IPv4/IPv6 Packet Fragmentation: Detection & Reassembly
https://ift.tt/kVwynzO
Submitted August 26, 2025 at 06:18PM by MFMokbel
via reddit https://ift.tt/nWuIFxa
https://ift.tt/kVwynzO
Submitted August 26, 2025 at 06:18PM by MFMokbel
via reddit https://ift.tt/nWuIFxa
PacketSmith
IP Fragmentation Detection & Reassembly - PacketSmith
IPv4/IPv6 Packet Fragmentation: Detection & Reassembly Introduction A packet can be broken into smaller pieces, or fragments, at the network layer (by the IPv4 and IPv6 protocols) to fit within a specific Maximum Transmission Unit (MTU). For IPv4, a packet’s…
This House is Haunted: a decade old RCE in the AION client
https://appsec.space/posts/aion-housing-exploit/
Submitted August 26, 2025 at 09:44PM by himazawa
via reddit https://ift.tt/jWdzV2J
https://appsec.space/posts/aion-housing-exploit/
Submitted August 26, 2025 at 09:44PM by himazawa
via reddit https://ift.tt/jWdzV2J
appsec & stuff
This House is Haunted: a decade old RCE in the AION client
TL;DR I found a RCE in the AION client starting from 3.0 (not confirmed the latest version vulnerable) using the built-in housing system. Private servers are still vulnerable. Important Note In the initial version of this post I wrote that the housing system…
The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309) - watchTowr Labs
https://ift.tt/FTvHDnr
Submitted August 27, 2025 at 10:23AM by dx7r__
via reddit https://ift.tt/TH5ebAf
https://ift.tt/FTvHDnr
Submitted August 27, 2025 at 10:23AM by dx7r__
via reddit https://ift.tt/TH5ebAf
watchTowr Labs
The One Where We Just Steal The Vulnerabilities (CrushFTP CVE-2025-54309)
On July 18, 2025, users of CrushFTP woke up to an announcement:
As we’ve all experienced in 2025, 2025 has been the year of vendors burying their heads in the sand with regard to in-the-wild exploitation, even in the face of impressively indisputable evidence…
As we’ve all experienced in 2025, 2025 has been the year of vendors burying their heads in the sand with regard to in-the-wild exploitation, even in the face of impressively indisputable evidence…
Why Relying on LLMs for Code Can Be a Security Nightmare
https://ift.tt/Xg7tbPI
Submitted August 27, 2025 at 08:05PM by unknownhad
via reddit https://ift.tt/97ipax1
https://ift.tt/Xg7tbPI
Submitted August 27, 2025 at 08:05PM by unknownhad
via reddit https://ift.tt/97ipax1
Terminal
Why Relying on LLMs for Code Can Be a Security Nightmare
LLM generated code can ships demo logic with security issues not defenses. Here is a real world example and how it could be abused.
NX Compromised to Check for Claude Code CLI and Explore Filesystem for Credentials
https://ift.tt/N3rVo2c
Submitted August 27, 2025 at 07:49PM by j12y
via reddit https://ift.tt/kXfqnJs
https://ift.tt/N3rVo2c
Submitted August 27, 2025 at 07:49PM by j12y
via reddit https://ift.tt/kXfqnJs
Semgrep
Security Alert | NX Compromised to Steal Wallets and Credentials
What is s1ngularity-repository? Nx is compromised and the malware steals wallets and API keys using Claude CLI or Gemini.
Referral Beware, Your Rewards are Mine (Part 1)
https://ift.tt/zfaCrlw
Submitted August 27, 2025 at 11:56PM by hackers_and_builders
via reddit https://ift.tt/ZW6FIge
https://ift.tt/zfaCrlw
Submitted August 27, 2025 at 11:56PM by hackers_and_builders
via reddit https://ift.tt/ZW6FIge
Rhino Security Labs
Referral Beware, Your Rewards are Mine (Part 1)
Referral rewards programs are nearly ubiquitous today, from consumer tech to SaaS companies, but are rarely given much security oversight.
How to phish users on Android applications - A case study on Meta Threads application
https://ift.tt/ly4HZYF
Submitted August 28, 2025 at 08:55PM by gdraperi
via reddit https://ift.tt/8FQrgow
https://ift.tt/ly4HZYF
Submitted August 28, 2025 at 08:55PM by gdraperi
via reddit https://ift.tt/8FQrgow
Blogspot
How to phish users on Android applications - A case study on Meta Threads application
Summary Android applications often embed web content using WebView , a component that displays webpages inside the app itself. To improve u...
Sliding into your DMs: Abusing Microsoft Teams for Malware Delivery
https://ift.tt/ADbiugw
Submitted August 28, 2025 at 08:54PM by permis0
via reddit https://ift.tt/SUJ7lyI
https://ift.tt/ADbiugw
Submitted August 28, 2025 at 08:54PM by permis0
via reddit https://ift.tt/SUJ7lyI
permiso.io
Sliding into your DMs: Abusing Microsoft Teams for Malware Delivery
Malware delivery through Microsoft Teams is an emerging threat. Discover how attackers exploit external chats, which regions they target, and key IOCs defenders must track.
Intercepting LDAP With InterceptSuite
https://ift.tt/N2aepml
Submitted August 28, 2025 at 10:58PM by Ano_F
via reddit https://ift.tt/RscnFh7
https://ift.tt/N2aepml
Submitted August 28, 2025 at 10:58PM by Ano_F
via reddit https://ift.tt/RscnFh7
Medium
Intercepting LDAP With InterceptSuite
LDAP authentication is everywhere in networks, but intercepting encrypted LDAP traffic can be challenging. LDAP authentication in the web…
Rage Against the Authentication State Machine (CVE-2024-28080)
https://ift.tt/XHMO5L4
Submitted August 29, 2025 at 01:51PM by dn3t
via reddit https://ift.tt/TKy6z1p
https://ift.tt/XHMO5L4
Submitted August 29, 2025 at 01:51PM by dn3t
via reddit https://ift.tt/TKy6z1p
Silent Signal Techblog
Rage Against the Authentication State Machine
Because we can!
Cache Me If You Can (Sitecore Experience Platform Cache Poisoning to RCE) - watchTowr Labs
https://ift.tt/2zStIdj
Submitted August 29, 2025 at 03:46PM by dx7r__
via reddit https://ift.tt/in82Tsw
https://ift.tt/2zStIdj
Submitted August 29, 2025 at 03:46PM by dx7r__
via reddit https://ift.tt/in82Tsw
watchTowr Labs
Cache Me If You Can (Sitecore Experience Platform Cache Poisoning to RCE)
What is the main purpose of a Content Management System (CMS)?
We have to accept that when we ask such existential and philosophical questions, we’re also admitting that we have no idea and that there probably isn’t an easy answer (this is our excuse, and…
We have to accept that when we ask such existential and philosophical questions, we’re also admitting that we have no idea and that there probably isn’t an easy answer (this is our excuse, and…
Elastic EDR 0-day: Part 2 - Technical Details and the Trigger
https://ift.tt/PcIZgd5
Submitted August 29, 2025 at 08:05PM by Minimum_Call_3677
via reddit https://ift.tt/iMsdkt5
https://ift.tt/PcIZgd5
Submitted August 29, 2025 at 08:05PM by Minimum_Call_3677
via reddit https://ift.tt/iMsdkt5
AI Waifu RAT: A Ring3 malware-like RAT based on LLM manipulation is circulating in the wild.
https://ryingo.gitbook.io/writeups-ai_waifu_rat
Submitted August 29, 2025 at 08:40PM by Classic_Yesterday165
via reddit https://ift.tt/0VzorWj
https://ryingo.gitbook.io/writeups-ai_waifu_rat
Submitted August 29, 2025 at 08:40PM by Classic_Yesterday165
via reddit https://ift.tt/0VzorWj
Hidden in plain sight: a misconfigured upload path that invited trouble
https://ift.tt/ifUPlmy
Submitted August 29, 2025 at 10:26PM by Varonis-Dan
via reddit https://ift.tt/uXqR1LI
https://ift.tt/ifUPlmy
Submitted August 29, 2025 at 10:26PM by Varonis-Dan
via reddit https://ift.tt/uXqR1LI
Varonis
Hidden in Plain Sight: A Misconfigured Upload Path That Invited Trouble
A misconfigured upload path exposed a Linux web server to attack. Varonis Threat Labs reveals how it happened and how to prevent future breaches.
Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309)
https://ift.tt/ZKFVXIL
Submitted August 30, 2025 at 08:21PM by AlmondOffSec
via reddit https://ift.tt/30dchNL
https://ift.tt/ZKFVXIL
Submitted August 30, 2025 at 08:21PM by AlmondOffSec
via reddit https://ift.tt/30dchNL
Amberwolf
Advisory - Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309)
AmberWolf Security Research Blog
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
https://ift.tt/vt2pM3D
Submitted September 01, 2025 at 08:27AM by Mehrrun
via reddit https://ift.tt/ExupCQh
https://ift.tt/vt2pM3D
Submitted September 01, 2025 at 08:27AM by Mehrrun
via reddit https://ift.tt/ExupCQh
Medium
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
Critical Zero-Day Discovery
Introducing ICMP Echo Streams (iStreams)
https://ift.tt/qBHergf
Submitted September 01, 2025 at 05:41PM by MFMokbel
via reddit https://ift.tt/xJwP5DF
https://ift.tt/qBHergf
Submitted September 01, 2025 at 05:41PM by MFMokbel
via reddit https://ift.tt/xJwP5DF
PacketSmith
Introducing ICMP Echo Streams - PacketSmith
Introducing ICMP Echo Streams (iStreams) Introduction With version 2.0, we have added the capability to construct ICMPv4/v6 Echo streams, which we refer to throughout the document as iStreams (note the ‘i’). PacketSmith is the only known tool capable of constructing…
r/netsec monthly discussion & tool thread
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on r/netsec.As always, the content & discussion guidelines should also be observed on r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted September 01, 2025 at 06:59PM by albinowax
via reddit https://ift.tt/VPKBnd7
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on r/netsec.As always, the content & discussion guidelines should also be observed on r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted September 01, 2025 at 06:59PM by albinowax
via reddit https://ift.tt/VPKBnd7
Reddit
From the netsec community on Reddit
Explore this post and more from the netsec community
[Article] IPv6 Security: Attacks and Detection Methods
https://ift.tt/TsO8Zzx
Submitted September 01, 2025 at 10:31PM by caster0x00
via reddit https://ift.tt/Ua7L4iQ
https://ift.tt/TsO8Zzx
Submitted September 01, 2025 at 10:31PM by caster0x00
via reddit https://ift.tt/Ua7L4iQ
Caster
Legless: IPv6 Security
IPv6 often remains active in corporate networks. In this article, I will discuss attacks on IPv6 and detection methods.
Ksmbd Fuzzing Improvements and Vulnerability Discovery
https://ift.tt/vkSOVRC
Submitted September 02, 2025 at 03:01PM by nibblesec
via reddit https://ift.tt/C8iE7Iq
https://ift.tt/vkSOVRC
Submitted September 02, 2025 at 03:01PM by nibblesec
via reddit https://ift.tt/C8iE7Iq
Doyensec
ksmbd - Fuzzing Improvements and Vulnerability Discovery (2/3)
This is a follow-up to the article originally published here.
Golden dMSA
https://ift.tt/3GoQBXT
Submitted September 02, 2025 at 04:21PM by netbiosX
via reddit https://ift.tt/I1wbt6A
https://ift.tt/3GoQBXT
Submitted September 02, 2025 at 04:21PM by netbiosX
via reddit https://ift.tt/I1wbt6A
Purple Team
Golden dMSA
Delegated Managed Service Account (dMSA) was introduced by Microsoft in Windows Server 2025 to prevent Kerberos related attacks such as Kerberoasting by binding authentication of service accounts t…