PureVPN IPv6 leak #PureVPN #IPv6Leak #LinuxClients #FirewallBug #VPNSecurity https://anagogistis.com/posts/purevpn-ipv6-leak/
Anagogistis
PureVPN IPv6 leak
I discovered two issues while using PureVPN’s Linux clients (GUI v2.10.0, CLI v2.0.1) on Ubuntu 24.04.3 LTS (kernel 6.8.0, iptables-nft)1. One affects IPv6 traffic, the other the system firewall.
1. IPv6 leak after reconnect After a network transition (e.g.…
1. IPv6 leak after reconnect After a network transition (e.g.…
Linux Kernel Runtime Guard (LKRG) 1.0 #LKRG #LinuxKernel #KernelSecurity #ExploitDetection #RuntimeIntegrity https://www.openwall.com/presentations/NullconBerlin2025-LKRG/
How An Authorization Flaw Reveals A Common Security Blind Spot: CVE-2025-59305 Case Study #AuthorizationFlaw #CVE202559305 #DataCorruption #DepthFirstSecurity #SecurityBlindSpot https://depthfirst.com/post/how-an-authorization-flaw-reveals-a-common-security-blind-spot-cve-2025-59305-case-study
Depthfirst
depthfirst | How An Authorization Flaw Reveals A Common Security Blind Spot: CVE-2025-59305 Case Study
We recently discovered a textbook example of this in Langfuse, a leading open-source LLM engineering platform with 16k stars on Github. A subtle flaw in its background job controls allowed any authenticated user to access highly sensitive administrative functions…
Remote Code Execution and Authentication Bypass in Materialise OrthoView (CVE-2025-23049) #OrthoView #RCE #AuthBypass #DICOMsecurity #CommandInjection https://outurnate.com/remote-code-execution-and-authentication-bypass-in-materialise-orthoview-cve-2025-23049
Outurnate
Remote Code Execution and Authentication Bypass in Materialise OrthoView (CVE-2025-23049)
Personal projects, research, and other things I find worth sharing
Hacking Furbo - A Hardware Research Project – Part 2: Mobile and P2P Exploits #FurboHacking #MobileAppSecurity #P2PExploits #SSRF #Frida https://www.softwaresecured.com/post/hacking-furbo-a-hardware-research-project-part-2-mobile-and-p2p-exploits
Softwaresecured
Hacking Furbo 2: Mobile App and P2P Exploits
We reverse the Android app, hook TUTK Kalay P2P with Frida, capture commands, find token remnants in memory, trigger SSRF to custom.wav, and show a treat-toss DoS.
IPv4/IPv6 Packet Fragmentation: Implementation Details #PacketFragmentation #IPv4IPv6 #PacketSmith #Networking #ProtocolImplementation https://packetsmith.ca/ipv4-ipv6-packet-fragmentation/
PacketSmith
IPv4/IPv6 Packet Fragmentation: Implementation Details - PacketSmith
IPv4/IPv6 Packet Fragmentation: Implementation Details Introduction In release v2.0, we’ve shipped PacketSmith with support for IPv4/IPv6 fragmentation detection and reassembly. Additionally, we’ve detailed some of the implementation details in the public…
CVE-2025-59489: Arbitrary Code Execution in Unity Runtime #UnityVulnerability #ArbitraryCodeExecution #CVE202559489 #GameSecurity #PatchNow https://flatt.tech/research/posts/arbitrary-code-execution-in-unity-runtime/
GMO Flatt Security Research
CVE-2025-59489: Arbitrary Code Execution in Unity Runtime
Introduction
Hello, I’m RyotaK
(@ryotkak
), a security engineer at GMO Flatt Security Inc.
In May 2025, I participated in the Meta Bug Bounty Researcher Conference 2025.
During this event, I discovered a vulnerability (CVE-2025-59489) in the Unity Runtime…
Hello, I’m RyotaK
(@ryotkak
), a security engineer at GMO Flatt Security Inc.
In May 2025, I participated in the Meta Bug Bounty Researcher Conference 2025.
During this event, I discovered a vulnerability (CVE-2025-59489) in the Unity Runtime…
It's Never Simple Until It Is (Dell UnityVSA Pre-Auth Command Injection CVE-2025-36604) #DellUnityVSA #CommandInjection #CVE202536604 #PreAuth #watchTowr https://labs.watchtowr.com/its-never-simple-until-it-is-dell-unityvsa-pre-auth-command-injection-cve-2025-36604/
watchTowr Labs
It's Never Simple Until It Is (Dell UnityVSA Pre-Auth Command Injection CVE-2025-36604)
Welcome back, and what a week! We’re glad that happened for you and/or sorry that happened to you. It will get better and/or worse, and you will likely survive.
Today, we’re walking down the garden path and digging into the archives, publishing our analysis…
Today, we’re walking down the garden path and digging into the archives, publishing our analysis…
Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control https://medium.com/@dhiraj_mishra/ghost-in-the-cloud-weaponizing-aws-x-ray-for-command-control-7539d60f1d77
Medium
Ghost in the Cloud: Weaponizing AWS X-Ray for Command & Control
Summary & Background
LLM Code Review vs Deterministic SAST Security Tools #LLMCodeReview #SASTvsAI #IntentBasedSecurity #SecurityAutomation #FraimAI https://blog.fraim.dev/ai_eval_vs_rules/
blog.fraim.dev
LLM Code Review vs Deterministic SAST Security Tools
How do the latest models stack up against traditional code scanners?
Taking remote control over industrial generators #APISecurity #IndustrialGenerators #RemoteControl #Vulnerability #BrokenAuthorization https://eaton-works.com/2025/10/06/industrial-generator-hack/
Eaton-Works
Taking remote control over industrial generators
Industrial generator smart platform had insecure APIs that could enable remote control by anyone.
Bash a newline: Exploiting SSH via ProxyCommand, again (CVE-2025-61984) #SSH #RCE #ProxyCommand #ShellExploit #GitSubmodules https://dgl.cx/2025/10/bash-a-newline-ssh-proxycommand-cve-2025-61984
Why I Fired My AI Security Assistant (Sort Of) #AISecurity #LLMStrategy #CriticalThinking #CodeReview #HumanInLoop https://maxwelldulin.com/BlogPost/Why-I-Fired-My-AI-Security-Assistant
Strikeout Security Blog
Why I Fired My AI Security Assistant (Sort Of)
LLMs can speed up security tasks like code comprehension and proof of concept creation. But, over-reliance risks missing subtle vulnerabilities and weakening core skills. How do we use LLMs optimally?
How we build complex software with type theory, strong specifications, and a little bit of LLM magic #LLMAssistedDev #SpecDriven #TypeTheory #StructuredCoding #SoftwareArchitecture https://www.atelierlogos.studio/blog/2025-12-18-how-we-build-complex-apps
Atelier Logos
How we build complex software with type theory, strong specifications, and a little bit of LLM magic
MEDICAL DEVICE Security Analysis #MedicalDeviceSecurity #VulnerabilityResearch #FaultInjection #HardwareHacking #ResponsibleDisclosure https://cc-sw.com/medical-device-security-analysis/
IDA tips for reversing U-Boot #IDAPro #Uboot #ReverseEngineering #Firmware #CodeDiscovery https://www.errno.fr/IDA_tips_for_reversing_uboot.html
Living off Node.js Addons #NodejsAddons #ElectronSecurity #PostExploitation #RedTeaming #CodeExecution https://www.adversis.io/blogs/living-off-node-js-addons
www.adversis.io
Living off Node.js Addons
Swap out compiled Node.js addons with your own code and force a legitimate Electron application load your code
More Than DoS (Progress Telerik UI for ASP.NET AJAX Unsafe Reflection CVE-2025-3600) #CVE20253600 #TelerikUI #UnsafeReflection #RCE #ASPNetSecurity https://labs.watchtowr.com/more-than-dos-progress-telerik-ui-for-asp-net-ajax-unsafe-reflection-cve-2025-3600/
watchTowr Labs
More Than DoS (Progress Telerik UI for ASP.NET AJAX Unsafe Reflection CVE-2025-3600)
Welcome back. We’re excited to yet again publish memes under the guise of research and inevitably receive hate mail. But today, we’ll be doing something slightly different to normal.
“Wow, watchTowr, will you actually be publishing useful information instead…
“Wow, watchTowr, will you actually be publishing useful information instead…
A Story About Bypassing Air Canada's In-flight Network Restrictions #AirCanadaWifi #WifiBypass #DNSExploit #Port53 #NetworkHacking https://ramsayleung.github.io/en/post/2025/a_story_about_bypassing_air_canadas_in-flight_network_restrictions/
In Pursuit of Simplicity
A Story About Bypassing Air Canada's In-flight Network Restrictions
1 Prologue
A while ago, I took a flight from Canada back to Hong Kong - about 12 hours in total with Air Canada.
Interestingly, the plane actually had WiFi:
However, the WiFi had restrictions. For Aeroplan…
A while ago, I took a flight from Canada back to Hong Kong - about 12 hours in total with Air Canada.
Interestingly, the plane actually had WiFi:
However, the WiFi had restrictions. For Aeroplan…
IAmAntimalware: Inject Malicious Code Into Antivirus #AntivirusEvasion #CodeInjection #ProtectedProcessBypass #CryptoAPIHijack #IAmAntimalware https://www.zerosalarium.com/2025/10/IAmAntimalware-Inject-Code-Into-Antivirus.html
Zerosalarium
IAmAntimalware: Inject Malicious Code Into Antivirus
IAmAntimalware employs new red team techniques by cloning services of Antivirus. Allow inject code into processes whitelisted, protected by Antivirus
🤔2