Anatomy of an LLM RCE #LLM #RCE #CyberArk #Security #AI https://www.cyberark.com/resources/all-blog-posts/anatomy-of-an-llm-rce
Cyberark
Anatomy of an LLM RCE
As large language models (LLMs) become more advanced and are granted additional capabilities by developers, security risks increase dramatically. Manipulated LLMs are no longer just a risk of...
CrushFTP Authentication Bypass - CVE-2025-2825 #CrushFTP #AuthenticationBypass #VulnerabilityResearch #CVE2025-2825 #NucleiTemplate https://projectdiscovery.io/blog/crushftp-authentication-bypass
ProjectDiscovery
CrushFTP Authentication Bypass - CVE-2025-2825 — ProjectDiscovery Blog
Update (April 21, 2025):
The CVE originally referenced in this blog post CVE-2025-2825 has been rejected by NIST. The vulnerability is now officially tracked as CVE-2025-31161. All technical details and the impact discussed in this post remain accurate and…
The CVE originally referenced in this blog post CVE-2025-2825 has been rejected by NIST. The vulnerability is now officially tracked as CVE-2025-31161. All technical details and the impact discussed in this post remain accurate and…
peeko: peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser. #peeko #XSSC2 #internalnetworkexploration #browserbased #GitHub https://github.com/b3rito/peeko
GitHub
GitHub - b3rito/peeko: peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser.
peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser. - b3rito/peeko
TeamViewer password management 🙈 https://x.com/pentest_swissky/status/1908922649222197396
X (formerly Twitter)
Swissky (@pentest_swissky) on X
TeamViewer - @whynotsecurity
TL;DR: TeamViewer stored user passwords encrypted with AES-128-CBC with they key of 0602000000a400005253413100040000 and iv of 0100010067244F436E6762F25EA8D704 in the Windows registry.
https://t.co/0Cbwvu4ZgA
TL;DR: TeamViewer stored user passwords encrypted with AES-128-CBC with they key of 0602000000a400005253413100040000 and iv of 0100010067244F436E6762F25EA8D704 in the Windows registry.
https://t.co/0Cbwvu4ZgA
Shopware Unfixed SQL Injection in Security Plugin 6 #RedTeamPentesting #Shopware #SQLInjection #SecurityPlugin6 #VulnerabilityDetection https://www.redteam-pentesting.de/en/advisories/rt-sa-2025-001/
www.redteam-pentesting.de
RedTeam Pentesting - Shopware Unfixed SQL Injection in Security Plugin 6
Shopware is affected by a known SQL injection in older Shopware versions which is fixed in newer Shopware releases. For customers who can not upgrade the main Shopware version the Shopware AG offers the security plugin which patches known vulnerabilities…
The Evolution of HTTPS Adoption in Firefox #HTTPSFirst #Firefox #WebPrivacy #UserSecurity #EncryptionEvolution https://attackanddefense.dev/2025/03/31/https-first-in-firefox-136.html
Attack & Defense
The Evolution of HTTPS Adoption in Firefox
We at Mozilla believe that people deserve privacy and one of the most important pieces of web privacy is provided through ubiquitous encryption. Because of this, we shipped HTTPS-First by default as of Firefox 136 (March 4th). The mechanism upgrades all page…
Bypassing Windows Defender antivirus in 2025: Evasion Techniques Using Direct Syscalls and XOR Encryption – Part 1 #WindowsDefender #AntivirusBypass #Cybersecurity #Syscalls #XOREncryption https://www.hackmosphere.fr/bypass-windows-defender-antivirus-2025-part-1/
Hackmosphere
Windows Defender antivirus bypass in 2025 - part 1
Discover how antivirus works and how to setup a lab for (Windows Defender) antivirus bypass. Basic code is provided to start experimenting !
Unsafe at Any Speed: Abusing Python Exec for Unauth RCE in Langflow AI #LangflowAI #CVE20253248 #RCE #NodeZero #VulnerabilityDetection https://horizon3.ai/attack-research/disclosures/unsafe-at-any-speed-abusing-python-exec-for-unauth-rce-in-langflow-ai/
Horizon3.ai
Unsafe at Any Speed: Abusing Python Exec for Unauth RCE in Langflow AI
CVE-2025-3248 is a critical code injection vulnerability affecting Langflow, a popular tool used for building out agentic AI workflows. This vulnerability is easily exploitable and enables unauthenticated remote attackers to fully compromise Langflow servers.…
🔥1
TROX Stealer: A deep dive into a new Malware as a Service (MaaS) attack campaign #TROXStealer #MalwareAsAService #UrgencyBasedAttacks #HackersAdvantage #DeepDiveAnalysis https://sublime.security/blog/trox-stealer-a-deep-dive-into-a-new-malware-as-a-service-maas-attack-campaign/
sublime.security
TROX Stealer: A deep dive into a new Malware as a Service (MaaS) attack campaign · Blog · Sublime Security
Deep dive analysis of TROX Stealer, an urgency-based MaaS offering
Uncovering a 0-Click RCE in the SuperNote Nomad E-ink Tablet #SuperNoteNomad #0ClickRCE #EInkTablet #SecurityResearch #CVE202532409 https://www.prizmlabs.io/post/remote-rootkits-uncovering-a-0-click-rce-in-the-supernote-nomad-e-ink-tablet
Prizm Labs Website
Uncovering a 0-Click RCE in the SuperNote Nomad E-ink Tablet
Details of our SuperNote Nomad research which led to the disclosure of a 0-click RCE vulnerability
🔥2
Dashboard with cybersecurity metrics and statistics from the last 30 days #cyber #monitoring #technology #security #onlineprivacy https://cybermonit.com/
Cybermonit
Cybermonit is a modern platform for monitoring CVS vulnerabilities, data leaks, ransomware attacks and ongoing DDoS attacks, enabling rapid threat identification and effective response to cyber incidents.
We Have a Package for You! A Comprehensive Analysis of Package Hallucinations
by Code Generating LLMs #technical #security #PDF #text #document https://arxiv.org/pdf/2406.10279
by Code Generating LLMs #technical #security #PDF #text #document https://arxiv.org/pdf/2406.10279
Security Analysis: Potential AI Agent Hijacking via MCP and A2A Protocol Insights #SecurityAnalysis #AIAgentHijacking #MCPProtocol #A2AProtocol #SecurityFlaws https://medium.com/@foraisec/security-analysis-potential-ai-agent-hijacking-via-mcp-and-a2a-protocol-insights-cd1ec5e6045f
Medium
Security Analysis: Potential AI Agent Hijacking via MCP and A2A Protocol Insights
Communication protocols represent a core infrastructure accelerating the development and deployment of AI Agents. Anthropic’s Model Context…
Aiding reverse engineering with Rust and a local LLM #Rust #ReverseEngineering #LocalLLM #Security #Vulnerabilities https://security.humanativaspa.it/aiding-reverse-engineering-with-rust-and-a-local-llm/
HN Security
Aiding reverse engineering with Rust and a local LLM - HN Security
Offensive Rust series article that introduces a new AI tool (oneiromancer) to aid with reverse engineering.
SAP Emarsys SDK for Android Sensitive Data Leak (CVE-2023-6542) #SAPEmarsysSDK #AndroidVulnerability #DataLeak #RemoteCodeExecution #RCESecurity https://www.rcesecurity.com/2025/04/sap-emarsys-sdk-for-android-sensitive-data-leak-cve-2023-6542/
Everyone knows your location, Part 2: try it yourself and share the results #LocationData #PrivacyRights #TrafficAnalysis #AppData #Crowdsourcing https://timsh.org/everyone-knows-your-location-part-2-try-it-yourself/
tim.sh
Everyone knows your location, Part 2: try it yourself and share the results
Learn how to record and analyse your mobile device traffic, take an app from the list of "shady" apps and share the results.
SSD Advisory – extract() double-free(5.X)/use-after-free(7.X/8.X) #SSDAdvisory #PHPVulnerability #DoubleFree #UseAfterFree #ArbitraryCodeExecution https://ssd-disclosure.com/ssd-advisory-extract-double-free5-x-use-after-free7-x-8-x/
SSD Secure Disclosure
SSD Advisory - extract() double-free(5.X)/use-after-free(7.X/8.X) - SSD Secure Disclosure
Summary A vulnerability in PHP’s extract() function allows attackers to trigger a double-free in version 5.x or a user-after-free in versions 7.x, 8.x, which in turn allows arbitrary code execution (native code). Credit An independent security researcher…
AES & ChaCha — A Case for Simplicity in Cryptography #AES #ChaCha #Cryptography #Simplicity #Comparison https://phase.dev/blog/chacha-and-aes-simplicity-in-cryptography/
phase
AES & ChaCha — A Case for Simplicity in Cryptography | Phase Blog
A technical deep dive into how the ChaCha20 cipher is taking on AES as the gold standard for symmetric encryption, and a lesson about the power of simplicity in cryptographic design.
SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation #SuperCardX #NFCRelayFraud #ChineseMaaS #AndroidMalware #LowDetectionRate https://www.cleafy.com/cleafy-labs/supercardx-exposing-chinese-speaker-maas-for-nfc-relay-fraud-operation
Cleafy
SuperCard X: exposing a Chinese-speaker MaaS for NFC Relay fraud operation | Cleafy
A new fraud campaign based on the Android malware "SuperCard X" and innovative NFC relay techniques is impacting Italian's banking. Read our latest report to learn more.