Finding Critical Bugs in Adobe Experience Manager https://slcyber.io/research-center/finding-critical-bugs-in-adobe-experience-manager/
Searchlight Cyber
Finding Critical Bugs in Adobe Experience Manager › Searchlight Cyber
Adobe Experience Manager is one of the most popular CMSes around. Given its widespread use throughout the enterprise, you likely interact with AEM-based sites almost every day. From a security perspective, AEM presents an interesting target. AEM's popularity…
BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices #UEFIVulnerability #SecureBootBypass #SignedBackdoor #FrameworkDevices #FirmwareSecurity https://eclypsium.com/blog/bombshell-the-signed-backdoor-hiding-in-plain-sight-on-framework-devices/
Eclypsium | Supply Chain Security for the Modern Enterprise
BombShell: The Signed Backdoor Hiding in Plain Sight on Framework Devices
Eclypsium researchers have discovered UEFI shells, authorized via Secure Boot, on Framework laptops. The UEFI shells contain capabilities that allow attackers to bypass Secure Boot on roughly 200,000 affected Framework laptops and desktops.
CVE-2025-9133: Configuration Exposure via Authorization Bypass #CVE20259133 #ZyxelVulnerability #AuthBypass #ConfigExposure #CommandInjection https://rainpwn.blog/blog/cve-2025-9133/
Rainpwn
CVE-2025-9133: Configuration Exposure via Authorization Bypass
A vulnerability in the zysh-cgi component of the USG/ATP Series allows a low-privileged, semi-authenticated attacker to access the device’s configuration, bypassing authorization controls. This issue arises due to missing authorization checks and an incomplete…
The MCP Security Tool You Probably Need - MCP Snitch #MCPSecurity #AISecurity #ProxySecurity #Authentication #DataProtection https://www.adversis.io/blogs/the-mcp-security-tool-you-probably-need---mcp-snitch
www.adversis.io
The MCP Security Tool You Probably Need - MCP Snitch
The Model Context Protocol (MCP) has rapidly emerged as the standard for connecting AI agents to external tools and services.
Singularity: Deep Dive into a Modern Stealth Linux Kernel Rootkit #Singularity #LinuxKernel #Rootkit #FtraceHooking #StealthEvasion https://blog.kyntra.io/Singularity-A-final-boss-linux-kernel-rootkit
blog.kyntra.io
Singularity: Deep Dive into a Modern Stealth Linux Kernel Rootkit – Kyntra Blog
Deep dive into a modern stealth Linux kernel rootkit with advanced evasion and persistence techniques
How I Reversed Amazon's Kindle Web Obfuscation Because Their App Sucked #KindleDRM #ReverseEngineering #Obfuscation #EbookOwnership #GlyphDecoding https://blog.pixelmelt.dev/kindle-web-drm/
Cats with power tools
How I Reversed Amazon's Kindle Web Obfuscation Because Their App Sucked
As it turns out they don't actually want you to do this (and have some interesting ways to stop you)
Ameeba Exploit Tracker #CVE20258941 #PrivilegeEscalation #LinuxPAM #RootAccess #SymlinkAttack https://www.ameeba.com/blog/cve-2025-8941-critical-privilege-escalation-vulnerability-in-linux-pam/
Ameeba Exploit Tracker - Tracking CVEs, exploits, and zero-days for defensive cybersecurity research.
CVE-2025-8941: Critical Privilege Escalation Vulnerability in Linux-PAM - Ameeba Exploit Tracker
Overview The Common Vulnerabilities and Exposures system recently identified an alarming flaw with the ID CVE-2025-8941, affecting the Pluggable Authentication Modules (PAM) in Linux operating systems. This vulnerability has significant implications, particularly…
DefenderWrite: Abusing Whitelisted Programs for Arbitrary Writes #AntivirusBypass #WhitelistedPrograms #ArbitraryWrite #DefenderWrite #PayloadDrop https://www.zerosalarium.com/2025/10/defenderwrite-abusing-whitelisted-programs-arbitrary-write.html
Zerosalarium
DefenderWrite: Abusing Whitelisted Programs for Arbitrary Writes
DefenderWrite tool that helps find programs whitelisted by Antivirus and exploits these programs to write arbitrary files into the Antivirus's folder
Exploring GrapheneOS secure allocator: Hardened Malloc #GrapheneOS #HardenedMalloc #MemorySecurity #SecureAllocation #ExploitMitigation https://www.synacktiv.com/en/publications/exploring-grapheneos-secure-allocator-hardened-malloc
Synacktiv
Exploring GrapheneOS secure allocator: Hardened Malloc
How a fake AI recruiter delivers five staged malware disguised as a dream job https://medium.com/deriv-tech/how-a-fake-ai-recruiter-delivers-five-staged-malware-disguised-as-a-dream-job-64cc68fec263
Medium
How a fake AI recruiter delivers five staged malware disguised as a dream job
Overview
Tunneling WireGuard over HTTPS using Wstunnel #WireGuard #Wstunnel #FirewallBypass #VPN #WebSocketTunnel https://kroon.email/site/en/posts/wireguard-wstunnel/
Guido Kroon
Tunneling WireGuard over HTTPS using Wstunnel
Some time ago I documented how I configured WireGuard on my OpenWrt router at home, to connect securely to my home network (and the Internet, really) from wherever I am.
I feel safer connecting to public Wi-Fi this way, also abroad when it allows me to save…
I feel safer connecting to public Wi-Fi this way, also abroad when it allows me to save…
Critical Account Takeover via Unauthenticated API Key Creation in better-auth (CVE-2025-61928) #AccountTakeover #BetterAuth #CVE202561928 #APIKeySecurity #ZeroPath https://zeropath.com/blog/breaking-authentication-unauthenticated-api-key-creation-in-better-auth-cve-2025-61928
Zeropath
Critical Account Takeover via Unauthenticated API Key Creation in better-auth (CVE-2025-61928) - ZeroPath Blog
ZeroPath uncovered an unauthenticated API key creation flaw in better-auth's API keys plugin that enables attackers to mint privileged credentials for arbitrary users; this post details the bypass, exploitation path, and how we found it.
CVE-2025-8078: Remote Code Execution via CLI Command Injection #CVE20258078 #RemoteCodeExecution #CommandInjection #ZYXEL #Exploit https://rainpwn.blog/blog/cve-2025-8078/
Rainpwn
CVE-2025-8078: Remote Code Execution via CLI Command Injection
An undocumented parameter of the "web-auth" command could allow an authenticated attacker to execute commands remotely due to improper input sanitization, potentially resulting in full device compromise.
Stealth BGP Hijacks with uRPF Filtering https://www.usenix.org/system/files/woot25-schulmann.pdf
Casting a Net(ty) for Bugs, and Catching a Big One (CVE-2025-59419) #Netty #CVE202559419 #SMTPInjection #AISecurity #ZeroDay https://depthfirst.com/post/casting-a-net-ty-for-bugs-and-catching-a-big-one-cve-2025-59419
Depthfirst
depthfirst | Casting a Net(ty) for Bugs, and Catching a Big One (CVE-2025-59419)
Our agents discovered the vulnerability, provided a risk assessment, and generated a patch autonomously. I shared the results with the Netty maintainers who assigned CVE-2025-59419 and merged our fix.
Why nested deserialization is STILL harmful – Magento RCE (CVE-2025-54236) https://slcyber.io/research-center/why-nested-deserialization-is-still-harmful-magento-rce-cve-2025-54236/
Searchlight Cyber
Why nested deserialization is harmful: Magento RCE (CVE-2025-54236)
Magento is still one of the most popular e-commerce solutions in use on the internet, estimated to be running on more than 130,000 websites. It is also offered as an enterprise offering by Adobe under the name Adobe Commerce, which receives automatic patching.…
Unlocking free WiFi on British Airways #BAFreeWiFi #SNIBypass #ProxyTunnel #InFlightInternet #NetworkPrivacy https://saxrag.com/tech/reversing/2025/06/01/BAWiFi.html
saxrag
Unlocking free WiFi on British Airways
I was recently flying between HKG & LHR via British Airways. I’d done the same flight back in 2023, and remember relying on the in-flight entertainment for the 14 hour journey. However, this time on my way to London, they had an interesting offer: Free WiFi…
The security paradox of local LLMs #LLMSecurityParadox #PromptInjection #LocalLLMVulnerabilities #CodeGenerationThreats #AISoftwareSupplyChain https://quesma.com/blog/local-llms-security-paradox/
Quesma
The security paradox of local LLMs - Quesma Blog
Local LLMs prioritize privacy over security. Our research reveals a 95% backdoor injection success rate.