Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028) - watchTowr Labs
https://labs.watchtowr.com/fire-in-the-hole-were-breaching-the-vault-commvault-remote-code-execution-cve-2025-34028
https://labs.watchtowr.com/fire-in-the-hole-were-breaching-the-vault-commvault-remote-code-execution-cve-2025-34028
watchTowr Labs
Fire In The Hole, We’re Breaching The Vault - Commvault Remote Code Execution (CVE-2025-34028)
As we pack our bags and prepare for the adult-er version of BlackHat (that apparently doesn’t require us to print out stolen mailspoolz to hand to people at their talks), we want to tell you about a recent adventure - a heist, if you will.
No heist story…
No heist story…
"In one practice firing test, we found that if the rate of the fire of the gun crossed a certain threshold, that gun got blocked. There was a chip in that that during a war it will stop a gun from firing...... Any small impact on hardware or software can definitely lead to a military defect." — Lt. General (Dr.) Rajesh Pant
https://www.youtube.com/watch?v=iEqs1Wgt_Fo
https://www.youtube.com/watch?v=iEqs1Wgt_Fo
YouTube
EP.04 | Lt Gen Rajesh Pant on Securing India’s Digital Borders #cybersecurity
#podcast #cybersecurity
What does it take to protect a nation in the digital age?
In this powerful and eye-opening episode, we sit down with Lt. Gen. Rajesh Pant, Former National Cybersecurity Coordinator at the Prime Minister’s Office, Government of India.…
What does it take to protect a nation in the digital age?
In this powerful and eye-opening episode, we sit down with Lt. Gen. Rajesh Pant, Former National Cybersecurity Coordinator at the Prime Minister’s Office, Government of India.…
Few European countries, notably France, Spain, and Portugal, experienced major power outages that impacted millions. Although the exact cause is still being investigated by authorities, there are reports and speculation pointing to possible involvement by cybercriminals.
https://www.politico.eu/article/spain-portugal-power-blackouts-energy-electricity/
https://www.politico.eu/article/spain-portugal-power-blackouts-energy-electricity/
POLITICO
Why did the lights go out in Spain and Portugal? – POLITICO
And what does it mean for Europe, its power grids and its electricity?
OSINT-driven Popularity Scoring of Global Vulnerability Identifiers - A valuable metric for tracking trending vulnerabilities and public exploits for CVE, CNNVD & BDU.
https://github.com/ARPSyndicate/cnnvd-scores
https://github.com/ARPSyndicate/bdu-scores
https://github.com/ARPSyndicate/cve-scores
https://github.com/ARPSyndicate/cnnvd-scores
https://github.com/ARPSyndicate/bdu-scores
https://github.com/ARPSyndicate/cve-scores
GitHub
GitHub - ARPSyndicate/cnnvd-scores: 适用于 CNNVD 的 VEDAS 分数聚合器
适用于 CNNVD 的 VEDAS 分数聚合器. Contribute to ARPSyndicate/cnnvd-scores development by creating an account on GitHub.
A red team exercise simulating cyberattacks on critical infrastructure by reversing SCADA.
https://vrls.ws/posts/2025/04/red-team-compromising-critical-infrastructure-by-reversing-scada-software/
https://vrls.ws/posts/2025/04/red-team-compromising-critical-infrastructure-by-reversing-scada-software/
vrls.ws
Red Team - Compromising Critical Infrastructure by Reversing SCADA Software
Personal blog about computer hacking & security
Docker remains the top target among services trapped by Darktrace honeypots, consistently drawing attacks from emerging malware strains. This blog delves into a recent campaign with an unusual obfuscation method and an innovative cryptojacking technique.
https://www.darktrace.com/blog/obfuscation-overdrive-next-gen-cryptojacking-with-layers
https://www.darktrace.com/blog/obfuscation-overdrive-next-gen-cryptojacking-with-layers
Darktrace
Obfuscation Overdrive: Next-Gen Cryptojacking with Layers
Docker is a prime target for malware, with new strains emerging daily. This blog explores a novel campaign showcasing advanced obfuscation and cryptojacking techniques.
Awesome Intelligence got stargazed by 2000+ OSINT enthusiasts 😍
https://www.github.com/ARPSyndicate/awesome-intelligence
https://www.github.com/ARPSyndicate/awesome-intelligence
GitHub
GitHub - ARPSyndicate/awesome-intelligence: A collaboratively curated list of awesome Open-Source Intelligence (OSINT) Resources
A collaboratively curated list of awesome Open-Source Intelligence (OSINT) Resources - ARPSyndicate/awesome-intelligence
Puncia v0.32 is out! 🎉
Boost your cyber intelligence game with:
🌐 Attack surface mapping
🔍 Exploit discovery
⚙️ CVE/GHSA enrichment
🤖 Summarization & code gen
✍️ Auto advisory creation
🧾 SBOM analysis
🔄 CI/CD & threat intel integration
🛰️ Nation-state threat tracking
🛡️ Brand protection
📦 Bulk threat intel processing
🕵️ Passive recon & OSINT
📰 Auto-summarized security blogs
🌍 Multilingual intel delivery
https://github.com/ARPSyndicate/puncia
Boost your cyber intelligence game with:
🌐 Attack surface mapping
🔍 Exploit discovery
⚙️ CVE/GHSA enrichment
🤖 Summarization & code gen
✍️ Auto advisory creation
🧾 SBOM analysis
🔄 CI/CD & threat intel integration
🛰️ Nation-state threat tracking
🛡️ Brand protection
📦 Bulk threat intel processing
🕵️ Passive recon & OSINT
📰 Auto-summarized security blogs
🌍 Multilingual intel delivery
https://github.com/ARPSyndicate/puncia
GitHub
GitHub - ARPSyndicate/puncia: Panthera(P.)uncia - Official CLI utility for Osprey Vision, Subdomain Center & Exploit Observer.
Panthera(P.)uncia - Official CLI utility for Osprey Vision, Subdomain Center & Exploit Observer. - GitHub - ARPSyndicate/puncia: Panthera(P.)uncia - Official CLI utility for Osprey Vision,...
ARPSyndicate - Cyber & Open Source Intelligence pinned «Puncia v0.32 is out! 🎉 Boost your cyber intelligence game with: 🌐 Attack surface mapping 🔍 Exploit discovery ⚙️ CVE/GHSA enrichment 🤖 Summarization & code gen ✍️ Auto advisory creation 🧾 SBOM analysis 🔄 CI/CD & threat intel integration 🛰️ Nation-state threat…»
Paying for your VPS with Monero doesn’t mean you’re anonymous. This video explains why financial privacy isn’t the same as operational security and how assuming otherwise can expose you.
https://youtube.com/watch?v=OqzMrhcMcUM
https://youtube.com/watch?v=OqzMrhcMcUM
YouTube
Your VPS Provider Can Still Betray You, Monero or Not
Paying for your VPS with Monero doesn’t mean you’re anonymous. This video explains why financial privacy isn’t the same as operational security and how assuming otherwise can expose you.
Monero is excellent at protecting on-chain transaction data, but once…
Monero is excellent at protecting on-chain transaction data, but once…
A hacker has stolen customer data from TeleMessage, an obscure Israeli company that sells modified messaging apps to the U.S. government. The breach includes messages from its versions of Signal, WhatsApp, Telegram, and WeChat. TeleMessage recently gained attention after Mike Waltz revealed he used it in a meeting with Trump.
https://www.404media.co/the-signal-clone-the-trump-admin-uses-was-hacked/
https://www.404media.co/the-signal-clone-the-trump-admin-uses-was-hacked/
404 Media
The Signal Clone the Trump Admin Uses Was Hacked
TeleMessage, a company that makes a modified version of Signal that archives messages for government agencies, was hacked.
This bug is one of the most dangerous types of bugs that exist, a wormable RCE in the apple airplay protocol. This video explains what a UAF is, what a Type Confusion is, and how Rust may have fixed it.
https://www.youtube.com/watch?v=AZ0WM6U48lI
https://www.youtube.com/watch?v=AZ0WM6U48lI
YouTube
this might be the biggest bug of the year
This bug is one of the most dangerous types of bugs that exist, a wormable RCE in the apple airplay protocol. In this video we break down what a UAF is, what a Type Confusion is, and how Rust may have fixed it.
https://www.oligo.security/blog/airborne
🏫…
https://www.oligo.security/blog/airborne
🏫…
Micah Lee analyses the source code for the unofficial Signal app used by Trump officials.
https://micahflee.com/heres-the-source-code-for-the-unofficial-signal-app-used-by-trump-officials/
https://micahflee.com/heres-the-source-code-for-the-unofficial-signal-app-used-by-trump-officials/
micahflee
Here's the source code for the unofficial Signal app used by Trump officials
💡Update May 4, 2025: I have published quite the follow-up story, if I may say so myself: The Signal Clone the Trump Admin Uses Was Hacked
Update May 6, 2025: I've written a new detailed analysis. The findings are based on the TM SGNL source code and are…
Update May 6, 2025: I've written a new detailed analysis. The findings are based on the TM SGNL source code and are…
Eddie Zhang leverages AI to uncover an authentication bypass and remote code execution in OpenGamePanel.
https://projectblack.io/blog/vibe-hacking-open-game-panel-rce/
https://projectblack.io/blog/vibe-hacking-open-game-panel-rce/
Research Blog | Project Black
Vibe Hacking: Finding Auth Bypass and RCE in Open Game Panel
You've heard of vibe coding, but have you considered vibe hacking? I tried thinking less to find an authentication bypass and RCE in OpenGamePanel.
India's sovereign platform for aggregating and disseminating cyber threat intelligence.
https://ctigrid.arpsyndicate.io
https://ctigrid.arpsyndicate.io
SlowMist Researchers dive deep into the Lockbit Breach.
https://slowmist.medium.com/when-hackers-get-hacked-analyzing-the-breach-of-lockbit-23b8f553747d
https://slowmist.medium.com/when-hackers-get-hacked-analyzing-the-breach-of-lockbit-23b8f553747d
Medium
When Hackers Get Hacked: Analyzing the Breach of LockBit
LockBit’s leaked database exposed BTC addresses, private keys, chat logs, and linked companies.
Should we launch cyber offensive against Pakistan?
#OpSindoor #OperationSindoor #IndiaPakistanWar
#OpSindoor #OperationSindoor #IndiaPakistanWar
Anonymous Poll
57%
YES 😈
43%
NO 🙅♂
Ben Folland explores how defenders can exploit flaws in Telegram-based malware to disrupt C2 communications subsequently revealing insights into their backend infrastructure and other cybercrime activities.
https://polygonben.github.io/malware%20analysis/Compromising-Threat-Actor-Communications/
https://polygonben.github.io/malware%20analysis/Compromising-Threat-Actor-Communications/
Polygonben
Compromising Threat Actor Communications
Traditionally, the vast majority of malware would communicate to a threat actor owned server via a threat actor owned domain or IP address. This domain or IP would likely be hardcoded within the malware sample somewhere, such that when executed, it would…