Forwarded from Brut Security
🔥 GitHub RCE via single git push!
CVE-2026-3854: Unsanitized push options let attackers run commands on backend servers, bypassing sandboxing (cross-tenant risk).
🔗 Learn how header injection led to full compromise → https://thehackernews.com/2026/04/researchers-discover-critical-github.html?m=1
CVE-2026-3854: Unsanitized push options let attackers run commands on backend servers, bypassing sandboxing (cross-tenant risk).
🔗 Learn how header injection led to full compromise → https://thehackernews.com/2026/04/researchers-discover-critical-github.html?m=1
🔥3
Forwarded from Brut Security
This media is not supported in your browser
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
Read “International AITU CTF on Kazakhstan SCADA system PWNED🇰🇿“ by JavaSec.uz on Medium: https://medium.com/@abduxalilovjavohir393/international-aitu-ctf-on-kazakhstan-scada-system-pwned-d9b4655a66f3
Medium
International AITU CTF on Kazakhstan SCADA system PWNED🇰🇿
JavaSec
🔥4
Alleged data breach involving Zoodmall.com 🌍
~816K+ user records across multiple countries reportedly exposed
Breakdown:
• Iraq: ~371K
• Uzbekistan: ~252K
• Lebanon: ~193K
Data may include:
• Full names
• Phone numbers ⚠️
• Country, city & ZIP details
• Addresses
• Payment & transaction data
• Product details (SKU, price, quantity)
⚠️ Why this matters:
→ Targeted scams using order & transaction data
→ Identity theft & location-based risks
→ Financial fraud possibilities
→ Cross-border exposure increases impact
#DataBreach #CyberSecurity #DataLeak #Privacy #Infosec #ThreatIntel
~816K+ user records across multiple countries reportedly exposed
Breakdown:
• Iraq: ~371K
• Uzbekistan: ~252K
• Lebanon: ~193K
Data may include:
• Full names
• Phone numbers ⚠️
• Country, city & ZIP details
• Addresses
• Payment & transaction data
• Product details (SKU, price, quantity)
⚠️ Why this matters:
→ Targeted scams using order & transaction data
→ Identity theft & location-based risks
→ Financial fraud possibilities
→ Cross-border exposure increases impact
#DataBreach #CyberSecurity #DataLeak #Privacy #Infosec #ThreatIntel
😭7❤1😁1
Forwarded from Sploitus Agency
🔴 Kichik Red Team Real Case: Bitta router qanday qilib butun tashkilotni qulatadi?
Ko‘pchilik hali ham shunaqa o‘ylaydi:
“Routerda kichik muammo bo‘lsa ham, undan katta zarar chiqmaydi…”
Lekin real holatda bu fikr juda xato.
---
🧠 Qisqa foundation:
Routerlarda uchraydigan asosiy zaifliklar:
• RCE (auth / unauth)
• Authentication bypass
• Command injection
• Default credentials
• Eski firmware
Va bularni topish qiyin ham emas.
Shodan orqali:
• Internetga ochiq routerlar
• Model va firmware
• Login panel’lar
hammasi ko‘rinib turadi.
---
😤 Real case boshlanishi:
Attacker tashkilotni test qiladi:
• Web app → himoyalangan
• Serverlar → patch qilingan
• AD → relay ishlamaydi
• Endpoint → EDR bor
👉 Bir necha kun urinishlardan keyin ham hech narsa topilmadi.
---
🔍 Burilish nuqtasi:
Attacker tashqaridan qaraydi.
Shodan orqali qidiradi:
port:80 "router"
port:8080 "login"
port:8291 "RouterOS"
👉 Va bitta narsa topadi:
Internetga ochiq turgan D-Link router
---
⚠️ Zaiflik: CVE-2026-0625
Bu oddiy bug emas.
👉 Bu — unauthenticated RCE
Ya’ni:
• Login kerak emas
• Session kerak emas
• Faqat bitta HTTP request yetarli
---
💣 Texnik tafsilot (soddalashtirilgan):
Router’da
Bu endpoint:
• Foydalanuvchi kiritgan qiymatni tekshirmaydi
• Input sanitization yo‘q
Attacker esa:
• Maxsus crafted HTTP request yuboradi
• Parametr ichiga command qo‘shadi (`;`,
Natija:
👉 Router shell’da attacker command’i ishlaydi
---
🔥 Exploit natijasi:
Attacker:
• Reverse shell oladi
• Router OS darajasida ishlaydi
• Root huquqlarga yaqin nazoratga ega bo‘ladi
---
🕸 Shu yerdan keyin eng xavfli bosqich boshlanadi:
Router — bu oddiy qurilma emas.
Bu:
👉 Butun tarmoqning markazi
Attacker:
• Traffic’ni kuzatadi (packet capture)
• DNS’ni o‘zgartiradi (redirect)
• ARP spoofing qiladi
• Internal IP’larni aniqlaydi
---
🔐 Eng muhim zarba:
👉 NTLM authentication’lar ushlab olinadi
Bu degani:
• Foydalanuvchi login bo‘lsa
• Hash router orqali o‘tadi
• Attacker uni yozib oladi
---
🎭 Keyin nima bo‘ladi?
• Pass-the-Hash attack
• Internal service’larga kirish
• Xodimlarga targeted phishing
👉 Attacker endi “tashqaridan kelgan xaker” emas
👉 U “ichki foydalanuvchi”ga aylanadi
---
💥 Natija:
• Lateral movement
• Serverlar compromise
• Credential chain reaction
• To‘liq takeover
---
📄 Va eng qo‘rqinchli joy:
Final report’da faqat:
👉 “Exposed D-Link router (CVE-2026-0625)”
---
😐 Haqiqat esa:
Shu bitta zaiflik:
• Perimeter’ni buzdi
• Ichki tarmoqqa yo‘l ochdi
• Barcha himoyalarni bypass qildi
---
⚠️ Routerlarda yana qanday zaifliklar chiqishi mumkin?
Bu faqat RCE emas.
Ko‘pincha quyidagilar ham bo‘ladi:
🔓 Authentication bypass
👉 Login qilmasdan admin panelga kirish
💣 Command injection
👉 Diagnostic funksiyalar orqali OS command ishlatish
🧬 CSRF (Cross-Site Request Forgery)
👉 Foydalanuvchi orqali router sozlamasini o‘zgartirish
🌐 DNS hijacking
👉 Trafikni fake saytga yo‘naltirish
🔑 Default credentials
👉 Eng oddiy, lekin eng xavfli xato
🕳 Backdoor / hidden account
👉 Ishlab chiqaruvchi yoki malware qoldirgan access
📡 Open management ports
👉 Telnet / SSH / Web internetga ochiq
---
🧩 Xulosa:
Ba’zida:
❌ Zero-day kerak emas
❌ Murakkab exploit ham shart emas
👉 Bitta exposed router yetarli
---
🔐 Tavsiyalar:
• Router’ni internetdan yopish (VPN orqali kirish)
• Firmware’ni doim yangilash
• Default credential’larni o‘zgartirish
• Monitoring va loglarni tekshirish
• Keraksiz servislarni o‘chirish
---
👉 Esda tuting:
“Router — bu kichik qurilma emas.
Bu — butun tarmoqqa kirish eshigi.”
Ko‘pchilik hali ham shunaqa o‘ylaydi:
“Routerda kichik muammo bo‘lsa ham, undan katta zarar chiqmaydi…”
Lekin real holatda bu fikr juda xato.
---
🧠 Qisqa foundation:
Routerlarda uchraydigan asosiy zaifliklar:
• RCE (auth / unauth)
• Authentication bypass
• Command injection
• Default credentials
• Eski firmware
Va bularni topish qiyin ham emas.
Shodan orqali:
• Internetga ochiq routerlar
• Model va firmware
• Login panel’lar
hammasi ko‘rinib turadi.
---
😤 Real case boshlanishi:
Attacker tashkilotni test qiladi:
• Web app → himoyalangan
• Serverlar → patch qilingan
• AD → relay ishlamaydi
• Endpoint → EDR bor
👉 Bir necha kun urinishlardan keyin ham hech narsa topilmadi.
---
🔍 Burilish nuqtasi:
Attacker tashqaridan qaraydi.
Shodan orqali qidiradi:
port:80 "router"
port:8080 "login"
port:8291 "RouterOS"
👉 Va bitta narsa topadi:
Internetga ochiq turgan D-Link router
---
⚠️ Zaiflik: CVE-2026-0625
Bu oddiy bug emas.
👉 Bu — unauthenticated RCE
Ya’ni:
• Login kerak emas
• Session kerak emas
• Faqat bitta HTTP request yetarli
---
💣 Texnik tafsilot (soddalashtirilgan):
Router’da
dnscfg.cgi endpoint mavjud bo‘ladi.Bu endpoint:
• Foydalanuvchi kiritgan qiymatni tekshirmaydi
• Input sanitization yo‘q
Attacker esa:
• Maxsus crafted HTTP request yuboradi
• Parametr ichiga command qo‘shadi (`;`,
&& kabi)Natija:
👉 Router shell’da attacker command’i ishlaydi
---
🔥 Exploit natijasi:
Attacker:
• Reverse shell oladi
• Router OS darajasida ishlaydi
• Root huquqlarga yaqin nazoratga ega bo‘ladi
---
🕸 Shu yerdan keyin eng xavfli bosqich boshlanadi:
Router — bu oddiy qurilma emas.
Bu:
👉 Butun tarmoqning markazi
Attacker:
• Traffic’ni kuzatadi (packet capture)
• DNS’ni o‘zgartiradi (redirect)
• ARP spoofing qiladi
• Internal IP’larni aniqlaydi
---
🔐 Eng muhim zarba:
👉 NTLM authentication’lar ushlab olinadi
Bu degani:
• Foydalanuvchi login bo‘lsa
• Hash router orqali o‘tadi
• Attacker uni yozib oladi
---
🎭 Keyin nima bo‘ladi?
• Pass-the-Hash attack
• Internal service’larga kirish
• Xodimlarga targeted phishing
👉 Attacker endi “tashqaridan kelgan xaker” emas
👉 U “ichki foydalanuvchi”ga aylanadi
---
💥 Natija:
• Lateral movement
• Serverlar compromise
• Credential chain reaction
• To‘liq takeover
---
📄 Va eng qo‘rqinchli joy:
Final report’da faqat:
👉 “Exposed D-Link router (CVE-2026-0625)”
---
😐 Haqiqat esa:
Shu bitta zaiflik:
• Perimeter’ni buzdi
• Ichki tarmoqqa yo‘l ochdi
• Barcha himoyalarni bypass qildi
---
⚠️ Routerlarda yana qanday zaifliklar chiqishi mumkin?
Bu faqat RCE emas.
Ko‘pincha quyidagilar ham bo‘ladi:
🔓 Authentication bypass
👉 Login qilmasdan admin panelga kirish
💣 Command injection
👉 Diagnostic funksiyalar orqali OS command ishlatish
🧬 CSRF (Cross-Site Request Forgery)
👉 Foydalanuvchi orqali router sozlamasini o‘zgartirish
🌐 DNS hijacking
👉 Trafikni fake saytga yo‘naltirish
🔑 Default credentials
👉 Eng oddiy, lekin eng xavfli xato
🕳 Backdoor / hidden account
👉 Ishlab chiqaruvchi yoki malware qoldirgan access
📡 Open management ports
👉 Telnet / SSH / Web internetga ochiq
---
🧩 Xulosa:
Ba’zida:
❌ Zero-day kerak emas
❌ Murakkab exploit ham shart emas
👉 Bitta exposed router yetarli
---
🔐 Tavsiyalar:
• Router’ni internetdan yopish (VPN orqali kirish)
• Firmware’ni doim yangilash
• Default credential’larni o‘zgartirish
• Monitoring va loglarni tekshirish
• Keraksiz servislarni o‘chirish
---
👉 Esda tuting:
“Router — bu kichik qurilma emas.
Bu — butun tarmoqqa kirish eshigi.”
🔥4❤3😁2👍1😴1
SecList for CyberStudents
we are cooked
bu o'z tasdig'ini topgan holda sekin sekin chiqishni boshladi....
🤣13❤1
SecList for CyberStudents
KIUT da 1 yil oldin ancha muncha joylari ochiq holda ko'rgandim. Endi shuni mevasini bugun ko'rib turibmiz
image_2026-05-05_15-24-58.png
28.5 KB
Menimcha DataLeakni o'zimiznikilar qilyapti shekili. Nega?
Chunki Chopar Pizza bilan KIUT shuncha targetni ichidan nega aynan bular? Aslida Threat Actorlar uchun qiziq bo'lgan infolarning turlari mavjud. Ammo hackerxyx nomli (hacker) ga hayronman Pizza va KIUT nega kerak )))
uz da bu kabi targetlar juda ham ko'p. Ishonch bilan aytishim mumkinki, yana uz dan qaysidir shu tipdagi domain leak bo'lsa bu ichkaridan yani o'zimizning bolajonlar ) bo'ladi. Karl bunaqa targetlarga tegma deydigan odam yoq ))
Chunki Chopar Pizza bilan KIUT shuncha targetni ichidan nega aynan bular? Aslida Threat Actorlar uchun qiziq bo'lgan infolarning turlari mavjud. Ammo hackerxyx nomli (hacker) ga hayronman Pizza va KIUT nega kerak )))
uz da bu kabi targetlar juda ham ko'p. Ishonch bilan aytishim mumkinki, yana uz dan qaysidir shu tipdagi domain leak bo'lsa bu ichkaridan yani o'zimizning bolajonlar ) bo'ladi. Karl bunaqa targetlarga tegma deydigan odam yoq ))
💯21😁9🔥7🌚2🗿2❤1🤡1
Claude Mythos: The AI That Hacked Every OS and Escaped Its Own Cage
https://medium.com/@shubhamnv2/claude-mythos-the-ai-that-hacked-every-os-and-escaped-its-own-cage-2eabae94b898
https://medium.com/@shubhamnv2/claude-mythos-the-ai-that-hacked-every-os-and-escaped-its-own-cage-2eabae94b898
🔥3👍1
Another platform that reports on info breaches. There is also a lot of information here. Even some breach forums that have been announcing a lot of data leaks recently do not have such valuable information. In addition, links to download leaks are also provided, of course, sample files.
#TH #OSINT #DataLeak #BreachForum
#TH #OSINT #DataLeak #BreachForum
🔐 MISP — Threat Intelligence sharing platformasi
MISP (Malware Information Sharing Platform) — bu kiberxavfsizlik tahdidlarini aniqlash, tahlil qilish va ulashish uchun mo‘ljallangan open-source platforma.
✅ IOC (Indicators of Compromise) ma’lumotlarini boshqarish
✅ Threat Intelligence almashish
✅ Incident Response jarayonlarini tezlashtirish
✅ SIEM va boshqa xavfsizlik tizimlari bilan integratsiya
Bugungi kunda tashkilotlar MISP orqali zararli IP, domain, hash va boshqa tahdid indikatorlarini real vaqt rejimida almashib, kiberhujumlarga tezkor javob qaytarish imkoniyatiga ega bo'ladilar.
#MISP #CyberSecurity #ThreatIntelligence #SOC #BlueTeam #InfoSec #CyberDefense
MISP (Malware Information Sharing Platform) — bu kiberxavfsizlik tahdidlarini aniqlash, tahlil qilish va ulashish uchun mo‘ljallangan open-source platforma.
✅ IOC (Indicators of Compromise) ma’lumotlarini boshqarish
✅ Threat Intelligence almashish
✅ Incident Response jarayonlarini tezlashtirish
✅ SIEM va boshqa xavfsizlik tizimlari bilan integratsiya
Bugungi kunda tashkilotlar MISP orqali zararli IP, domain, hash va boshqa tahdid indikatorlarini real vaqt rejimida almashib, kiberhujumlarga tezkor javob qaytarish imkoniyatiga ega bo'ladilar.
#MISP #CyberSecurity #ThreatIntelligence #SOC #BlueTeam #InfoSec #CyberDefense
❤2