https://eclypsium.com/blog/bombshell-the-signed-backdoor-hiding-in-plain-sight-on-framework-devices/
Please open Telegram to view this post
VIEW IN TELEGRAM
Eclypsium | Supply Chain Security for the Modern Enterprise
BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices
Eclypsium researchers have discovered UEFI shells, authorized via Secure Boot, on Framework laptops. The UEFI shells contain capabilities that allow attackers to bypass Secure Boot on roughly 200,000 affected Framework laptops and desktops.
🔥2
Pwn²Own Day 2: Hackers exploit 56 zero-days for $790,000.
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/
https://www.bleepingcomputer.com/news/security/samsung-galaxy-s25-hacked-on-day-two-of-pwn2own-ireland-2025/
BleepingComputer
Pwn2Own Day 2: Hackers exploit 22 zero-days for $267,500
Security researchers collected $267,500 in cash after exploiting 22 unique zero-day vulnerabilities during the second day of the Pwn2Own Ireland 2025 hacking competition.
🔥1
https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/
Please open Telegram to view this post
VIEW IN TELEGRAM
Securelist
Mem3nt0 mori – The Hacking Team is back!
Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.
🔥1
Media is too big
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥2😱1
https://openai.com/index/introducing-aardvark/
Please open Telegram to view this post
VIEW IN TELEGRAM
Openai
Introducing Aardvark: OpenAI’s agentic security researcher
Now in private beta: an AI agent that thinks like a security researcher and scales to meet the demands of modern software.
❤1🤔1
Juan Sacco
https://www.exploitpack.com/blogs/news/0-day-msr-kernel-exploit-for-windows-11-25h2
Please open Telegram to view this post
VIEW IN TELEGRAM
Exploit Pack
0-Day MSR Kernel Exploit for Windows 11 25H2
New 0-day Windows Kernel Exploit, working in Windows 11 25h2 fully patched.It took me 2 weeks of endless coffee cups! MSRs control where the CPU jumps for privileged transitions, they are a sensitive part of system state. Operating systems carefully them…
👍1🔥1👏1
A Major Leak Spills a Chinese Hacking Contractor’s Tools and Targets.
https://www.wired.com/story/major-leak-spills-chinese-hacking-contractor-tools-targets/
https://www.wired.com/story/major-leak-spills-chinese-hacking-contractor-tools-targets/
WIRED
A Major Leak Spills a Chinese Hacking Contractor’s Tools and Targets
Plus: State-sponsored AI hacking is here, Google hosts a CBP face recognition app, and more of the week’s top security news.
🙉2
https://cybersecuritynews.com/7-zip-rce-vulnerability-exploited/
Please open Telegram to view this post
VIEW IN TELEGRAM
Cyber Security News
Hackers Actively Exploiting 7-Zip RCE Vulnerability in the Wild
Hackers have begun actively exploiting a critical remote code execution (RCE) vulnerability in the popular file archiver 7-Zip, putting millions of users at risk of malware infection and system compromise.
❤🔥1👍1🔥1
https://cybersecuritynews.com/critical-windows-graphics-vulnerability/
Please open Telegram to view this post
VIEW IN TELEGRAM
Cyber Security News
Critical Windows Graphics Vulnerability Lets Hackers Seize Control with a Single Image
A critical remote code execution flaw in Microsoft's Windows Graphics Component allows attackers to seize control of systems using specially crafted JPEG images.
☃2👍1👌1
cKure Red
The zionist entity (Israel) has “Iron” in the name of many 🪖 technologies (defense-related):
Iron Beam – Israel. High-energy laser air-defense system.
Iron Fist – Israel. Active protection system for vehicles.
Iron Curtain – US. APS for close-range RPG/missile interception.
Iron Wolf – Lithuania. Mechanized infantry brigade (NATO).
Iron Dome – Missile Defense system of Israel.
Iron Sting – Israel. Precision 120mm mortar-guided munition.
Iron Vision – Elbit helmet-mounted 360° situational awareness for tanks.
Please open Telegram to view this post
VIEW IN TELEGRAM
🤯3🤮2🤔1
https://securelist.com/tomiris-new-tools/118143/
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥1
https://github.com/mmathivanan17/CVE-2024-21413
https://cybersecuritynews.com/outlook-remote-code-execution-vulnerability-2/
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - mmathivanan17/CVE-2024-21413: Outlook exploitation
Outlook exploitation. Contribute to mmathivanan17/CVE-2024-21413 development by creating an account on GitHub.
🔥5🆒1
https://github.com/hackersatyamrastogi/react2shell-ultimate
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥3👌1
Hacked in Pakistan: Israeli Spyware Firm Intellexa, Owned by Ex-intel Officer, Still Active Amid
Spyware targets in Pakistan
https://www.haaretz.com/israel-news/security-aviation/2025-12-04/ty-article-magazine/.premium/israeli-spyware-firm-intellexa-owned-by-ex-intel-officer-still-active-amid-us-sanctions/0000019a-e3e8-db35-afbf-ebfcb8bb0000
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1
https://www.iranintl.com/en/202512164597
Please open Telegram to view this post
VIEW IN TELEGRAM
Iranintl
Iran-linked hacker group offers $30,000 bounty for Israel's military info
An Iran-linked hacker group said it was offering a $30,000 reward for information related to Israel’s military sector after releasing material it said identified people involved in designing Israeli missile defense systems.
❤1
This media is not supported in your browser
VIEW IN TELEGRAM
OSINT via Google 🔍
Please open Telegram to view this post
VIEW IN TELEGRAM
🤔1
Please open Telegram to view this post
VIEW IN TELEGRAM
❤4
https://github.com/weirdmachine64/GhidraGPT
Please open Telegram to view this post
VIEW IN TELEGRAM
GitHub
GitHub - weirdmachine64/GhidraGPT: Integrate LLM models directly into Ghidra for automated code rewrite and analysis.
Integrate LLM models directly into Ghidra for automated code rewrite and analysis. - weirdmachine64/GhidraGPT
👏1