/mastodon/gutocarvalho @gutocarvalho

2 posts2 participants0 posts today

packet stormcompop.ca 3.5.3 Arbitrary Code Execution <a href="https://packetstorm.news/files/190562" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://packetstorm.news/files/190562</a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a>

packet stormMeshtastic Buffer Overflow <a href="https://packetstorm.news/files/190552" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://packetstorm.news/files/190552</a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a>

packet stormIvanti Connect Secure / Policy Secure / ZTA Gateways Remote Code Execution <a href="https://packetstorm.news/files/190444" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://packetstorm.news/files/190444</a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a>

Hacker NewsOne Bug Wasn't Enough: Escalating Twice Through SAP's Setuid Landscape<a href="https://www.anvilsecure.com/blog/one-bug-wasnt-enough-escalating-twice-through-saps-setuid-landscape.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.anvilsecure.com/blog/one-bug-wasnt-enough-escalating-twice-through-saps-setuid-landscape.html</a><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HackerNews</a> <a href="https://mastodon.social/tags/OneBugWasntEnough" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OneBugWasntEnough</a> <a href="https://mastodon.social/tags/SAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SAP</a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://mastodon.social/tags/Setuid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Setuid</a> <a href="https://mastodon.social/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a> <a href="https://mastodon.social/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://mastodon.social/tags/Exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Exploit</a> <a href="https://mastodon.social/tags/BugBounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BugBounty</a>

packet stormWordPress Simple Dashboard 2.0 Privilege Escalation <a href="https://packetstorm.news/files/190416" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://packetstorm.news/files/190416</a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a>

packet stormWBCE CMS 1.6.3 Remote Code Execution <a href="https://packetstorm.news/files/190302" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://packetstorm.news/files/190302</a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a>

packet stormWordPress Backup and Staging 1.21.16 Shell Upload <a href="https://packetstorm.news/files/190291" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://packetstorm.news/files/190291</a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a>

heise SecurityApache Tomcat: Angriffe auf kritische Sicherheitslücke laufenEine kritische Sicherheitslücke in Apache Tomcat ermöglicht das Einschleusen von Schadcode. Genau das machen Angreifer derzeit.<a href="https://www.heise.de/news/Apache-Tomcat-Angriffe-auf-kritische-Sicherheitsluecke-laufen-10338443.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/news/Apache-Tomcat-Angriffe-auf-kritische-Sicherheitsluecke-laufen-10338443.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/Exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Exploit</a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IT</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sicherheitslücken</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

Hacker NewsBlasting Past WebP - An analysis of the NSO BLASTPASS iMessage exploit<a href="https://googleprojectzero.blogspot.com/2025/03/blasting-past-webp.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://googleprojectzero.blogspot.com/2025/03/blasting-past-webp.html</a><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HackerNews</a> <a href="https://mastodon.social/tags/Blasting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Blasting</a> <a href="https://mastodon.social/tags/Past" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Past</a> <a href="https://mastodon.social/tags/WebP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebP</a> <a href="https://mastodon.social/tags/An" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#An</a> <a href="https://mastodon.social/tags/analysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#analysis</a> <a href="https://mastodon.social/tags/of" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#of</a> <a href="https://mastodon.social/tags/the" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#the</a> <a href="https://mastodon.social/tags/NSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NSO</a> <a href="https://mastodon.social/tags/BLASTPASS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BLASTPASS</a> <a href="https://mastodon.social/tags/iMessage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iMessage</a> <a href="https://mastodon.social/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a> <a href="https://mastodon.social/tags/hackernews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hackernews</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mastodon.social/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a> <a href="https://mastodon.social/tags/analysis" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#analysis</a> <a href="https://mastodon.social/tags/NSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NSO</a>

packet stormWordPress Modal 1.5.8 Code Execution / Denial Of Service <a href="https://packetstorm.news/files/190045" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://packetstorm.news/files/190045</a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a>

Hacker NewsHeap-overflowing Llama.cpp to RCE<a href="https://retr0.blog/blog/llama-rpc-rce" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://retr0.blog/blog/llama-rpc-rce</a><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HackerNews</a> <a href="https://mastodon.social/tags/HeapOverflow" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HeapOverflow</a> <a href="https://mastodon.social/tags/LlamaCpp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LlamaCpp</a> <a href="https://mastodon.social/tags/RCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RCE</a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://mastodon.social/tags/Exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Exploit</a> <a href="https://mastodon.social/tags/TechNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechNews</a>

packet stormWordPress Shortcode Addons 3.2.5 Shell Upload <a href="https://packetstorm.news/files/190019" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://packetstorm.news/files/190019</a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a>

packet stormDolphin Pro 7.4.2 SQL Injection <a href="https://packetstorm.news/files/190012" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://packetstorm.news/files/190012</a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a>

jbz💣 Microsoft isn't fixing 8-year-old zero day used for spying —The Register"We told Microsoft but they consider it a UI issue, not a security issue. So it doesn't meet their bar for servicing as a security update, but it might be fixed in a later OS version, or something along those lines." <a href="https://www.theregister.com/2025/03/18/microsoft_trend_flaw/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.theregister.com/2025/03/18/microsoft_trend_flaw/</a><a href="https://indieweb.social/tags/microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microsoft</a> <a href="https://indieweb.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://indieweb.social/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a>

PrivacyDigest<a href="https://mas.to/tags/Allstate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Allstate</a> sued for exposing personal info in <a href="https://mas.to/tags/plaintext" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#plaintext</a> • The RegisterCrooks built <a href="https://mas.to/tags/bots" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bots</a> to <a href="https://mas.to/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a> astoundingly bad quotation website and made off with data on thousands <a href="https://mas.to/tags/privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacy</a> <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a><a href="https://www.theregister.com/2025/03/10/allstate_sued_pii_exposure/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.theregister.com/2025/03/10/allstate_sued_pii_exposure/</a>

**Alexandre Borges** @alexandreborges@mastodon.social · Mar 4

Mar 4

Alexandre Borges @alexandreborges@mastodon.social

Hacking the Xbox 360 Hypervisor:

01. Hacking the Xbox 360 Hypervisor Part 1: System Overview: https://icode4.coffee/?p=1047

02. Hacking the Xbox 360 Hypervisor Part 2: The Bad Update Exploit: https://icode4.coffee/?p=1081

#hacking #exploit #exploitation

**Alexandre Borges** @alexandreborges@infosec.exchange · Mar 4

Mar 4

Alexandre Borges @alexandreborges@infosec.exchange

Hacking the Xbox 360 Hypervisor:

01. Hacking the Xbox 360 Hypervisor Part 1: System Overview: https://icode4.coffee/?p=1047

02. Hacking the Xbox 360 Hypervisor Part 2: The Bad Update Exploit: https://icode4.coffee/?p=1081

#hacking #exploit #exploitation

**sekurak News** @sekurakbot@mastodon.com.pl · Mar 3

Mar 3

sekurak News @sekurakbot@mastodon.com.pl

Prawdopodobnie bez problemu można odblokować Twojego Androida – mając do niego fizyczny dostęp.

Taki przypadek wydarzył się niedawno w Serbii, gdzie do odblokowania telefonu studenta (Samsung Galaxy) użyto oprogramowania Cellebrite: the Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android USB drivers, developed by Cellebrite. Student zatrzymany przez policję wręczył im wyłączony telefon. Po...

#WBiegu #0Day #Android #Cellebrite #Exploit #Serbia #Usb

https://sekurak.pl/prawdopodobnie-bez-problemu-mozna-odblokowac-twojego-androida-majac-do-niego-fizyczny-dostep/

Sekurak · Mar 3Prawdopodobnie bez problemu można odblokować Twojego Androida - mając do niego fizyczny dostęp.Taki przypadek wydarzył się niedawno w Serbii, gdzie do odblokowania telefonu studenta (Samsung Galaxy) użyto oprogramowania Cellebrite: the Android phone of one student protester was exploited and unlocked by a sophisticated zero-day exploit chain targeting Android USB drivers, developed by Cellebrite. Student zatrzymany przez policję wręczył im wyłączony telefon. Po...