Hacking Furbo - A Hardware Hacking Research Project – Part 5: Exploiting BLE #FurboHack #BLEExploits #WiFiExposure #StreamHijack #HardwareSecurity https://www.softwaresecured.com/post/hacking-furbo-a-hardware-research-project-part-5-exploiting-ble
Softwaresecured
Hacking Furbo - A Hardware Hacking Research Project - Part 5
This post analyzes Furbo’s BLE communication, uncovering flaws that expose Wi-Fi credentials, allow device resets, and reveal hidden GATT data.
It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2 #CVE202510035 #GoAnywhereMFT #InTheWildExploitation #SecurityTransparency #BackdoorAccount https://labs.watchtowr.com/it-is-bad-exploitation-of-fortra-goanywhere-mft-cve-2025-10035-part-2/
watchTowr Labs
It Is Bad (Exploitation of Fortra GoAnywhere MFT CVE-2025-10035) - Part 2
We’re back, just over 24 hours later, to share our evolving understanding of CVE-2025-10035.
Thanks to everyone who reached out after Part 1, and especially to the individual who shared credible intel that informed this update.
In Part 1 we laid out an…
Thanks to everyone who reached out after Part 1, and especially to the individual who shared credible intel that informed this update.
In Part 1 we laid out an…
Klopatra: exposing a new Android banking trojan operation with roots in Turkey #Klopatra #AndroidTrojan #BankingMalware #TurkishThreat #AdvancedEvasion https://www.cleafy.com/cleafy-labs/klopatra-exposing-a-new-android-banking-trojan-operation-with-roots-in-turkey
Cleafy
Klopatra: exposing a new Android banking trojan operation with roots in Turkey | Cleafy LABS
In late August 2025, Cleafy's Threat Intelligence team discovered Klopatra, a new, highly sophisticated Android malware currently targeting banking users primarily in Spain and Italy. The number of compromised devices has already exceeded 1,000. Read the…
You name it, VMware elevates it (CVE-2025-41244) #CVE202541244 #VMware #PrivilegeEscalation #ZeroDay #ServiceDiscovery https://blog.nviso.eu/2025/09/29/you-name-it-vmware-elevates-it-cve-2025-41244/
NVISO Labs
You name it, VMware elevates it (CVE-2025-41244)
NVISO has identified zero-day exploitation of CVE-2025-41244, a local privilege escalation vulnerability impacting VMware's guest service discovery features.
Finding Critical Bugs in Adobe Experience Manager https://slcyber.io/research-center/finding-critical-bugs-in-adobe-experience-manager/
Searchlight Cyber
Finding Critical Bugs in Adobe Experience Manager › Searchlight Cyber
Adobe Experience Manager is one of the most popular CMSes around. Given its widespread use throughout the enterprise, you likely interact with AEM-based sites almost every day. From a security perspective, AEM presents an interesting target. AEM's popularity…
BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices #UEFIVulnerability #SecureBootBypass #SignedBackdoor #FrameworkDevices #FirmwareSecurity https://eclypsium.com/blog/bombshell-the-signed-backdoor-hiding-in-plain-sight-on-framework-devices/
Eclypsium | Supply Chain Security for the Modern Enterprise
BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices
Eclypsium researchers have discovered UEFI shells, authorized via Secure Boot, on Framework laptops. The UEFI shells contain capabilities that allow attackers to bypass Secure Boot on roughly 200,000 affected Framework laptops and desktops.
CVE-2025-9133: Configuration Exposure via Authorization Bypass #CVE20259133 #ZyxelVulnerability #AuthBypass #ConfigExposure #CommandInjection https://rainpwn.blog/blog/cve-2025-9133/
Rainpwn
CVE-2025-9133: Configuration Exposure via Authorization Bypass
A vulnerability in the zysh-cgi component of the USG/ATP Series allows a low-privileged, semi-authenticated attacker to access the device’s configuration, bypassing authorization controls. This issue arises due to missing authorization checks and an incomplete…
The MCP Security Tool You Probably Need - MCP Snitch #MCPSecurity #AISecurity #ProxySecurity #Authentication #DataProtection https://www.adversis.io/blogs/the-mcp-security-tool-you-probably-need---mcp-snitch
www.adversis.io
The MCP Security Tool You Probably Need - MCP Snitch
The Model Context Protocol (MCP) has rapidly emerged as the standard for connecting AI agents to external tools and services.
Singularity: Deep Dive into a Modern Stealth Linux Kernel Rootkit #Singularity #LinuxKernel #Rootkit #FtraceHooking #StealthEvasion https://blog.kyntra.io/Singularity-A-final-boss-linux-kernel-rootkit
blog.kyntra.io
Singularity: Deep Dive into a Modern Stealth Linux Kernel Rootkit – Kyntra Blog
Deep dive into a modern stealth Linux kernel rootkit with advanced evasion and persistence techniques
How I Reversed Amazon's Kindle Web Obfuscation Because Their App Sucked #KindleDRM #ReverseEngineering #Obfuscation #EbookOwnership #GlyphDecoding https://blog.pixelmelt.dev/kindle-web-drm/
Cats with power tools
How I Reversed Amazon's Kindle Web Obfuscation Because Their App Sucked
As it turns out they don't actually want you to do this (and have some interesting ways to stop you)
Ameeba Exploit Tracker #CVE20258941 #PrivilegeEscalation #LinuxPAM #RootAccess #SymlinkAttack https://www.ameeba.com/blog/cve-2025-8941-critical-privilege-escalation-vulnerability-in-linux-pam/
Ameeba Exploit Tracker - Tracking CVEs, exploits, and zero-days for defensive cybersecurity research.
CVE-2025-8941: Critical Privilege Escalation Vulnerability in Linux-PAM - Ameeba Exploit Tracker
Overview The Common Vulnerabilities and Exposures system recently identified an alarming flaw with the ID CVE-2025-8941, affecting the Pluggable Authentication Modules (PAM) in Linux operating systems. This vulnerability has significant implications, particularly…
DefenderWrite: Abusing Whitelisted Programs for Arbitrary Writes #AntivirusBypass #WhitelistedPrograms #ArbitraryWrite #DefenderWrite #PayloadDrop https://www.zerosalarium.com/2025/10/defenderwrite-abusing-whitelisted-programs-arbitrary-write.html
Zerosalarium
DefenderWrite: Abusing Whitelisted Programs for Arbitrary Writes
DefenderWrite tool that helps find programs whitelisted by Antivirus and exploits these programs to write arbitrary files into the Antivirus's folder
Exploring GrapheneOS secure allocator: Hardened Malloc #GrapheneOS #HardenedMalloc #MemorySecurity #SecureAllocation #ExploitMitigation https://www.synacktiv.com/en/publications/exploring-grapheneos-secure-allocator-hardened-malloc
Synacktiv
Exploring GrapheneOS secure allocator: Hardened Malloc
How a fake AI recruiter delivers five staged malware disguised as a dream job https://medium.com/deriv-tech/how-a-fake-ai-recruiter-delivers-five-staged-malware-disguised-as-a-dream-job-64cc68fec263
Medium
How a fake AI recruiter delivers five staged malware disguised as a dream job
Overview
Tunneling WireGuard over HTTPS using Wstunnel #WireGuard #Wstunnel #FirewallBypass #VPN #WebSocketTunnel https://kroon.email/site/en/posts/wireguard-wstunnel/
Guido Kroon
Tunneling WireGuard over HTTPS using Wstunnel
Some time ago I documented how I configured WireGuard on my OpenWrt router at home, to connect securely to my home network (and the Internet, really) from wherever I am.
I feel safer connecting to public Wi-Fi this way, also abroad when it allows me to save…
I feel safer connecting to public Wi-Fi this way, also abroad when it allows me to save…
Critical Account Takeover via Unauthenticated API Key Creation in better-auth (CVE-2025-61928) #AccountTakeover #BetterAuth #CVE202561928 #APIKeySecurity #ZeroPath https://zeropath.com/blog/breaking-authentication-unauthenticated-api-key-creation-in-better-auth-cve-2025-61928
Zeropath
Critical Account Takeover via Unauthenticated API Key Creation in better-auth (CVE-2025-61928) - ZeroPath Blog
ZeroPath uncovered an unauthenticated API key creation flaw in better-auth's API keys plugin that enables attackers to mint privileged credentials for arbitrary users; this post details the bypass, exploitation path, and how we found it.
CVE-2025-8078: Remote Code Execution via CLI Command Injection #CVE20258078 #RemoteCodeExecution #CommandInjection #ZYXEL #Exploit https://rainpwn.blog/blog/cve-2025-8078/
Rainpwn
CVE-2025-8078: Remote Code Execution via CLI Command Injection
An undocumented parameter of the "web-auth" command could allow an authenticated attacker to execute commands remotely due to improper input sanitization, potentially resulting in full device compromise.
Stealth BGP Hijacks with uRPF Filtering https://www.usenix.org/system/files/woot25-schulmann.pdf
Casting a Net(ty) for Bugs, and Catching a Big One (CVE-2025-59419) #Netty #CVE202559419 #SMTPInjection #AISecurity #ZeroDay https://depthfirst.com/post/casting-a-net-ty-for-bugs-and-catching-a-big-one-cve-2025-59419
Depthfirst
depthfirst | Casting a Net(ty) for Bugs, and Catching a Big One (CVE-2025-59419)
Our agents discovered the vulnerability, provided a risk assessment, and generated a patch autonomously. I shared the results with the Netty maintainers who assigned CVE-2025-59419 and merged our fix.
Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236) https://slcyber.io/research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/
Searchlight Cyber
Why nested deserialization is harmful: Magento RCE (CVE-2025-54236)
Magento is still one of the most popular e-commerce solutions in use on the internet, estimated to be running on more than 130,000 websites. It is also offered as an enterprise offering by Adobe under the name Adobe Commerce, which receives automatic patching.…