r/netsec monthly discussion & tool thread
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on r/netsec.As always, the content & discussion guidelines should also be observed on r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted October 01, 2025 at 06:59PM by albinowax
via reddit https://ift.tt/a4ieQft
Questions regarding netsec and discussion related directly to netsec are welcome here, as is sharing tool links.Rules & GuidelinesAlways maintain civil discourse. Be awesome to one another - moderator intervention will occur if necessary.Avoid NSFW content unless absolutely necessary. If used, mark it as being NSFW. If left unmarked, the comment will be removed entirely.If linking to classified content, mark it as such. If left unmarked, the comment will be removed entirely.Avoid use of memes. If you have something to say, say it with real words.All discussions and questions should directly relate to netsec.No tech support is to be requested or provided on r/netsec.As always, the content & discussion guidelines should also be observed on r/netsec.FeedbackFeedback and suggestions are welcome, but don't post it here. Please send it to the moderator inbox.
Submitted October 01, 2025 at 06:59PM by albinowax
via reddit https://ift.tt/a4ieQft
Reddit
From the netsec community on Reddit
Explore this post and more from the netsec community
Nuclei Templates for Detecting AMI MegaRAC BMC Vulnerabilities
https://ift.tt/2Dyomnz
Submitted October 02, 2025 at 03:17AM by TechDeepDive
via reddit https://ift.tt/cg9UMH4
https://ift.tt/2Dyomnz
Submitted October 02, 2025 at 03:17AM by TechDeepDive
via reddit https://ift.tt/cg9UMH4
Eclypsium | Supply Chain Security for the Modern Enterprise
Eclypsium Releases Tools for Detecting AMI MegaRAC BMC Vulnerabilities - Eclypsium | Supply Chain Security for the Modern Enterprise
An attacker armed with the latest knowledge of BMC vulnerabilities and exploits is poised to take control of your server(s). Given that one of these vulnerabilities, CVE-2024-54085, was recently added to the CISA KEV, we now know exploitation is happening…
CVE-2025-59489: Arbitrary Code Execution in Unity Runtime
https://ift.tt/J372yxu
Submitted October 03, 2025 at 10:36AM by toyojuni
via reddit https://ift.tt/lmUvCrk
https://ift.tt/J372yxu
Submitted October 03, 2025 at 10:36AM by toyojuni
via reddit https://ift.tt/lmUvCrk
GMO Flatt Security Research
CVE-2025-59489: Arbitrary Code Execution in Unity Runtime
Introduction
Hello, I’m RyotaK
(@ryotkak
), a security engineer at GMO Flatt Security Inc.
In May 2025, I participated in the Meta Bug Bounty Researcher Conference 2025.
During this event, I discovered a vulnerability (CVE-2025-59489) in the Unity Runtime…
Hello, I’m RyotaK
(@ryotkak
), a security engineer at GMO Flatt Security Inc.
In May 2025, I participated in the Meta Bug Bounty Researcher Conference 2025.
During this event, I discovered a vulnerability (CVE-2025-59489) in the Unity Runtime…
It's Never Simple Until It Is (Dell UnityVSA Pre-Auth Command Injection CVE-2025-36604) - watchTowr Labs
https://ift.tt/DAuyGBs
Submitted October 03, 2025 at 06:15PM by dx7r__
via reddit https://ift.tt/ApzVv1O
https://ift.tt/DAuyGBs
Submitted October 03, 2025 at 06:15PM by dx7r__
via reddit https://ift.tt/ApzVv1O
watchTowr Labs
It's Never Simple Until It Is (Dell UnityVSA Pre-Auth Command Injection CVE-2025-36604)
Welcome back, and what a week! We’re glad that happened for you and/or sorry that happened to you. It will get better and/or worse, and you will likely survive.
Today, we’re walking down the garden path and digging into the archives, publishing our analysis…
Today, we’re walking down the garden path and digging into the archives, publishing our analysis…
Macquarie Telecom enlists Netskope to power SASE sauce
https://ift.tt/Uo8nhvq
Submitted October 03, 2025 at 06:59PM by Choochy89
via reddit https://ift.tt/nMz4a7c
https://ift.tt/Uo8nhvq
Submitted October 03, 2025 at 06:59PM by Choochy89
via reddit https://ift.tt/nMz4a7c
Sdxcentral
Macquarie Telecom enlists Netskope to power SASE sauce
Netskope’s SSE platform will help bring Macquarie’s SASE offerings to more customers amid deluge of Australian cyberattacks
Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control
https://ift.tt/FpIdajT
Submitted October 03, 2025 at 11:36PM by SkyFallRobin
via reddit https://ift.tt/ZzFCBvT
https://ift.tt/FpIdajT
Submitted October 03, 2025 at 11:36PM by SkyFallRobin
via reddit https://ift.tt/ZzFCBvT
Medium
Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control
Summary & Background
My experience with LLM Code Review vs Deterministic SAST Security Tools
https://ift.tt/5R1Fvpf
Submitted October 04, 2025 at 02:53AM by prestonprice
via reddit https://ift.tt/kJaCgxm
https://ift.tt/5R1Fvpf
Submitted October 04, 2025 at 02:53AM by prestonprice
via reddit https://ift.tt/kJaCgxm
blog.fraim.dev
LLM Code Review vs Deterministic SAST Security Tools
How do the latest models stack up against traditional code scanners?
VED 2026: after CFI - data only
https://ift.tt/NIgFXVx
Submitted October 04, 2025 at 10:04AM by hardenedvault
via reddit https://ift.tt/DbOhd6R
https://ift.tt/NIgFXVx
Submitted October 04, 2025 at 10:04AM by hardenedvault
via reddit https://ift.tt/DbOhd6R
hardenedvault.net
VED 2026: after CFI - data only
after CFI - data only The exploitation techniques and mitigation has been evolving rapidly since the paper “Smash the Stack for Fun and Profit” released in Phrack Issue 49.
Upcoming Technical Security Talks & Workshops at BsidesNoVA – Oct 10–11 (Arlington VA)
https://bsidesnova.org
Submitted October 05, 2025 at 09:34PM by JackfruitDirect6803
via reddit https://ift.tt/mxr3ga8
https://bsidesnova.org
Submitted October 05, 2025 at 09:34PM by JackfruitDirect6803
via reddit https://ift.tt/mxr3ga8
Analyzing The Salesloft-Drift Breach
https://ift.tt/HykKMFv
Submitted October 06, 2025 at 01:11PM by Comfortable-Site8626
via reddit https://ift.tt/2hPsUvz
https://ift.tt/HykKMFv
Submitted October 06, 2025 at 01:11PM by Comfortable-Site8626
via reddit https://ift.tt/2hPsUvz
Taking remote control over industrial generators
https://ift.tt/jT5q2Vz
Submitted October 06, 2025 at 08:56PM by EatonZ
via reddit https://ift.tt/KLFaPpN
https://ift.tt/jT5q2Vz
Submitted October 06, 2025 at 08:56PM by EatonZ
via reddit https://ift.tt/KLFaPpN
Eaton-Works
Taking remote control over industrial generators
Industrial generator smart platform had insecure APIs that could enable remote control by anyone.
Well, Well, Well. It’s Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882) - watchTowr Labs
https://ift.tt/6Rzdmax
Submitted October 06, 2025 at 11:13PM by dx7r__
via reddit https://ift.tt/70Sq3c6
https://ift.tt/6Rzdmax
Submitted October 06, 2025 at 11:13PM by dx7r__
via reddit https://ift.tt/70Sq3c6
watchTowr Labs
Well, Well, Well. It’s Another Day. (Oracle E-Business Suite Pre-Auth RCE Chain - CVE-2025-61882)
We bet you thought you’d be allowed to sit there, breathe, and savour the few moments of peace you’d earned after a painful week in cyber security.
Obviously, you were horribly wrong, and you need to wake up now - we’re back, it’s all on fire,
Obviously, you were horribly wrong, and you need to wake up now - we’re back, it’s all on fire,
Looking for community advice...
https://ift.tt/EYyb2rt
Submitted October 07, 2025 at 11:36PM by Expensive-Mix-4170
via reddit https://ift.tt/mkCrLAy
https://ift.tt/EYyb2rt
Submitted October 07, 2025 at 11:36PM by Expensive-Mix-4170
via reddit https://ift.tt/mkCrLAy
seclists.org
Full Disclosure: Re: [FD]
: "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201,…
: "Glass Cage" – Zero-Click iMessage → Persistent iOS Compromise + Bricking (CVE-2025-24085 / 24201,…
Bash a newline: Exploiting SSH via ProxyCommand, again (CVE-2025-61984)
https://ift.tt/J7reE4d
Submitted October 08, 2025 at 04:14PM by albinowax
via reddit https://ift.tt/WzdKgRl
https://ift.tt/J7reE4d
Submitted October 08, 2025 at 04:14PM by albinowax
via reddit https://ift.tt/WzdKgRl
Look mom HR application, look mom no job - phishing using Zoom docs to harvest Gmail creds
https://ift.tt/X0RupOL
Submitted October 08, 2025 at 06:33PM by unknownhad
via reddit https://ift.tt/X8OiNT7
https://ift.tt/X0RupOL
Submitted October 08, 2025 at 06:33PM by unknownhad
via reddit https://ift.tt/X8OiNT7
Himanshu Anand :: Threat Notes
look mom HR application look mom no job
TLDR
I have recieved a legit Zoom doc email from HR “while on job hunt” . It redirected to a site with a fake “bot protection” gate and then to a Gmail credential phish. The attackers exfiltrate creds live over WebSocket and even validate them in the backend.…
I have recieved a legit Zoom doc email from HR “while on job hunt” . It redirected to a site with a fake “bot protection” gate and then to a Gmail credential phish. The attackers exfiltrate creds live over WebSocket and even validate them in the backend.…
Why I Fired My AI Security Assistant (Sort Of)
https://ift.tt/pVMXJ5l
Submitted October 08, 2025 at 10:06PM by mdulin2
via reddit https://ift.tt/MOCmIp5
https://ift.tt/pVMXJ5l
Submitted October 08, 2025 at 10:06PM by mdulin2
via reddit https://ift.tt/MOCmIp5
Strikeout Security Blog
Why I Fired My AI Security Assistant (Sort Of)
LLMs can speed up security tasks like code comprehension and proof of concept creation. But, over-reliance risks missing subtle vulnerabilities and weakening core skills. How do we use LLMs optimally?
Exploiting CVE-2025-37947 (Linux kernel's ksmbd)
https://ift.tt/WfBtpe6
Submitted October 08, 2025 at 09:54PM by nibblesec
via reddit https://ift.tt/FvMSzrl
https://ift.tt/WfBtpe6
Submitted October 08, 2025 at 09:54PM by nibblesec
via reddit https://ift.tt/FvMSzrl
Doyensec
ksmbd - Exploiting CVE-2025-37947 (3/3)
This is the last of our posts about ksmbd. For the previous posts, see part1 and part2.
Compliance is a snake eating it's tail, and that's a good thing
https://ift.tt/MCcYpgU
Submitted October 08, 2025 at 11:58PM by Tiny_Ocelot4286
via reddit https://ift.tt/WCIBNZm
https://ift.tt/MCcYpgU
Submitted October 08, 2025 at 11:58PM by Tiny_Ocelot4286
via reddit https://ift.tt/WCIBNZm
Nabla
Compliance is a snake eating it's tail, and that's a good thing
Drawing parallels between niche concepts to the point it seems crazy (And maybe is) is one of the few perks of having impeccable pattern recognition
Active Directory domain (join)own accounts revisited 2025
https://ift.tt/N0BKYJy
Submitted October 08, 2025 at 11:46PM by ivxrehc
via reddit https://ift.tt/FC3jxT8
https://ift.tt/N0BKYJy
Submitted October 08, 2025 at 11:46PM by ivxrehc
via reddit https://ift.tt/FC3jxT8
Shelltrail - Swedish offensive security experts
Active Directory domain (join)own accounts revisited 2025 | Shelltrail - Swedish offensive security experts
The post walks through the usage and the security considerations of domain join accounts used in Active Directory
A Hands-On Edition: Will Supabase Be the Next Firebase (At Least in Terms of Security)?
https://ift.tt/91bIdc5
Submitted October 08, 2025 at 01:28AM by honk_n_stonk
via reddit https://ift.tt/YOlknda
https://ift.tt/91bIdc5
Submitted October 08, 2025 at 01:28AM by honk_n_stonk
via reddit https://ift.tt/YOlknda
M1Tz
A Hands-On Edition: Will Supabase Be the Next Firebase (At Least in Terms of Security)?
It all started with my good colleague @schniggie who’s got my attention with an X post earlier that year. Until then I rarely heared of Supabase, but let us start from the scratch.
Firebase changed the way developers think about backend infrastructure: auth…
Firebase changed the way developers think about backend infrastructure: auth…
From CPU Spikes to Defense
https://ift.tt/OXj68wA
Submitted October 09, 2025 at 08:04PM by Varonis-Dan
via reddit https://ift.tt/c2iHqxz
https://ift.tt/OXj68wA
Submitted October 09, 2025 at 08:04PM by Varonis-Dan
via reddit https://ift.tt/c2iHqxz
Varonis
From CPU Spikes to Defense: How Varonis Prevented a Ransomware Disaster
Discover how Varonis' advanced threat response ensured zero downtime and complete remediation when stopping a ransomware attack.