Critical RCE Vulnerability in Anthropic MCP Inspector - CVE-2025-49596 #CriticalRCE #AnthropicMCP #CVE202549596 #AIDeveloperTools #BrowserExploit https://www.oligo.security/blog/critical-rce-vulnerability-in-anthropic-mcp-inspector-cve-2025-49596
www.oligo.security
Critical RCE in Anthropic MCP Inspector (CVE-2025-49596) Enables Browser-Based Exploits | Oligo Security
A critical Remote Code Execution flaw (CVSS 9.4) in Anthropic’s MCP Inspector exposes AI developers to browser-based attacks via 0.0.0.0 and DNS rebinding. Learn how CVE-2025-49596 was exploited from the browser and what fixes were applied in version 0.14.1.
Yet another ZIP trick https://hackarcana.com/article/yet-another-zip-trick
EscapeRoute: Breaking the Scope of Anthropic’s Filesystem MCP Server(CVE-2025-53109 & CVE-2025-53110) #AnthropicMCP #SandboxEscape #CodeExecution #LLMSecurity #Cymulate https://cymulate.com/blog/cve-2025-53109-53110-escaperoute-anthropic/?utm_source=linkedin&utm_medium=social&utm_campaign=2025-q3-cve-2025-53109-53110-escaperoute-anthropic-blog&utm_term=blog
Cymulate
EscapeRoute: Breaking the Scope of Anthropic’s Filesystem MCP Server(CVE-2025-53109 & CVE-2025-53110)
Two critical flaws in Anthropic’s Filesystem MCP Server enable sandbox escapes, unrestricted file access, and even code execution, no binaries required
GitPhish: Automating Enterprise GitHub Device Code Phishing https://www.praetorian.com/blog/gitphish-automating-enterprise-github-device-code-phishing/
Praetorian
GitPhish: Automating Enterprise GitHub Device Code Phishing
Introducing GitPhish: An open-source tool for automating GitHub Device Code phishing attacks with dynamic code generation and professional landing pages for red teams.
Applocker bypass on Lenovo machines – The curious case of MFGSTAT.zip #AppLockerBypass #LenovoSecurity #MFGSTATzip #WindowsVulnerability #SecurityResearch https://oddvar.moe/2025/07/03/applocker-bypass-on-lenovo-machines-the-curious-case-of-mfgstat-zip/
Oddvar Moe's Blog
Applocker bypass on Lenovo machines – The curious case of MFGSTAT.zip
This blogpost is about a minor discovery I made regarding a writeable file inside the Windows folder that is present on Lenovo machines. Initially when I found it I thought it was only a handful of…
How Much More Must We Bleed? - Citrix NetScaler Memory Disclosure (CitrixBleed 2 CVE-2025-5777) #CitrixBleed2 #NetScaler #MemoryDisclosure #CVE20255777 #InTheWild https://labs.watchtowr.com/how-much-more-must-we-bleed-citrix-netscaler-memory-disclosure-citrixbleed-2-cve-2025-5777/
watchTowr Labs
How Much More Must We Bleed? - Citrix NetScaler Memory Disclosure (CitrixBleed 2 CVE-2025-5777)
Before you dive into our latest diatribe, indulge us and join us on a journey.
Sit in your chair, stand at your desk, lick your phone screen - close your eyes and imagine a world in which things are great. It’s sunny outside, the birds are chirping, and…
Sit in your chair, stand at your desk, lick your phone screen - close your eyes and imagine a world in which things are great. It’s sunny outside, the birds are chirping, and…
This overlooked Linux boot flaw defeats Secure Boot heres how to fix it #LinuxSecurity #SecureBootBypass #InitramfsFlaw #PhysicalAccess #BootVulnerability https://nerds.xyz/2025/07/linux-initramfs-security-flaw-secure-boot-bypass/
NERDS.xyz
This overlooked Linux boot flaw defeats Secure Boot heres how to fix it
A Linux researcher at ERNW has demonstrated how attackers can bypass Secure Boot protections by modifying an unsigned initramfs. But a few kernel tweaks are all it takes to lock things down.
CVE-2025-5777: CitrixBleed 2 Write-Up… Maybe? #CVE20255777 #CitrixBleed2 #NetScaler #MemoryLeak #SessionHijacking https://horizon3.ai/attack-research/attack-blogs/cve-2025-5777-citrixbleed-2-write-up-maybe/
Horizon3.ai
CVE-2025-5777: CitrixBleed 2 Exploit Deep Dive by Horizon3.ai
Explore the CVE-2025-5777 vulnerability in Citrix, dubbed CitrixBleed 2. Learn how it works, attack details, and defensive steps from Horizon3.ai experts.
How I Discovered a Libpng Vulnerability 11 Years After It Was Patched #Libpng #Vulnerability #IntegerOverflow #CodeReview #LearningExperience https://blog.himanshuanand.com/posts/discovered-a-libpng-vulnerability-11-years-after-it-was-patched/
Delete Yourself from the Internet: Why You Must—and Exactly How to Do It #DigitalFootprint #OnlinePrivacy #DataProtection #DeleteYourself #InternetSecurity https://esstnews.com/delete-yourself-from-the-internet/
The GPS Leak No One Talked About: Uffizio’s Silent Exposure #GPSLeak #DataExposure #Uffizio #CyberSecurityFailure #SupplyChainRisk https://reporter.deepspecter.com/the-gps-leak-no-one-talked-about-uffizios-silent-exposure-03b5dfb23556
Medium
The GPS Leak No One Talked About: Uffizio’s Silent Exposure
Executive Summary
Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke) #DNNExploit #UnicodeNormalization #NTLMCredentials #DotNetVulnerability #SMBAttack https://slcyber.io/assetnote-security-research-center/abusing-windows-net-quirks-and-unicode-normalization-to-exploit-dnn-dotnetnuke/
Searchlight Cyber
Abusing .NET and Unicode Normalization to Exploit DNN | Searchlight
A pre-authentication vulnerability exists within DotNetNuke versions 6.0 to 10.0.1, assigned CVE-2025-52488, that allows attackers to steal NTLM hashes.
RedirectionGuard: Mitigating unsafe junction traversal in Windows #RedirectionGuard #WindowsSecurity #PrivilegeEscalation #Junctions #SecurityMitigation https://msrc.microsoft.com/blog/2025/06/redirectionguard-mitigating-unsafe-junction-traversal-in-windows/
Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection Vulnerabilities #TikiWiki #SSTI #RemoteCodeExecution #CVE202532461 #CMSVulnerability https://karmainsecurity.com/KIS-2025-03
Karmainsecurity
Tiki Wiki CMS Groupware <= 28.3 Two Server-Side Template Injection Vulnerabilities | Karma(In)Security
This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.
Revisiting Cross Session Activation Attacks #CrossSessionActivation #DCOMAttacks #LateralMovement #ActiveDirectory #PrivilegeEscalation https://www.r-tec.net/r-tec-blog-revisiting-cross-session-activation-attacks.html
www.r-tec.net
r-tec Blog | Revisiting Cross Session Activation Attacks
This blog post revisits Cross Session Activation attacks
Opossum Attack: Application Layer Desynchronization using Opportunistic TLS #OpossumAttack #TLSDedesynchronization #OpportunisticTLS #PiTMAttack #ApplicationLayer https://opossum-attack.com/
Scanning for Post-Quantum Cryptographic Support #AnvilSecure #PostQuantumCrypto #PQCscan #OpenSource #CryptoCompliance https://www.anvilsecure.com/blog/scanning-for-post-quantum-cryptographic-support.html
Anvil Secure
Scanning for Post-Quantum Cryptographic Support - Anvil Secure
CTO Vincent Berg introduces PQCscan, a free tool that checks SSH and TLS servers for post-quantum cryptography support.
SSD Advisory – Linux Kernel Pipapo Set Double Free LPE https://ssd-disclosure.com/ssd-advisory-linux-kernel-pipapo-set-double-free-lpe/
SSD Secure Disclosure
SSD Advisory - Linux Kernel Pipapo Set Double Free LPE - SSD Secure Disclosure
Summary A critical double free vulnerability in the pipapo set module of the Linux kernel’s NFT subsystem has been discovered. An unprivileged attacker can exploit this vulnerability by sending a specially crafted netlink message, triggering double-free error…