⚠️ CVE-2025-32463

- Local privilege escalation: sudo versions 1.9.14 – 1.9.17

- CVSS: 9.3 (critical)

- reason :

/etc/nsswitch.conf from a user-controlled directory is used with the --chroot option

- exploit :
https://github.com/kh4sh3i/CVE-2025-32463

@reverseengineer101

BF has gone, maybe forever

For Egyptians

If you are looking for a place that you can find free professional courses in different fields as well as certificates then, Maharatech (ITI) is the place you are searching for

Visit https://maharatech.gov.eg

Unfortunately, today Oct 14 is the death day of Windows 10

After this,
The number of windows 7 increased (which is insane 😅)

But Linux still a great choice to try many people recommend Linux mint or Zorin OS, I personally recommend Pop! OS or Ubuntu to use

If you have fears about windows applications you can try Winboat, which is a free and open source project allows to run windows applications on Linux

https://github.com/TibixDev/winboat

Free ethical hacking course by Cisco

https://www.netacad.com/courses/ethical-hacker

If you are looking for privilege escalation on a Linux machine, then this is your guide

https://swisskyrepo.github.io/PayloadsAllTheThings/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation/
https://book.hacktricks.wiki/en/linux-hardening/privilege-escalation/index.html

If you have some binaries like SUID bins and you don't know what to do, then search in GTFOBins
https://gtfobins.github.io/

NSO Group has been acquired by U.S. investors, ending Israeli control

NSO Group is the company that develops every smart phone's nightmare Pegasus, the know Spyware

In my opinion it will still be used by Americans and Israelis for the same reasons they used before or the Israelis are developing something new

You can read the article: https://techcrunch.com/2025/10/10/spyware-maker-nso-group-confirms-acquisition-by-us-investors/

AWS is suffering from a huge technical problem that makes it almost down

Google services are affected as well as Preplexity AI also Chatgpt is affected

Really hard time for huge tech companies and other companies that use their services like hosting, this news is enough to make companies think twice before fully relying on a third-party or think about self hosting

Docker and postman are down

There are some news says it's because of Russian cyber attacks
https://www.euronews.com/next/2025/10/20/huge-internet-outage-hits-mobile-apps-and-websites-such-as-amazon-heres-what-we-know

Hetty is an open-source and free HTTP toolkit designed for security research, useful to be a powerful alternative to commercial tools like Burp Suite Pro. It offers features specifically tailored for the needs of the infosec community

▲ For Linux:

sudo snap install hetty

https://github.com/dstotijn/hetty

Swift Announcing the Swift SDK for Android !

Swift now is available for android and can be used on windows, Linux and MacOS. really big news that might change the world of android development

https://www.swift.org/blog/nightly-swift-sdk-for-android/

Debian family tree
These aren't the only distros based on Debian btw, there are more like ParrotOS

Next.js pentesting guide by Mr. Daoud Youssef

Really a very good and advanced article

https://deepstrike.io/blog/nextjs-security-testing-bug-bounty-guide

CVE-2025-59287

⚠️🚨CVSS: Critical 9.8

ဗ Affected: Windows Server Update Service (WSUS)

▲Description: Deserialization of untrusted data in Windows Server Update Service allows an unauthorized attacker to execute code over a network.

https://nvd.nist.gov/vuln/detail/CVE-2025-59287