MSSQL Exploitation - Run Commands Like A Pro
https://ift.tt/lHdezua
Submitted November 04, 2025 at 12:14AM by S3cur3Th1sSh1t
via reddit https://ift.tt/LC8r7cW
https://ift.tt/lHdezua
Submitted November 04, 2025 at 12:14AM by S3cur3Th1sSh1t
via reddit https://ift.tt/LC8r7cW
www.r-tec.net
r-tec Blog | MSSQL Exploitation - Run Commands Like A Pro
This blog post takes a deep dive into the offensive side of MSSQL security, exploring the quantities of attack vectors that can be exploited.
[Research] Unvalidated Trust: Cross-Stage Failure Modes in LLM/agent pipelines arXiv
https://ift.tt/YFIOsTn
Submitted November 04, 2025 at 05:29AM by Solid-Tomorrow6548
via reddit https://ift.tt/uLEntXj
https://ift.tt/YFIOsTn
Submitted November 04, 2025 at 05:29AM by Solid-Tomorrow6548
via reddit https://ift.tt/uLEntXj
arXiv.org
Unvalidated Trust: Cross-Stage Vulnerabilities in Large Language...
As Large Language Models (LLMs) are increasingly integrated into automated, multi-stage pipelines, risk patterns that arise from unvalidated trust between processing stages become a practical...
New Research: RondoDox v2, a 650% Expansion in Exploits
https://ift.tt/SGxT1Hg
Submitted November 04, 2025 at 02:38PM by mario_candela
via reddit https://ift.tt/hVFKuYn
https://ift.tt/SGxT1Hg
Submitted November 04, 2025 at 02:38PM by mario_candela
via reddit https://ift.tt/hVFKuYn
Beelzebub
RondoDox v2: Evolution of RondoDox Botnet with 650% More Exploits | AI deception platform
AI deception platform: Deceive, Detect, Respond. “You can’t defend. You can’t prevent. The only thing you can do is detect and respond.” Bruce Schneier. We turn that hard truth into your tactical advantage. Our AI-based decoys, built using our open-source…
Linux kernel Bluetooth RCE
https://ift.tt/KnXtgdD
Submitted November 04, 2025 at 06:10PM by elatllat
via reddit https://ift.tt/S5KOERn
https://ift.tt/KnXtgdD
Submitted November 04, 2025 at 06:10PM by elatllat
via reddit https://ift.tt/S5KOERn
Critical RCE Vulnerability CVE-2025-11953 Puts React Native Developers at Risk
https://ift.tt/JF4YnSz
Submitted November 04, 2025 at 08:34PM by SRMish3
via reddit https://ift.tt/2C1ph6l
https://ift.tt/JF4YnSz
Submitted November 04, 2025 at 08:34PM by SRMish3
via reddit https://ift.tt/2C1ph6l
JFrog
Critical RCE Vulnerability CVE-2025-11953 Puts React Native Developers at Risk
Learn how the JFrog Security research team discovered and disclosed CVE-2025-11953 which poses a threat to developers using the popular React Native CLI.
Built SlopGuard - open-source defense against AI supply chain attacks (slopsquatting)
https://aditya01933.github.io/aditya.github.io/slopguard
Submitted November 04, 2025 at 07:46PM by techoalien_com
via reddit https://ift.tt/muROgaB
https://aditya01933.github.io/aditya.github.io/slopguard
Submitted November 04, 2025 at 07:46PM by techoalien_com
via reddit https://ift.tt/muROgaB
Reddit
From the netsec community on Reddit: Built SlopGuard - open-source defense against AI supply chain attacks (slopsquatting)
Posted by techoalien_com - 1 vote and 0 comments
Privilege Escalation With Jupyter From the Command Line
https://ift.tt/2ykPzNE
Submitted November 05, 2025 at 04:23AM by ok_bye_now_
via reddit https://ift.tt/hwRBfsZ
https://ift.tt/2ykPzNE
Submitted November 05, 2025 at 04:23AM by ok_bye_now_
via reddit https://ift.tt/hwRBfsZ
www.adversis.io
Privilege Escalation With Jupyter From the Command Line
A recent penetration test led to an interesting way to escalate privileges on a Jupyter instance running as root.
New! Cloud Filter Arbitrary File Creation EoP Patch Bypass LPE - CVE-2025-55680
https://ift.tt/R6y2ObQ
Submitted November 05, 2025 at 03:46PM by SSDisclosure
via reddit https://ift.tt/BPNwFjs
https://ift.tt/R6y2ObQ
Submitted November 05, 2025 at 03:46PM by SSDisclosure
via reddit https://ift.tt/BPNwFjs
SSD Secure Disclosure
Cloud Filter Arbitrary File Creation EoP Patch Bypass LPE - SSD Secure Disclosure
Vendor Response The vendor has released a patch for Windows that addresses this vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55680 CVE CVE-2025-55680 Credit The vulnerability was disclosed during our TyphoonPWN Windows category…
BugBounty Directory
https://ift.tt/OEBKumT
Submitted November 05, 2025 at 06:46PM by abhishekY495
via reddit https://ift.tt/YMkxSdV
https://ift.tt/OEBKumT
Submitted November 05, 2025 at 06:46PM by abhishekY495
via reddit https://ift.tt/YMkxSdV
Bugbountydirectory
Bug Bounty Directory - List of bug bounty programs and responsible disclosure
A list of public bug bounty programs and responsible disclosures.
I built Ashes CTI: a dual-mode (CLI + UI) Threat Intelligence platform for Windows
https://ift.tt/ZL2BvjP
Submitted November 06, 2025 at 04:40PM by Minimum_Call_3677
via reddit https://ift.tt/tZKmnEX
https://ift.tt/ZL2BvjP
Submitted November 06, 2025 at 04:40PM by Minimum_Call_3677
via reddit https://ift.tt/tZKmnEX
Evading Elastic EDR's call stack signatures with call gadgets
https://ift.tt/Y5LSi0u
Submitted November 06, 2025 at 06:51PM by AlmondOffSec
via reddit https://ift.tt/v9NQ8aI
https://ift.tt/Y5LSi0u
Submitted November 06, 2025 at 06:51PM by AlmondOffSec
via reddit https://ift.tt/v9NQ8aI
LeakyInjector and LeakyStealer Duo Hunts For Crypto and Browser History
https://ift.tt/tqP3UoY
Submitted November 06, 2025 at 08:43PM by CyberMasterV
via reddit https://ift.tt/ezEiGFJ
https://ift.tt/tqP3UoY
Submitted November 06, 2025 at 08:43PM by CyberMasterV
via reddit https://ift.tt/ezEiGFJ
Blogspot
LeakyInjector and LeakyStealer Duo Hunts For Crypto and Browser History
Author(s): Vlad Pasca, Radu-Emanuel Chiscariu New two-stage malware targets cryptocurrency wallets and browser history LeakyInjector uses l...
The DragonForce Cartel: Scattered Spider at the gate
https://ift.tt/HkfOU3G
Submitted November 07, 2025 at 04:08PM by bagaudin
via reddit https://ift.tt/8sjhe0k
https://ift.tt/HkfOU3G
Submitted November 07, 2025 at 04:08PM by bagaudin
via reddit https://ift.tt/8sjhe0k
Acronis
The DragonForce Cartel: Scattered Spider at the gate
Acronis Threat Research Unit (TRU) analyzed DragonForce, a Conti-derived ransomware-as-a-service active since 2023, documenting its malware, affiliate model and links to Scattered Spider.
Free test for Post-Quantum Cryptography TLS
https://qcready.com
Submitted November 07, 2025 at 05:38PM by chrisdefourire
via reddit https://ift.tt/FYBNenz
https://qcready.com
Submitted November 07, 2025 at 05:38PM by chrisdefourire
via reddit https://ift.tt/FYBNenz
Reddit
From the netsec community on Reddit: Free test for Post-Quantum Cryptography TLS
Posted by chrisdefourire - 9 votes and 17 comments
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299) - watchTowr Labs
https://ift.tt/irRvxoP
Submitted November 07, 2025 at 07:09PM by dx7r__
via reddit https://ift.tt/FgbToPr
https://ift.tt/irRvxoP
Submitted November 07, 2025 at 07:09PM by dx7r__
via reddit https://ift.tt/FgbToPr
watchTowr Labs
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299)
Happy Friday, friends and.. others.
We’re glad/sorry to hear that your week has been good/bad, and it’s the weekend/but at least it’s almost the weekend!
What’re We Doing Today, Mr Fox?
Today, in a tale that seems all too familar at this point,
We’re glad/sorry to hear that your week has been good/bad, and it’s the weekend/but at least it’s almost the weekend!
What’re We Doing Today, Mr Fox?
Today, in a tale that seems all too familar at this point,
Free IOC tool
https://ift.tt/5apvJuo
Submitted November 08, 2025 at 01:09AM by Cute_Leading_3759
via reddit https://ift.tt/k0fp1AE
https://ift.tt/5apvJuo
Submitted November 08, 2025 at 01:09AM by Cute_Leading_3759
via reddit https://ift.tt/k0fp1AE
New 'Landfall' spyware exploited a Samsung 0-day delivered through WhatsApp messages
https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/
Submitted November 08, 2025 at 03:45AM by Megabeets
via reddit https://ift.tt/T71Ehgc
https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/
Submitted November 08, 2025 at 03:45AM by Megabeets
via reddit https://ift.tt/T71Ehgc
Unit 42
LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices
Commercial-grade LANDFALL spyware exploits CVE-2025-21042 in Samsung Android’s image processing library. The spyware was embedded in malicious DNG files.
Another one of those!!
https://ift.tt/vXQ5Msb
Submitted November 08, 2025 at 06:06AM by bi6o
via reddit https://ift.tt/nrPkWio
https://ift.tt/vXQ5Msb
Submitted November 08, 2025 at 06:06AM by bi6o
via reddit https://ift.tt/nrPkWio
Merge Conflict Digest
Merge Conflict Digest - Daily Tech Newsletter for Developers
Daily tech news for developers who value their time.
Implementing the Etherhiding technique
https://ift.tt/ELPXenD
Submitted November 08, 2025 at 07:53PM by seyyid_
via reddit https://ift.tt/P317ROT
https://ift.tt/ELPXenD
Submitted November 08, 2025 at 07:53PM by seyyid_
via reddit https://ift.tt/P317ROT
Medium
Implementing the Etherhiding technique
Google recently published reports about a new technique called “Etherhiding.” The reports explain how the threat actors UNC5142 and UNC5342…
Arbitrary App Installation on Intune Managed Android Enterprise BYOD in Work Profile
https://ift.tt/oIxQkqJ
Submitted November 08, 2025 at 07:27PM by Jessner10247
via reddit https://ift.tt/zMKPkv2
https://ift.tt/oIxQkqJ
Submitted November 08, 2025 at 07:27PM by Jessner10247
via reddit https://ift.tt/zMKPkv2
How much latency does a Throwing Star LAN Tap add to packet capture? (practical numbers appreciated)
https://amzn.to/4oZoxUI
Submitted November 09, 2025 at 02:49AM by JMarkG
via reddit https://ift.tt/mxRIJtL
https://amzn.to/4oZoxUI
Submitted November 09, 2025 at 02:49AM by JMarkG
via reddit https://ift.tt/mxRIJtL
Reddit
From the netsec community on Reddit: [ Removed by moderator ]
Posted by JMarkG - 8 votes and 7 comments