■■■■□ Zero-Day: DefCon lock picking.
All posts by John Doe
September 28, 2025 at 05:55PM
■■■■□ Write-up focuses on bypass of file upload. Known technique. https://infosecwriteups.com/new-technique-bypass-file-upload-4c18cef9f9ed
September 28, 2025 at 04:13PM
■■■■□ Iranian State Sponsored Hackers Use SSL.com Certificates to Sign Malware. Security researchers say multiple threat groups, including Iran’s Charming Kitten APT offshoot Subtle Snail, are deploying malware with code-signing certificates from the Houston-based company. https://www.darkreading.com/vulnerabilities-threats/iranian-hackers-ssl-certificates-sign-malware
September 28, 2025 at 01:17PM
■■■■□ 🔥CVE-2025-59934: Critical Flaw in Formbricks Allows Unauthorized Password Resets via Forged JWT Tokens 🚀POC -https://github.com/formbricks/formbricks/security/advisories/GHSA-7229-q9pv-j6p4 Dorks: http://product.name=”Formbricks”
September 28, 2025 at 12:30PM
■■■□□ Hackers Compromise Active Directory to Steal NTDS.dit that Leads to Full Domain Compromise. Hackers Compromise Active Directory to Steal NTDS.dit that Leads to Full Domain Compromise
September 27, 2025 at 10:16PM
Claude is hacker as it gets Kali tools via MCP
September 27, 2025 at 12:40PM
■■■□□ Federal agencies given one day to patch exploited Cisco firewall bugs. https://therecord.media/cisco-asa-firewall-bugs-cisa-federal-agencies-warning
September 27, 2025 at 02:04AM
■■■□□ Widespread Infostealer Campaign Targeting macOS Users. Threat actors rely on malicious GitHub repositories to infect LastPass’s macOS users with the Atomic infostealer. https://www.securityweek.com/widespread-infostealer-campaign-targeting-macos-users/
September 27, 2025 at 01:50AM
■■■■□ Microsoft terminates services for Israeli military after investigation into mass surveillance of Palestinians. https://edition.cnn.com/2025/09/25/tech/microsoft-israel-surveillance
September 26, 2025 at 04:38PM
■■■□□ Update: Data Leak due to Improper Access Control -(4-0000979929) under investigation.