vulnerability is among the first discovered by Invariant's security analyzer for detecting toxic agent flows.
Top 12 Docker Alternatives in 2025: Features & Comparisons
https://ift.tt/zdxy3Ui
Submitted May 27, 2025 at 01:04PM by sadyetfly11
via reddit https://ift.tt/BISUmxo
https://ift.tt/zdxy3Ui
Submitted May 27, 2025 at 01:04PM by sadyetfly11
via reddit https://ift.tt/BISUmxo
Groundcover
Top 12 Docker Alternatives in 2025: Features & Comparisons
Explore the 12 best Docker alternatives in 2025. Compare tools for container orchestration, image building, runtime security, and resource optimization.
New graph capabilities and MCP server for CTI / OSINT analysis
https://ift.tt/BukHYC6
Submitted May 27, 2025 at 03:25PM by stan_frbd
via reddit https://ift.tt/09BkxGq
https://ift.tt/BukHYC6
Submitted May 27, 2025 at 03:25PM by stan_frbd
via reddit https://ift.tt/09BkxGq
The Single-Packet Shovel: Digging for Desync-Powered Request Tunnelling
https://ift.tt/cANaUf8
Submitted May 27, 2025 at 06:12PM by t0xodile
via reddit https://ift.tt/BIH36zy
https://ift.tt/cANaUf8
Submitted May 27, 2025 at 06:12PM by t0xodile
via reddit https://ift.tt/BIH36zy
Assured AB
The Single-Packet Shovel: Digging for Desync-Powered Request Tunnelling
In this paper I will reveal the discovery of wide-spread cases of request tunnelling in applications powered by popular servers including IIS, Azure Front Door and AWS' application load balancer including the creation of a novel detection technique that combined…
Have I Been Squatted — Analyze (open beta, free)
https://ift.tt/CdVSjA9
Submitted May 27, 2025 at 06:03PM by JDBHub
via reddit https://ift.tt/LMw2chC
https://ift.tt/CdVSjA9
Submitted May 27, 2025 at 06:03PM by JDBHub
via reddit https://ift.tt/LMw2chC
Haveibeensquatted
Have I Been Squatted? — Check if your domain has been typosquatted
A fast domain and typosquatting discovery tool
Remote Prompt Injection in GitLab Duo Leads to Source Code Theft
https://ift.tt/baT4s0j
Submitted May 27, 2025 at 01:53PM by Proofix
via reddit https://ift.tt/jzoBYy4
https://ift.tt/baT4s0j
Submitted May 27, 2025 at 01:53PM by Proofix
via reddit https://ift.tt/jzoBYy4
Legitsecurity
Remote Prompt Injection in GitLab Duo Leads to Source Code Theft
The Legit research team unearthed vulnerabilities in GitLab Duo.
Remote Code Execution on Evertz SDVN (CVE-2025-4009 - Full Disclosure)
https://ift.tt/J4vfWaG
Submitted May 28, 2025 at 02:42PM by g_e_r_h_a_r_d
via reddit https://ift.tt/jpCZgrS
https://ift.tt/J4vfWaG
Submitted May 28, 2025 at 02:42PM by g_e_r_h_a_r_d
via reddit https://ift.tt/jpCZgrS
Onekey
Security Advisory: Remote Code Execution on Evertz SDVN (CVE-2025-4009) | ONEKEY Research | Research | ONEKEY
Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Evertz SDVN. Learn about the risks and recommended actions.
Open-source red teaming for AI, Kubernetes, APIs
https://ift.tt/To5YzDZ
Submitted May 28, 2025 at 06:02PM by whyhatcry
via reddit https://ift.tt/oYtqnFz
https://ift.tt/To5YzDZ
Submitted May 28, 2025 at 06:02PM by whyhatcry
via reddit https://ift.tt/oYtqnFz
Help Net Security
Woodpecker: Open-source red teaming for AI, Kubernetes, APIs
Woodpecker is an open-source tool that automates red teaming, making advanced security testing easier and more accessible. It helps teams find and fix
Decoding TCP SYN for Stronger Network Security
https://ift.tt/HiLfDou
Submitted May 28, 2025 at 07:14PM by jtkchicago
via reddit https://ift.tt/uZ2b4R5
https://ift.tt/HiLfDou
Submitted May 28, 2025 at 07:14PM by jtkchicago
via reddit https://ift.tt/uZ2b4R5
NETSCOUT
Decoding TCP SYN for Stronger Network Security | NETSCOUT
Executive SummaryAnalyzing transmission control protocol (TCP) SYN segments,