High Fidelity Detection Mechanism for RSC/Next.js RCE (CVE-2025-55182 & CVE-2025-66478) https://slcyber.io/research-center/high-fidelity-detection-mechanism-for-rsc-next-js-rce-cve-2025-55182-cve-2025-66478/
Searchlight Cyber
High-Fidelity RSC/Next.js RCE Detection (CVE-2025-55182, 66478)
This morning, an advisory was released for Next.js about a vulnerability that leads to RCE in default configurations, with no prerequisites. The root cause of this issue lies in React Server Components, which Next.js utilizes. Over the last day, we have noticed…
CVE PoC Search: Search across CVE identifiers proof-of-concept links #CVESearch #PoCLinks #Vulnerability #SecurityTool #APIAccess https://labs.jamessawyer.co.uk/cves/
JS Labs
CVE PoC Search
CVE PoC Search from James Sawyer's JS Labs indexes GitHub proof-of-concept links for rapid vulnerability exploration.
PromptPwnd: Prompt Injection Vulnerabilities in GitHub Actions Using AI Agents #PromptInjection #GitHubActions #AICICD #SupplyChainAttack #SecretsLeak https://www.aikido.dev/blog/promptpwnd-github-actions-ai-agents
www.aikido.dev
Prompt Injection Inside GitHub Actions: The New Frontier of Supply Chain Attacks
AI-driven GitHub Actions expose new prompt-injection supply chain vulnerabilities.
Scam Telegram: Uncovering a network of groups spreading crypto drainers #TelegramScams #CryptoDrainers #DeFiPhishing #ScamNetwork #Web3Security https://timsh.org/scam-telegram-investigation/
tim.sh
Scam Telegram: Investigation
How I found a large network of fake support groups spreading crypto stealers and drainers.
Privilege escalation with SageMaker and there's more hiding in execution roles #PrivilegeEscalation #SageMaker #ExecutionRoles #CloudSecurity #BootCodeInjection https://www.plerion.com/blog/privilege-escalation-with-sagemaker-and-execution-roles
Plerion
Privilege escalation with SageMaker and there's more hiding in execution roles
A subtle AWS privesc hiding in SageMaker lifecycle configs, and what it reveals about execution roles.
SSRF Payload Generator #SSRF #PayloadGenerator #Pentesting #VulnerabilityTesting #SecurityTools https://shelltrail.com/tools/ssrf-payload-generator
Shelltrail
SSRF Payload Generator | Shelltrail - Swedish Experts in Pentesting
Generate HTML/SVG payloads for testing Server-Side Request Forgery vulnerabilities.
Stillepost - Or: How to Proxy your C2s HTTP-Traffic through Chromium #Stillepost #C2Proxy #ChromeDevTools #BrowserEvasion #HTTPTraffic https://x90x90.dev/posts/stillepost/
mischief
Stillepost - Or: How to Proxy your C2s HTTP-Traffic through Chromium
Utilizing the Chrome DevTools Protocol to delegate C2 HTTP-traffic.
Careless Whisper: Exploiting Silent Delivery Receipts to Monitor Users on Mobile Instant Messengers #SilentReceipts #UserMonitoring #PrivacyRisk #MessagingApps #SecurityExploit https://arxiv.org/abs/2411.11194
arXiv.org
Careless Whisper: Exploiting Silent Delivery Receipts to Monitor...
With over 3 billion users globally, mobile instant messaging apps have become indispensable for both personal and professional communication. Besides plain messaging, many services implement...
Compromising Developers with Malicious Extensions - VS Code, Cursor AI, and the Backdoor You Didn't See Coming #MaliciousExtensions #VSCodeSecurity #SupplyChainAttack #DeveloperCompromise #MarketplaceFlaws https://mazinahmed.net/blog/publishing-malicious-vscode-extensions/
Mazin Ahmed
Compromising Developers with Malicious Extensions - VS Code, Cursor AI, and the Backdoor You Didn't See Coming
Compromising Developers with Malicious Extensions - VS Code, Cursor AI, and the Backdoor You Didn't See Coming.
Declarative Binary Parsing for Security Research with Kaitai Struct #KaitaiStruct #BinaryParsing #SecurityResearch #FileFormatAnalysis #DeclarativeParsing https://husseinmuhaisen.com/blog/declarative-binary-parsing-for-security-research-with-kaitai-struct/
Husseinmuhaisen
Declarative Binary Parsing for Security Research with Kaitai Struct
Reverse engineering a dummy KAISTDE format and generating parsers with Kaitai Struct.
Infostealer has entered the chat #AMOSStealer #ChatGPTExploited #macOSThreat #Infostealer #SocialEngineering https://www.kaspersky.com/blog/share-chatgpt-chat-clickfix-macos-amos-infostealer/54928/
Kaspersky official blog
The AMOS infostealer is piggybacking ChatGPT's chat-sharing feature
We break down a new infostealer attack that combines the ClickFix technique with a shared chat containing malicious user guides on the official ChatGPT website.
How widespread is the impact of Critical Security Vulnerability in React Server Components(CVE-2025-55182) #ReactSecurity #CVE202555182 #ServerComponents #VulnerabilityImpact #HelixGuard https://helixguard.ai/blog/CVE-2025-55182/
helixguard.ai
How widespread is the impact of Critical Security Vulnerability in React Server Components(CVE-2025-55182)
React Server Components (RSC) are a new feature in React that allows developers to render React components on the server. However, a critical security vulnerability in RSC could allow an attacker to inject arbitrary commands into the server's command execution…
The FreePBX Rabbit Hole: CVE-2025-66039 and others #FreePBX #Vulnerabilities #CVE202566039 #RCE #SQLInjection https://horizon3.ai/attack-research/the-freepbx-rabbit-hole-cve-2025-66039-and-others/
Horizon3.ai
The FreePBX Rabbit Hole: CVE-2025-66039 & More
Horizon3.ai uncovers FreePBX flaws, including CVE-2025-66039 auth bypass, SQL injection, and file upload RCE—and shows how NodeZero detects them.
The Fragile Lock: Novel Bypasses For SAML Authentication #SAML #AuthBypass #XMLSecurity #ParserFlaws #SignatureWrapping https://portswigger.net/research/the-fragile-lock
PortSwigger Research
The Fragile Lock: Novel Bypasses For SAML Authentication
TLDR This post shows how to achieve a full authentication bypass in the Ruby and PHP SAML ecosystem by exploiting several parser-level inconsistencies: including attribute pollution, namespace confusi
HelioSphere: Concept and Project Presentation https://nextcloud.calzone-rivoluzione.de/s/pLoNrkgrerbSzfx
Nextcloud
concept.pdf
Nextcloud - a safe home for all your data
👍1
CVE-2025-64669: Uncovering Local Privilege Escalation Vulnerability in Windows Admin Center #CVE202564669 #WindowsAdminCenter #PrivilegeEscalation #CymulateResearch #Vulnerability https://cymulate.com/blog/cve-2025-64669-windows-admin-center/
Cymulate
CVE-2025-64669: Uncovering Local Privilege Escalation Vulnerability in Windows Admin Center
Cymulate Research Labs discovered CVE-2025-64669, a local privilege escalation flaw in Windows Admin Center enabling SYSTEM-level compromise.
Makop ransomware: GuLoader and privilege escalation in attacks against Indian businesses #MakopRansomware #RDPAccess #PrivilegeEscalation #GuLoader #IndianCyberattacks https://www.acronis.com/en/tru/posts/makop-ransomware-guloader-and-privilege-escalation-in-attacks-against-indian-businesses/
Acronis
Makop ransomware: GuLoader and privilege escalation in attacks against Indian businesses
Makop, a ransomware strain derived from Phobos, continues to exploit exposed RDP systems while adding new components such as local privilege escalation exploits and loader malware to its traditional toolkit.
😱1
Fight bad bot with Sec Fetch and Client Hints inconsistencies in headless browsers #BotDetection #HeadlessBrowsers #ClientHints #SecFetchHeaders #BrowserInconsistencies https://blog.sicuranext.com/sec-fetch-and-client-hints-a-powerful-tool-against-automation/
Sicuranext Blog
Fight bad bot with Sec Fetch and Client Hints inconsistencies in headless browsers
For many of our e-commerce customers the problem of bad bots it's a everyday problem and has evolved a lot in the last few years. A common approach is to "block" automated traffic with a JavaScript challenge, basically a small script that the browser must…
8 Million Users' AI Conversations Sold for Profit by "Privacy" Extensions #AIPrivacyBreach #BrowserExtensionScam #UrbanVPNSurveillance #DataBrokerage #GoogleEndorsementFail https://www.koi.ai/blog/urban-vpn-browser-extension-ai-conversations-data-collection
www.koi.ai
8 Million Users' AI Conversations Sold for Profit by "Privacy" Extensions
Privacy browser extensions misled users and sold 8 million AI chat logs, exposing sensitive conversations for profit without consent.