Lite XL — Arbitrary Code & Remote Code Execution (CVE-2025-12120 & CVE-2025-12121) #LiteXL #RCE #ArbitraryCode #CVEs #Security https://bend0us.github.io/vulnerabilities/lite-xl-rce/
BEND0US Offensive Security Notes
Lite XL — Arbitrary Code & Remote Code Execution (CVE-2025-12120 & CVE-2025-12121)
Lite XL versions 2.1.8 and earlier contain vulnerabilities that allow arbitrary code execution and can lead to Remote Code Execution.
Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757) https://slcyber.io/research-center/breaking-oracles-identity-manager-pre-auth-rce/
Searchlight Cyber
Uncovering Oracle Identity Manager: Pre-Auth RCE (CVE-2025-61757)
Intro Earlier this year, in January, Oracle Cloud's login service (login.us2.oraclecloud.com) was breached—this led to the compromise of 6M records and over 140k Oracle Cloud tenants. Analysis showed that the threat actor had exploited an older CVE (CVE-2021…
When Updates Backfire: RCE in Windows Update Health Tools #RCE #WindowsUpdate #AzureVulnerability #MicrosoftSecurity #AbandonedBlobs https://research.eye.security/rce-windows-update-health-tools/
Eye Research
When Updates Backfire: RCE in Windows Update Health Tools
We discovered a remote code execution vulnerability in Microsoft's Update Health Tools (KB4023057) through an abandoned Azure Blob. Here’s how we found it, how it worked, and what it means for your Windows environment.
Sliver C2 Insecure Default Network Policy (CVE-2025-27093) #SliverC2 #Wireguard #CVE202527093 #NetworkPolicy #CommandAndControl https://hngnh.com/posts/Sliver-CVE-2025-27093/
Hoang Nguyen
Sliver C2 Insecure Default Network Policy (CVE-2025-27093)
Summary Sliver is a powerful command and control (C2) framework designed to provide advanced capabilities for covertly managing and controlling remote systems.
A Reverse Engineer’s Anatomy of the macOS Boot Chain & Security Architecture #macOSSecurity #AppleSilicon #SecureBoot #ReverseEngineering #HardwareTrust https://stack.int.mov/a-reverse-engineers-anatomy-of-the-macos-boot-chain-security-architecture/
/dev/stack
A Reverse Engineer’s Anatomy of the macOS Boot Chain & Security Architecture
1.0 The Silicon Root of Trust: Pre-Boot & Hardware Primitives
The security of the macOS platform on Apple Silicon is not defined by the kernel; it is defined by the physics of the die. Before the first instruction of kernelcache is fetched, a complex, cryptographic…
The security of the macOS platform on Apple Silicon is not defined by the kernel; it is defined by the physics of the die. Before the first instruction of kernelcache is fetched, a complex, cryptographic…
Live Updates: Sha1-Hulud, The Second Coming - Hundreds of NPM Packages Compromised #NPMsupplychain #Sha1Hulud #MalwareAttack #CredentialTheft #DataDestruction https://www.koi.ai/incident/live-updates-sha1-hulud-the-second-coming-hundred-npm-packages-compromised
www.koi.ai
Live Updates: Sha1-Hulud, The Second Coming - Hundreds of NPM Packages Compromised
A new wave of the Shai-Hulud malware is compromising hundreds of npm packages and destroying user home directories. Get live updates and mitigation steps.
TOTAL RECALL 2024 - Memory Forensics Self-Paced Learning/Challenge/CTF #MemoryForensics #CTF #IncidentResponse #DigitalForensics #Cybersecurity https://www.securitynik.com/2024/03/total-recall-2024-memory-forensics-self.html
Securitynik
**TOTAL RECALL 2024** - Memory Forensics Self-Paced Learning/Challenge/CTF
Similar to " Solving the CTF challenge - Network Forensics (packet and log analysis), USB Disk Forensics, Database Forensics, Stego " this c...
Split-Second Side Doors: How Bot-Delegated TOCTOU Breaks The CI/CD Threat Model #TOCTOU #Bots #CICD #SideDoors #RaceConditions https://boostsecurity.io/blog/split-second-side-doors-how-bot-delegated-toctou-breaks-the-cicd-threat-model
Write Path Traversal to a RCE Art Department #PathTraversal #RCE #RubyOnRails #WildcardRouting #TemplateInjection https://lab.ctbb.show/research/write-path-traversal-to-RCE-art-department
Critical Thinking - Bug Bounty Podcast
Write Path Traversal to a RCE Art Department
Abusing Write Path Traversal for Living Off the Land Remote Code Execution
TROOPERS25: Revisiting Cross Session Activation attacks https://youtu.be/7bPzqEiO6Tk
YouTube
TROOPERS25: Revisiting Cross Session Activation attacks
More impressions:
/ wearetroopers
/ ernw_itsec
https://infosec.exchange/@WEareTROOPERS
https://infosec.exchange/@ERNW https://ernw.de
#TROOPERS #ITsecurity #ERNW
/ wearetroopers
/ ernw_itsec
https://infosec.exchange/@WEareTROOPERS
https://infosec.exchange/@ERNW https://ernw.de
#TROOPERS #ITsecurity #ERNW
The Anatomy of a Bulletproof Hoster: A Data-Driven Reconstruction of Media Land #BulletproofHosting #MediaLandLeak #Ransomware #ThreatIntelligence #Cybercrime https://disclosing.observer/2025/11/24/bulletproof-hoster-anatomy-data-driven-reconstruction.html
Disclosing.Observer
The Anatomy of a Bulletproof Hoster: A Data-Driven Reconstruction of Media Land
A data-driven reconstruction of the bulletproof hosting provider Media Land, using leaked internal records to analyze customer structure, address space alloc...
GeoServer WMS GetMap XML External Entity Injection Vulnerability (CVE-2025-58360) #GeoServer #WMS #XEE #Injection #Vulnerability https://helixguard.ai/blog/CVE-2025-58360/
helixguard.ai
GeoServer WMS GetMap XML External Entity Injection Vulnerability(CVE-2025-58360)
GeoServer is an open-source geospatial server used to publish and share spatial data and map services through standardized OGC interfaces. In affected versions, the WMS GetMap endpoint fails to disable external entity expansion when parsing SLD/XML documents.
Malware Busters! CTF challenge #CloudSecurity #MalwareAnalysis #CTF #ReverseEngineering #CyberChallenge https://cloudsecuritychampionship.com/challenge/6
Cloudsecuritychampionship
The Ultimate Cloud Security Championship | 12 Months × 12 Challenges
Join our monthly cloud security CTF challenge, built by top Wiz researchers. Solve real-world scenarios and rise to the top of the leaderboard.
Securing AMR Fleets with MCP: A CAI-Powered Multi-Source Analysi #AMRFleetSecurity #CybersecurityAI #VulnerabilityAssessment #SystemicSecurity #ContractRenewal https://casestudies.aliasrobotics.com/sublight-shipping-mcp/
Alias Robotics | Robot cybersecurity Case Studies
MCP-Powered AMR Fleet Security | CAI Case Study
CAI using MCP, Model Context Protocol, to secure Sublight Shipping's autonomous robot fleet. Learn how CAI integrated seven data sources to uncover systemic vulnerabilities and secure a $50M contract renewal.
From Zero to SYSTEM: Building PrintSpoofer from Scratch #PrintSpoofer #PrivilegeEscalation #WindowsInternals #MalwareDevelopment #EvasionTechniques https://bl4ckarch.github.io/posts/PrintSpoofer_from_scratch/
bl4ckarch
From Zero to SYSTEM: Building PrintSpoofer from Scratch
A complete journey from understanding Named Pipes to building an undetectable PrintSpoofer learning Windows internals, token impersonation, RPC, and evasion techniques along the way.
Attackers are hiding payloads in user-space memory. Enter HeapList: our new open-source Volatility 3 plugin for Windows NT Heap analysis! Attending #DFRWSEU2026 @DFRWS? Come say hi and let's talk memory forensics! 👋
Read the quick 3-min briefing: https://reversea.me/index.php/uncovering-threats-in-the-wwindow-nt-heap-with-volatility-3/
Read the quick 3-min briefing: https://reversea.me/index.php/uncovering-threats-in-the-wwindow-nt-heap-with-volatility-3/
Defending Against L7 DDoS and Web Bots with Tempesta FW #L7DDoS #WebBots #TempestaFW #ClientFingerprinting #FastAnalytics https://tempesta-tech.com/blog/defending-against-l7-ddos-and-web-bots-with-tempesta-fw/
Tempesta Technologies
Defending Against L7 DDoS and Web Bots with Tempesta FW - Tempesta Technologies
Tempesta FW 0.8 introduces a zero-copy per-CPU access logs streaming to a ClickHouse database. This article discusses how to analyse that data for L7 DDoS mitigation and bot management. Finally, we introduce our new open-source project, WebShield, which automatically…
68% Of Phishing Websites Are Protected by CloudFlare #CloudflareAbuse #PhaaS #ModernPhishing #TrustAbuse #CyberDefense https://blog.sicuranext.com/68-of-phishing-websites-are-protected-by-cloudflare/
Sicuranext Blog
68% Of Phishing Websites Are Protected by CloudFlare
Earlier this year, our CTI team set out to build something we'd been thinking about for a while: a phishing intelligence pipeline that could actually keep up with the threat. We combined feeds from hundreds of independent sources with our own real-time hunt…
High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478) https://slcyber.io/research-center/high-fidelity-detection-mechanism-for-rsc-next-js-rce-cve-2025-55182-cve-2025-66478/
Searchlight Cyber
High-Fidelity RSC/Next.js RCE Detection (CVE-2025-55182, 66478)
This morning, an advisory was released for Next.js about a vulnerability that leads to RCE in default configurations, with no prerequisites. The root cause of this issue lies in React Server Components, which Next.js utilizes. Over the last day, we have noticed…
CVE PoC Search: Search across CVE identifiers proof-of-concept links #CVESearch #PoCLinks #Vulnerability #SecurityTool #APIAccess https://labs.jamessawyer.co.uk/cves/
JS Labs
CVE PoC Search
CVE PoC Search from James Sawyer's JS Labs indexes GitHub proof-of-concept links for rapid vulnerability exploration.