B1txor20, A Linux Backdoor Using DNS Tunnel.

https://blog.netlab.360.com/b1txor20-use-of-dns-tunneling_en

A phishing / MITM tool 🔧 | Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication .

https://github.com/kgretzky/evilginx2

Automated pentesting / BugBounty.

https://yogeshojha.github.io/rengine/

Captcha-killer-modified for Burpsuite.

https://github.com/f0ng/captcha-killer-modified

Zero-Day in a Vmware product leads to unauthenticated remote code execution via Web interface.

Vmware is aware about the bug and is patching.

There is no patch to the Zero-Day. However, workarounds include use of WAF and disabling features.

Dirty Pipe (CVE-2022-0847) temporary root PoC for Android.

https://github.com/polygraphene/DirtyPipe-Android

Vidar spyware is now hidden in Microsoft help files

Updated: The malware is being spread through an interesting phishing tactic.

https://www.zdnet.com/article/vidar-spyware-is-now-hidden-in-microsoft-help-files/

☆ FORCEDENTRY: Sandbox Escape. A blog by Google's elite Project zero.

The article documents samples share by CitizenLab of the malware the Israel 🇮🇱 based state-sponsored Cyber-Crime syndicate 'NSO-Group' is infecting devices of people. Which often results in their death or harm to them or their relatives.

https://googleprojectzero.blogspot.com/2022/03/forcedentry-sandbox-escape.html

Deleted copy of Spring4Shell exploit code that triggered the infosec storm.

https://webcache.googleusercontent.com/search?q=cache:fMlVaoPj2YsJ:https://github.com/helloexp+&cd=1&hl=en&ct=clnk&gl=us

Pwning a Cisco RV340 with a 4 bug chain exploit as demonstrated in pwn2own competition.

https://blog.relyze.com/2022/04/pwning-cisco-rv340-with-4-bug-chain.html

spring-rce-poc

https://github.com/Retrospected/spring-rce-poc

Zero-Day in Nginx results in Remote Code Execution (RCE).

https://securityonline.info/nginx-zero-day-rce-vulnerability-alert/

🔧 Tool: A modern, simple TCP tunnel in Rust that exposes local ports to a remote server, bypassing standard NAT connection firewalls. That's all it does: no more, and no less.

https://github.com/ekzhang/bore

PoC: VMware CVE-2022-22954 Workspace ONE Access Freemarker Server-side Template Injection.

Originally mentioned here https://t.me/ckuRED/117 is the first public disclosure of the vulnerability

https://github.com/sherlocksecurity/VMware-CVE-2022-22954

Kernel RCE in FreeBSD via WiFi frames.

https://www.freebsd.org/security/advisories/FreeBSD-SA-22:07.wifi_meshid.asc

Also affects pfSense / OPNsense / etc.

New XSS vectors.

https://portswigger.net/research/new-xss-vectors

Capture SSL/TLS text content without CA cert by eBPF.

https://github.com/ehids/ecapture

CVE-2021-30737, @xerub's 2021 iOS ASN.1 Vulnerability.

https://googleprojectzero.blogspot.com/2022/04/cve-2021-30737-xerubs-2021-ios-asn1.html

Zero-Day in Java: A researcher has released proof-of-concept (PoC) code for a digital signature bypass vulnerability in Java.

CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server.

https://github.com/khalednassar/CVE-2022-21449-TLS-PoC

New elevation of privilege Linux vulnerability : Nimbuspwn

https://www.microsoft.com/security/blog/2022/04/26/microsoft-finds-new-elevation-of-privilege-linux-vulnerability-nimbuspwn/

Israeli 🇮🇱 Pegasus Spyware — Untold — Chinese Engineering — Samples 1 & 2.

The Israel, unable to create a smart spyware copied code for the app from China 🇨🇳 based APT and purchased Zero-Day from a security researcher from rhe money 💰 of primarily United States' 🇺🇸 taxpayers.

https://jonathandata1.medium.com/pegasus-spyware-untold-chinese-engineering-samples-1-2-e5aba2a0b20b