Zero-Day in Java: A researcher has released proof-of-concept (PoC) code for a digital signature bypass vulnerability in Java.

CVE-2022-21449 Proof of Concept demonstrating its usage with a client running on a vulnerable Java version and a malicious TLS server.

https://github.com/khalednassar/CVE-2022-21449-TLS-PoC

New elevation of privilege Linux vulnerability : Nimbuspwn

https://www.microsoft.com/security/blog/2022/04/26/microsoft-finds-new-elevation-of-privilege-linux-vulnerability-nimbuspwn/

Israeli 🇮🇱 Pegasus Spyware — Untold — Chinese Engineering — Samples 1 & 2.

The Israel, unable to create a smart spyware copied code for the app from China 🇨🇳 based APT and purchased Zero-Day from a security researcher from rhe money 💰 of primarily United States' 🇺🇸 taxpayers.

https://jonathandata1.medium.com/pegasus-spyware-untold-chinese-engineering-samples-1-2-e5aba2a0b20b

● Telegram Messenger (as per my analysis) becomes the largest public collection of DarkWeb content, resources, breached data and similar.

Zero-Day: Critical F5 BIG-IP flaw allows device takeover (CVE-2022-1388).

https://www.helpnetsecurity.com/2022/05/05/cve-2022-1388/

Speed-Hack: WordPress sites getting hacked ‘within seconds’ of TLS certificates being issued.

https://portswigger.net/daily-swig/wordpress-sites-getting-hacked-within-seconds-of-tls-certificates-being-issued

An advanced threat actor has leaked data of multiple institutions, organizations, nation-states and civilians in varying forms (PII, documents, credentials and similar).

The data collage is huge and we (t.me/ckure) have received the copy.

Some leaks were previously public. However, some are either new or were previously unreported.

Well written from A to Z: Exploiting a Use-After-Free for code execution in every version of Python 3.

https://pwn.win/2022/05/11/python-buffered-reader.html

Multiple bugs chained to takeover Facebook Accounts which uses Gmail. ($42K)

https://ysamm.com/?p=763

Proof-of-concept exploit release: nginx mp4 module DoS & Infoleak Vulnerability (2018) by @alisaesage.

Proof-of-concept exploit that demonstrates an out of bounds read in nginx v1.15.5 heap. This can be worked up to an information disclosure exploit with a bit of extra work. The bug itself, and potentially the exploit, affects earlier nginx versions to some extent.

https://zerodayengineering.com/exploits/nginx-mp4-infoleak.html

"Masato Kinugawa vs Microsoft Teams" live from Pwn2Own Vancouver 2022.

https://t.co/EeQLS2Sbwfhttps://youtu.be/3fWo0E6Pa34

Zero-Day: When Windows Active Directory is newly installed and settings are not changed, any user can create 10 computer accounts.

using this command
"djoin /PROVISION /DOMAIN <fqdn> /MACHINE cKPC /SAVEFILE C:\temp\cKPC.txt /DEFPWD /PRINTBLOB /NETBIOS cKPC"

This will create the computer account named cKPC with the password cKPC.

Credits: Qusai Alhaddad

Zero-Day: iOS 15.1 jailbreak demonstration (dev - @xina520). iOS151.

https://youtu.be/f_zFmmgj860

Zero-Day: A critical security flaw has been uncovered in UNISOC's smartphone chipset that could be potentially weaponized to disrupt a smartphone's radio communications through a malformed packet.

https://research.checkpoint.com/2022/vulnerability-within-the-unisoc-baseband/

Zero-Day: New Windows Search zero-day added to Microsoft protocol nightmare.

https://www.bleepingcomputer.com/news/security/new-windows-search-zero-day-added-to-microsoft-protocol-nightmare/

Exclusive | Zero-Day: A high severity EoP bug has been identified by a fellow researcher in SolarWinds Orion platform.

● The bug is not patched and latest version of the software is vulnerable. We (ckure) have confirmed the bug with the researcher and will disclose once researcher and SolarWinds release a stable patch or a workaround.

Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild.

The issue, tracked as CVE-2022-22620 (CVSS score: 8.8), concerns a case of a use-after-free vulnerability in the WebKit component that could be exploited by a piece of specially crafted web content to gain arbitrary code execution.

https://googleprojectzero.blogspot.com/2022/06/an-autopsy-on-zombie-in-wild-0-day.html

Spyware: The curious tale of a fake Carrier.app targeting users from Italy 🇮🇹 and Kazakhstan 🇰🇿

https://googleprojectzero.blogspot.com/2022/06/curious-case-carrier-app.html

‘Syslogk’; a Linux kernel rootkit found under development in the wild.

https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/

(Based on --> adore-ng): Linux rootkit adapted for 2.6 and 3.x: https://github.com/yaoyumeng/adore-ng

LockBit ransomeware group sets up its bug-bounty program.

Privilege-Escalation: This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.

https://github.com/Ignitetechnologies/Privilege-Escalation