Local Privilege Escalation via chroot option
An attacker can leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file:
https://www.sudo.ws/security/advisories/chroot_bug/
- https://access.redhat.com/security/cve/CVE-2025-32463
An attacker can leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file:
https://www.sudo.ws/security/advisories/chroot_bug/
- https://access.redhat.com/security/cve/CVE-2025-32463
Sudo
Local Privilege Escalation via chroot option
An attacker can leverage sudo’s -R (--chroot) option to run arbitrary commands as root, even if they are not listed in the sudoers file.
Sudo versions affected: Sudo versions 1.9.14 to 1.9.17 inclusive are affected.
CVE ID: This vulnerability has been assigned…
Sudo versions affected: Sudo versions 1.9.14 to 1.9.17 inclusive are affected.
CVE ID: This vulnerability has been assigned…
Forwarded from Yevgeniy Goncharov
📢 Open SysConf’25 зовёт спикеров!
Есть чем поделиться? Пора выйти на сцену.
📍 4 октября 2025 — день, когда на одной сцене снова соберутся те, кто делает, думает и двигает.
А ты - продолжаешь откладывать? Всё ждёшь "подходящего момента"?
Вот он. Это твой шанс выступить и рассказать миру, что ты понял, построил, сломал или переосмыслил за этот год.
Мы ждём твой доклад, если ты хочешь рассказать о:
- технологиях и коде
- инфраструктуре и хаках
- безопасности, мониторинге, Dev(Sec/App)Ops, ML, IaC, sysadmin'стве и тех/хак ресерчах и наработках
- человеческом факторе, ошибках, росте и том, как не сгореть по дороге
Подать заявку просто: 👉 https://sysconf.io/2025
Твои знания могут стать триггером для чьего-то роста.
Ты с нами? Тогда Welcome! ✌️
Есть чем поделиться? Пора выйти на сцену.
📍 4 октября 2025 — день, когда на одной сцене снова соберутся те, кто делает, думает и двигает.
А ты - продолжаешь откладывать? Всё ждёшь "подходящего момента"?
Вот он. Это твой шанс выступить и рассказать миру, что ты понял, построил, сломал или переосмыслил за этот год.
Мы ждём твой доклад, если ты хочешь рассказать о:
- технологиях и коде
- инфраструктуре и хаках
- безопасности, мониторинге, Dev(Sec/App)Ops, ML, IaC, sysadmin'стве и тех/хак ресерчах и наработках
- человеческом факторе, ошибках, росте и том, как не сгореть по дороге
Подать заявку просто: 👉 https://sysconf.io/2025
Твои знания могут стать триггером для чьего-то роста.
Ты с нами? Тогда Welcome! ✌️
Code highlighting with Cursor AI for $500,000
Attacks that leverage malicious open-source packages are becoming a major and growing threat...
https://securelist.com/open-source-package-for-cursor-ai-turned-into-a-crypto-heist/116908
Attacks that leverage malicious open-source packages are becoming a major and growing threat...
https://securelist.com/open-source-package-for-cursor-ai-turned-into-a-crypto-heist/116908
Securelist
The Solidity Language open-source package was used in a $500,000 crypto heist
Kaspersky GReAT experts uncover malicious extensions for Cursor AI that download the Quasar backdoor and a crypto stealer.
Golden dMSA: What Is dMSA Authentication Bypass?
https://www.semperis.com/blog/golden-dmsa-what-is-dmsa-authentication-bypass/
https://www.semperis.com/blog/golden-dmsa-what-is-dmsa-authentication-bypass/
Semperis
Golden dMSA: What Is dMSA Authentication Bypass? | Semperis Research
The Golden dMSA attack enables attackers to bypass authentication and generate passwords for managed service accounts in AD. Understand the risks.
MaaS operation leverages GitHub public repositories
https://blog.talosintelligence.com/maas-operation-using-emmenhtal-and-amadey-linked-to-threats-against-ukrainian-entities/
https://blog.talosintelligence.com/maas-operation-using-emmenhtal-and-amadey-linked-to-threats-against-ukrainian-entities/
Cisco Talos Blog
MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities
Cisco Talos uncovered a stealthy Malware-as-a-Service (MaaS) operation that used fake GitHub accounts to distribute a variety of dangerous payloads and evade security defenses.
WhoFi: Deep Person Re-Identification via Wi-Fi Channel Signal Encoding
Person Re-Identification (Re-ID) plays a central role in surveillance systems, aiming to determine whether two representations belong to the same individual across different times or locations. Traditional Re-ID systems typically rely on visual data such as images or videos, comparing a probe (the input to be identified) against a set of stored gallery samples by learning discriminative biometric features. Most commonly, these features are based on appearance cues such as clothing texture, color, and body shape...:
https://arxiv.org/html/2507.12869v1
Person Re-Identification (Re-ID) plays a central role in surveillance systems, aiming to determine whether two representations belong to the same individual across different times or locations. Traditional Re-ID systems typically rely on visual data such as images or videos, comparing a probe (the input to be identified) against a set of stored gallery samples by learning discriminative biometric features. Most commonly, these features are based on appearance cues such as clothing texture, color, and body shape...:
https://arxiv.org/html/2507.12869v1
Scale Up, Risk Up: DRP Data Reveals Increase in Attack Surface
https://reliaquest.com/blog/threat-research-reveals-increase-in-vulnerabilities-external-exposures/
https://reliaquest.com/blog/threat-research-reveals-increase-in-vulnerabilities-external-exposures/
ReliaQuest
Scale Up, Risk Up: DRP Data Reveals Increase in Attack Surface
Learn how exposed credentials, access keys, and typo-squatting are opening doors for attackers. Explore strategies to reduce your attack surface.
ToolShell: a story of five vulnerabilities in Microsoft SharePoint
https://securelist.com/toolshell-explained/117045/
https://securelist.com/toolshell-explained/117045/
Securelist
ToolShell: a story of five vulnerabilities in Microsoft SharePoint
Explaining the ToolShell vulnerabilities in SharePoint: how the POST request exploit works, why initial patches can be easily bypassed, and how to stay protected.
Exploiting zero days in abandoned hardware
https://blog.trailofbits.com/2025/07/25/exploiting-zero-days-in-abandoned-hardware/
https://blog.trailofbits.com/2025/07/25/exploiting-zero-days-in-abandoned-hardware/
The Trail of Bits Blog
Exploiting zero days in abandoned hardware
We successfully exploited two discontinued network devices at DistrictCon’s inaugural Junkyard competition in February, winning runner-up for Most Innovative Exploitation Technique. Our exploit chains demonstrate why end-of-life hardware poses persistent…
PyPi Incident Report: Phishing Attack
- 4 user accounts were successfully phished
- 2 API Tokens were generated by the attackers
- 2 releases of the num2words project were uploaded by the attacker
https://blog.pypi.org/posts/2025-07-31-incident-report-phishing-attack/
- 4 user accounts were successfully phished
- 2 API Tokens were generated by the attackers
- 2 releases of the num2words project were uploaded by the attacker
https://blog.pypi.org/posts/2025-07-31-incident-report-phishing-attack/
blog.pypi.org
PyPI Phishing Attack: Incident Report - The Python Package Index Blog
Follow-up on the recent phishing attack targeting PyPI users.
Arch Infected AUR packages - firefox, zen-browser, chrome
Just ten days after a previous incident, malware with a Remote Access Trojan has once again been discovered in Arch Linux AUR packages.
https://linuxiac.com/arch-aur-under-fire-once-more-as-malware-resurfaces/
Just ten days after a previous incident, malware with a Remote Access Trojan has once again been discovered in Arch Linux AUR packages.
https://linuxiac.com/arch-aur-under-fire-once-more-as-malware-resurfaces/
Linuxiac
Arch AUR Under Fire Once More as Malware Resurfaces
Just ten days after a previous incident, malware with a Remote Access Trojan has once again been discovered in Arch Linux AUR packages.
Mozilla. Warning: Phishing campaign detected
Developers under attack:
https://blog.mozilla.org/addons/2025/08/01/warning-phishing-campaign-detected/
Developers under attack:
https://blog.mozilla.org/addons/2025/08/01/warning-phishing-campaign-detected/
NIST_Ransomware_Risk_Management .pdf
557.1 KB
NIST Ransomware Risk Management
How Much Energy Does ChatGPT Use Per Prompt? A Look at Its Hidden Environmental Costs
⚠️ One GPT request can require 2 to 5 liters of water... Think about it for a moment.
https://dev.to/nilanth/how-much-energy-does-chatgpt-use-per-prompt-a-look-at-its-hidden-environmental-costs-2j3a
https://dev.to/nilanth/how-much-energy-does-chatgpt-use-per-prompt-a-look-at-its-hidden-environmental-costs-2j3a
Please open Telegram to view this post
VIEW IN TELEGRAM
DEV Community
How Much Energy Does ChatGPT Use Per Prompt? A Look at Its Hidden Environmental Costs
ChatGPT has become a popular tool for generating human-like responses to a wide range of prompts, but...
Microsoft Releases Guidance on High-Severity Vulnerability (CVE-2025-53786) in Hybrid Exchange Deployments
https://www.cisa.gov/news-events/alerts/2025/08/06/microsoft-releases-guidance-high-severity-vulnerability-cve-2025-53786-hybrid-exchange-deployments
https://www.cisa.gov/news-events/alerts/2025/08/06/microsoft-releases-guidance-high-severity-vulnerability-cve-2025-53786-hybrid-exchange-deployments
Microsoft Teams Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53783
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53783