From Blind XSS to RCE: When Headers Became My Terminal #BlindXSS #RCE #BugBounty #Cybersecurity #HeaderInjection https://is4curity.medium.com/from-blind-xss-to-rce-when-headers-became-my-terminal-d137d2c808a3
Medium
From Blind XSS to RCE: When Headers Became My Terminal
Hello,
FortiWeb Pre-Auth RCE (CVE-2025-25257) #FortiWeb #RCE #SQLi #CVE202525257 #PreAuth https://pwner.gg/blog/2025-07-10-fortiweb-fabric-rce
( ͡◕ _ ͡◕)👌
FortiWeb Pre-Auth RCE (CVE-2025-25257)
Hey! and welcome to another THEY BURNED MY BUG episode. This time, we introduce CVE-2025-25257. An SQLi that I spotted back in Feb. in case someone burn them before i get my bragging rights8157d42995395ba0c0cfccce37b934ebb63d3d5740ba43eda7fa853f389bca2a8…
🔥2🤪1
LLM crawlers continue to DDoS SourceHut #LLMCrawlers #DDoSAttack #SourceHut #BotMitigation #WebDisruption https://status.sr.ht/issues/2025-03-17-git.sr.ht-llms/
status.sr.ht
LLM crawlers continue to DDoS SourceHut | sr.ht status
We have deployed Anubis to git.sr.ht.
After some internal discussions we have ultimately decided that the best course
of action to protect git.sr.ht from LLM crawlers is to deploy Anubis. This
software presents some users with a proof-of-work challenge which…
After some internal discussions we have ultimately decided that the best course
of action to protect git.sr.ht from LLM crawlers is to deploy Anubis. This
software presents some users with a proof-of-work challenge which…
Historical Analysis of Reflected Vulnerabilities: The Evolution of Windows Defender Defenses #ReflectedVulnerabilities #WindowsDefender #SecurityEvolution #Exploitation #WindowsSecurity https://zenodo.org/records/15852242
Zenodo
Historical Analysis of Reflected Vulnerabilities: The Evolution of Windows Defender Defenses
This report analyzes a historical class of security flaws known as “reflected vulnerabilities,”which were once potent zero-day attack vectors targeting early Windows versions and antivirussoftware. We examine classic exploitation techniques, such as parser…
KongTuke FileFix Leads to New Interlock RAT Variant #InterlockRAT #PHPVariant #Malware #Cybersecurity #ThreatIntelligence https://thedfirreport.com/2025/07/14/kongtuke-filefix-leads-to-new-interlock-rat-variant/
The DFIR Report
KongTuke FileFix Leads to New Interlock RAT Variant
Researchers from The DFIR Report, in partnership with Proofpoint, have identified a new and resilient variant of the Interlock ransomware group’s remote access trojan (RAT). This new malware,…
Fooling the Sandbox: A Chrome-atic Escape #ChromeSandboxEscape #CVE202430088 #KernelExploit #PrivilegeEscalation #IntegrityBypass https://starlabs.sg/blog/2025/07-fooling-the-sandbox-a-chrome-atic-escape/
STAR Labs
Fooling the Sandbox: A Chrome-atic Escape
For my internship, I was tasked by my mentor Le Qi to analyze CVE-2024-30088, a double-fetch race condition bug in the Windows Kernel Image ntoskrnl.exe. A public POC demonstrating EoP from Medium Integrity Level to SYSTEM is available on GitHub here.
Additionally…
Additionally…
CVE-2025-5333: Remote Code Execution in Broadcom Altiris IRM #RCE #BroadcomAltiris #CriticalVulnerability #CVE20255333 #CybersecurityAlert https://www.lrqa.com/en/cyber-labs/remote-code-execution-in-broadcom-altiris-irm/
LRQA
Remote Code Execution in Broadcom Altiris IRM
A critical unauthenticated remote code execution (RCE) vulnerability was discovered in the Broadcom Symantec Altiris Inventory Rule Management (IRM) component of Symantec Endpoint Management.
Weaponizing Windows Drivers: A Hacker's Guide for Beginners #WindowsDrivers #KernelExploitation #BYOVD #StaticAnalysis #CybersecurityGuide https://www.securityjoes.com/post/weaponizing-windows-drivers-a-hacker-s-guide-for-beginners
Security Joes
Weaponizing Windows Drivers: A Hacker's Guide for Beginners
In the never-ending cat-and-mouse game of cybersecurity, every advancement in defense inevitably drives attackers to evolve their tactics, exploiting new gaps and vulnerabilities. From the early days of signature-based antivirus solutions in the 1980s to…
Code Execution Through Email: How I Used Claude to Hack Itself #LLMSecurity #AIHacking #CompositionalRisk #ClaudeAI #EmailExploit https://www.pynt.io/blog/llm-security-blogs/code-execution-through-email-how-i-used-claude-mcp-to-hack-itself
www.pynt.io
Code Execution Through Email: How I Used Claude to Hack
This is the story of how I used a Gmail message to trigger code execution through Claude Desktop, and how Claude itself (!) helped me plan the attack.
New MITRE framework takes aim at crypto threats #MITRE #AADAPT #CryptoSecurity #CyberDefense #DigitalAssets https://www.helpnetsecurity.com/2025/07/14/mitre-aadapt-adversarial-actions-in-digital-asset-payment-technologies/
Help Net Security
New MITRE framework takes aim at crypto threats
MITRE has introduced AADAPT (Adversarial Actions in Digital Asset Payment Technologies), a new cybersecurity framework.
LibAFL #LibAFL #Fuzzing #SecurityTesting #FuzzingLibrary #TestingHandbook https://appsec.guide/docs/fuzzing/c-cpp/libafl/
Testing Handbook
LibAFL
LibAFL # The LibAFL fuzzer implements features from AFL-based fuzzers like AFL++. Similarly to AFL++, LibAFL provides better fuzzing performance and more advanced features over libFuzzer. However, with LibAFL, all functionality is provided in a modular and…
🔥2
Automated Function ID Database Generation in Ghidra on Windows #Ghidra #ReverseEngineering #FunctionID #Windows #Automation https://blog.mantrainfosec.com/blog/17/automated-function-id-database-generation-in-ghidra-on-windows
CryptoJacking is dead: long live CryptoJacking #CryptoJacking #StealthAttacks #ClientSideSecurity #BrowserMining #EvolvedThreat https://cside.dev/blog/cryptojacking-is-dead-long-live-cryptojacking
cside
CryptoJacking is dead: long live CryptoJacking
Modern crypto jacking has evolved into a silent, multi-stage attacks.
Bypassing Commercial RASP and Root Detection - A Reality Check #RASPBypass #RootDetection #MobileAppSecurity #CybersecurityRisks #DefenseInDepth https://www.lucidbitlabs.com/blog/commercial-root-detection-vs-sophisticated-adversary/
Lucidbitlabs
Bypassing Commercial RASP and Root Detection - A Reality Check
We bypassed leading Android root-detection SDKs and show what that means for banking, government-ID and anti-fraud apps running on rooted devices.
GitHub Malware Protection Uncovering the Supply Chain Crisis and Amadey Threat #GitHubSecurity #SupplyChainCrisis #AmadeyMalware #SecretLeaks #DevSecOps https://ncse.info/github-malware-protection-supply-chain-crisis/
NCSE
GitHub Malware Protection Uncovering the Supply Chain Crisis and Amadey Threat
GitHub malware protection tips and insights from 2025's biggest threats, including Amadey, RepoJacking, and CI/CD supply chain attacks.
LARVA-208’s New Campaign Targets Web3 Developers #Prodaft #CATALYST #JavaScript #Enable #App https://catalyst.prodaft.com/public/report/larva-208s-new-campaign-targets-web3-developers/overview#heading-1000
Abusing Chrome Remote Desktop on Red Team Operations: A Practical Guide #ChromeRemoteDesktop #RedTeam #SoftwareAbuse #RemoteAccess #OffensiveSecurity https://trustedsec.com/blog/abusing-chrome-remote-desktop-on-red-team-operations-a-practical-guide
TrustedSec
Abusing Chrome Remote Desktop on Red Team Operations: A Practical…
Guest Post: How I Scanned all of GitHub’s “Oops Commits” for Leaked Secrets #GitHubSecurity #LeakedSecrets #OopsCommits #TruffleHog #BugBounty https://trufflesecurity.com/blog/guest-post-how-i-scanned-all-of-github-s-oops-commits-for-leaked-secrets
Trufflesecurity
Guest Post: How I Scanned all of GitHub’s “Oops Commits” for Leaked Secrets ◆ Truffle Security Co.
GitHub Archive logs every public commit, even the ones developers try to delete. Force pushes often cover up mistakes like leaked credentials by rewriting Git history. GitHub keeps these dangling commits, from what we can tell, forever. In the archive, they…
🔥2
Copy-Paste Pitfalls: Revealing the AppLocker Bypass Risks in The Suggested Block-list Policy #AppLocker #BypassRisk #BlocklistPolicy #ConfigurationError #CopyPastePitfalls https://www.varonis.com/blog/applocker-bypass-risks
Varonis
Copy-Paste Pitfalls: Revealing the AppLocker Bypass Risks in The Suggested Block-list Policy
A subtle versioning error in Microsoft’s AppLocker block list exposes a bypass risk — learn how to spot and fix this overlooked security gap.
Your Loyalty Card is a Liability: Lessons from the Co-op Hack #LoyaltyCardRisk #CoopHack #DataBreach #ConsumerPrivacy #SecurityLessons https://substack.com/home/post/p-168474995
Substack
Your Loyalty Card is a Liability: Lessons from the Co-op Hack
The Hidden Cost of Supermarket Loyalty: Data, Dependence, and Risk
What Is a Man-in-the-Middle Attack? https://www.proofpoint.com/us/threat-reference/man-in-the-middle-attack-mitm
Proofpoint
What Is a Man-in-the-Middle Attack? MitM Attacks Explained | Proofpoint US
A Man-in-the-Middle (MitM) is a form of data eavesdropping and theft. Learn what it is, how it works, how to prevent attacks, and more.