All posts by John Doe

🔦 TOR VPN Beta – Silent release https://play.google.com/store/apps/details?id=org.torproject.vpn https://www.techradar.com/vpn/vpn-services/the-tor-project-quietly-launches-a-beta-android-vpn-and-looks-for-testers

■■■■□ Kali 2025.3 adds a fresh set of tools to its arsenal. This version includes 10 new packages: 🤍Caido & Caido-cli: A web security auditing toolkit with a graphical client and command-line server. 🤍Detect It Easy (DiE): A utility for identifying file types. 🤍Gemini CLI: An open-source AI agent that integrates Google’s Gemini into the…

■■■□□ DELMIA Apriso has a deserialization flaw (CVE-2025-5086) let us turn a SOAP request into full RCE. Blog by nuclei breaks down: 🚫How vulnerable code path was traced 🚫Crafting the payload 🚫Why does it impacts Apriso 2020–2025 https://projectdiscovery.io/blog/remote-code-execution-in-delmia-apriso

■■□□□ BlackLock Ransomware Attacking Windows, Linux, and VMware ESXi Environments. BlackLock Ransomware Attacking Windows, Linux, and VMware ESXi Environments

■■■□□ SonicWall releases SMA100 firmware update to wipe rootkit malware. https://www.bleepingcomputer.com/news/security/sonicwall-releases-sma100-firmware-update-to-wipe-rootkit-malware/

■■□□□ Privacy: YouTube admits to having censored people during the COVID pandemic and for political reasons. Offers terminated creators the opportunity to rejoin the platform.

■■□□□ United States: Secret Service raid and dismantle 300 SIM servers with over 100,000 SIM cards, in NYC, as part of an investigation into telecom threats.

■■■■■ CVE-2025-55241: Microsoft Entra ID flaw allowed hijacking any company’s tenant. https://www.bleepingcomputer.com/news/security/microsoft-entra-id-flaw-allowed-hijacking-any-companys-tenant/

■■■■□ OpenAI fixes zero-click ShadowLeak vulnerability affecting ChatGPT Deep Research agent. https://therecord.media/openai-fixes-zero-click-shadowleak-vulnerability

🤖 One of the admins of the channel had a 0-click malware on the Android flagship device. It may be Firefox Zero-Day, now patched. The malware deleted certain video files related to a country in the Middle East.