Netsec – Telegram
Netsec
@RNetsec
7.36K subscribers
22.3K links
This channel posts the feed from r/netsec.
For any suggestions dm @streaak
Donate to keep the bot running https://www.paypal.me/akhilgv
Download Telegram
About
Blog
Apps
Platform
Join
Netsec
7.36K subscribers
Netsec
Windows Heap Exploitation - From Heap Overflow to Arbitrary R/W
https://mrt4ntr4.github.io/Windows-Heap-Exploitation-dadadb/

Submitted September 28, 2025 at 09:48PM by rkhunter_
via reddit https://ift.tt/IebRG3l
mrT4ntr4's Blog
Windows Heap Exploitation - From Heap Overflow to Arbitrary R/W
TLDR I was unable to find some good writeups/blogposts on Windows user mode heap exploitation which inspired me to write an introductory but practical post on Windows heap internals and exploitati
707 views
Netsec
FullHunt 💜 Open-Source: 39,408 Exploits from 0day.today is Back Online
https://ift.tt/wWv51aY

Submitted September 29, 2025 at 06:12AM by mazen160
via reddit https://ift.tt/1XCEVMw
FullHunt Blog
FullHunt 💜 Open-Source: 39,408 Exploits from 0day.today is Back Online
Discover, monitor, and secure your attack surface. FullHunt delivers the best platform in the market for attack surface security.
659 views
Netsec
An In-depth research-based walk-through of an Uninitialized Local Variable Static Analyzer
https://ift.tt/wuFHgj9

Submitted September 30, 2025 at 01:39PM by thnew_mammoth
via reddit https://ift.tt/omsK3aU
Cybervelia
An In-depth research-based walk-through of an Uninitialized Local Variable Static Analyzer
Do you think the battle with ULVs is over? Think again.
571 views
Netsec
Klopatra: exposing a new Android banking trojan operation with roots in Turkey | Cleafy LABS
https://ift.tt/lagFizk

Submitted September 30, 2025 at 02:41PM by f3d_0x0
via reddit https://ift.tt/XJNgdax
Cleafy
Klopatra: exposing a new Android banking trojan operation with roots in Turkey | Cleafy LABS
In late August 2025, Cleafy's Threat Intelligence team discovered Klopatra, a new, highly sophisticated Android malware currently targeting banking users primarily in Spain and Italy. The number of compromised devices has already exceeded 1,000. Read the…
554 views
Netsec
You name it, VMware elevates it (CVE-2025-41244)
https://ift.tt/yoQJXTS

Submitted September 30, 2025 at 04:08PM by rkhunter_
via reddit https://ift.tt/L43EBFJ
NVISO Labs
You name it, VMware elevates it (CVE-2025-41244)
NVISO has identified zero-day exploitation of CVE-2025-41244, a local privilege escalation vulnerability impacting VMware's guest service discovery features.
543 views
Netsec
ZeroDay Cloud: The first open-source cloud hacking competition
https://zeroday.cloud

Submitted October 01, 2025 at 12:27AM by geekydeveloper
via reddit https://ift.tt/CZdKRNP
ZeroDay Cloud
ZeroDay Cloud: Cloud Security Hacking Competition
Join the world's top researchers in a competition to find zero-day vulnerabilities in core open-source software powering the cloud. Over $5M prize pool!
590 views
Netsec
When Audits Fail: Four Critical Pre-Auth Vulnerabilities in TRUfusion Enterprise
https://ift.tt/LfNhAJi

Submitted October 01, 2025 at 12:01AM by MrTuxracer
via reddit https://ift.tt/AHyt7zP
591 views
Netsec
Remote Code Execution and Authentication Bypass in Materialise OrthoView (CVE-2025-23049)
https://ift.tt/C0OsVun

Submitted October 01, 2025 at 03:10AM by panicnot42
via reddit https://ift.tt/XdAmC57
Outurnate
Remote Code Execution and Authentication Bypass in Materialise OrthoView (CVE-2025-23049)
Personal projects, research, and other things I find worth sharing
554 views
Netsec
LLM security agent finds zero-day vulnerability in LLM engineering platform with 16k github stars (CVE-2025-59305)
https://ift.tt/kK9JufR

Submitted October 01, 2025 at 04:00AM by va_start
via reddit https://ift.tt/vJD85Ik
Depthfirst
DepthFirst | How An Authorization Flaw Reveals A Common Security Blind Spot: CVE-2025-59305 Case Study
583 views
Netsec
Software Secured | Hacking Furbo 2: Mobile App and P2P Exploits | USA
https://ift.tt/PiuDybB

Submitted October 01, 2025 at 07:13AM by duduywn
via reddit https://ift.tt/iXdThIJ
Softwaresecured
Hacking Furbo 2: Mobile App and P2P Exploits
We reverse the Android app, hook TUTK Kalay P2P with Frida, capture commands, find token remnants in memory, trigger SSRF to custom.wav, and show a treat-toss DoS.
628 views
Netsec
IPv4/IPv6 Packet Fragmentation: Implementation Details - PacketSmith
https://ift.tt/4XAGFBK

Submitted October 01, 2025 at 06:50PM by MFMokbel
via reddit https://ift.tt/FwhpNOq
PacketSmith
IPv4/IPv6 Packet Fragmentation: Implementation Details - PacketSmith
IPv4/IPv6 Packet Fragmentation: Implementation Details Introduction In release v2.0, we’ve shipped PacketSmith with support for IPv4/IPv6 fragmentation detection and reassembly. Additionally, we’ve detailed some of the implementation details in the public…
535 views
Netsec
r/netsec monthly discussion & tool thread
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on r/netsec.As always, the content & discussion guidelines should also be observed on r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.

Submitted October 01, 2025 at 06:59PM by albinowax
via reddit https://ift.tt/a4ieQft
Reddit
From the netsec community on Reddit
Explore this post and more from the netsec community
612 views
Netsec
Nuclei Templates for Detecting AMI MegaRAC BMC Vulnerabilities
https://ift.tt/2Dyomnz

Submitted October 02, 2025 at 03:17AM by TechDeepDive
via reddit https://ift.tt/cg9UMH4
Eclypsium | Supply Chain Security for the Modern Enterprise
Eclypsium Releases Tools for Detecting AMI MegaRAC BMC Vulnerabilities - Eclypsium | Supply Chain Security for the Modern Enterprise
An attacker armed with the latest knowledge of BMC vulnerabilities and exploits is poised to take control of your server(s). Given that one of these vulnerabilities, CVE-2024-54085, was recently added to the CISA KEV, we now know exploitation is happening…
677 views
Netsec
CVE-2025-59489: Arbitrary Code Execution in Unity Runtime
https://ift.tt/J372yxu

Submitted October 03, 2025 at 10:36AM by toyojuni
via reddit https://ift.tt/lmUvCrk
GMO Flatt Security Research
CVE-2025-59489: Arbitrary Code Execution in Unity Runtime
Introduction
Hello, I’m RyotaK
(@ryotkak
), a security engineer at GMO Flatt Security Inc.
In May 2025, I participated in the Meta Bug Bounty Researcher Conference 2025.

During this event, I discovered a vulnerability (CVE-2025-59489) in the Unity Runtime…
601 views
Netsec
It's Never Simple Until It Is (Dell UnityVSA Pre-Auth Command Injection CVE-2025-36604) - watchTowr Labs
https://ift.tt/DAuyGBs

Submitted October 03, 2025 at 06:15PM by dx7r__
via reddit https://ift.tt/ApzVv1O
watchTowr Labs
It's Never Simple Until It Is (Dell UnityVSA Pre-Auth Command Injection CVE-2025-36604)
Welcome back, and what a week! We’re glad that happened for you and/or sorry that happened to you. It will get better and/or worse, and you will likely survive.

Today, we’re walking down the garden path and digging into the archives, publishing our analysis…
624 views
Netsec
Macquarie Telecom enlists Netskope to power SASE sauce
https://ift.tt/Uo8nhvq

Submitted October 03, 2025 at 06:59PM by Choochy89
via reddit https://ift.tt/nMz4a7c
Sdxcentral
Macquarie Telecom enlists Netskope to power SASE sauce
Netskope’s SSE platform will help bring Macquarie’s SASE offerings to more customers amid deluge of Australian cyberattacks
605 views
Netsec
Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control
https://ift.tt/FpIdajT

Submitted October 03, 2025 at 11:36PM by SkyFallRobin
via reddit https://ift.tt/ZzFCBvT
Medium
Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control
Summary & Background
641 views
Netsec
My experience with LLM Code Review vs Deterministic SAST Security Tools
https://ift.tt/5R1Fvpf

Submitted October 04, 2025 at 02:53AM by prestonprice
via reddit https://ift.tt/kJaCgxm
blog.fraim.dev
LLM Code Review vs Deterministic SAST Security Tools
How do the latest models stack up against traditional code scanners?
661 views
Netsec
VED 2026: after CFI - data only
https://ift.tt/NIgFXVx

Submitted October 04, 2025 at 10:04AM by hardenedvault
via reddit https://ift.tt/DbOhd6R
hardenedvault.net
VED 2026: after CFI - data only
after CFI - data only The exploitation techniques and mitigation has been evolving rapidly since the paper “Smash the Stack for Fun and Profit” released in Phrack Issue 49.
665 views
Netsec
Upcoming Technical Security Talks & Workshops at BsidesNoVA – Oct 10–11 (Arlington VA)
https://bsidesnova.org

Submitted October 05, 2025 at 09:34PM by JackfruitDirect6803
via reddit https://ift.tt/mxr3ga8
674 views
Netsec
Analyzing The Salesloft-Drift Breach
https://ift.tt/HykKMFv

Submitted October 06, 2025 at 01:11PM by Comfortable-Site8626
via reddit https://ift.tt/2hPsUvz
605 views