All posts by John Doe

■■■□□ New jamming-proof base in Greenland to help Europe defend against Russia. https://www.euronews.com/next/2025/12/05/could-this-new-jamming-proof-base-in-greenland-help-europe-defend-against-russia

■□□□□ Cloudflare blames today’s outage on React2Shell mitigations. https://www.bleepingcomputer.com/news/security/cloudflare-blames-todays-outage-on-emergency-react2shell-patch/

■■■■□ React2Shell Ultimate – CVE-2025-66478 Scanner. https://github.com/hackersatyamrastogi/react2shell-ultimate

■■■□□ This is the most reliable public detection (at this time) to indicate whether a machine is actually exploitable to CVE-2025-55182 / React2Shell without invoking the RCE and limited FP’s. It triggers an internal error and validates the vulnerable version https://cloud.projectdiscovery.io/library/CVE-2025-55182

■■■□□ OWASP is at the forefront of AI security. We invite you to explore the new OWASP AI Testing Guide, a remarkable contribution from Matteo Meucci and Marco Morana. Additionally, we recommend reviewing the OWASP AI Vulnerability Scoring System (AIVSS), a valuable tool designed to standardize risk prioritization. Our sincere congratulations and gratitude extend to…

■■■■■ Someone can access posts linked to your Instagram even if you’ve made your account private. While Instagram, as a Meta product, implements anti-bot measures to prevent scraping, OSINT tools that rely on third-party services such as Apify to actively maintain functional APIs capable of successfully extracting data are becoming increasingly popular. Recent tools often…

■■■■□ Multiple bugs in Chrome addressed. CVE-2025-13633 Use after free in Digital Credentials in Google Chrome prior to 143.0.7499.41 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) CVE-2025-13634 Inappropriate implementation in Downloads in Google Chrome on Windows prior to…

■■■■□ Live Stream from Inside Lazarus Group’s IT Workers Scheme. https://any.run/cybersecurity-blog/lazarus-group-it-workers-investigation/

■■■■■ Insecure Deserialization: CVE-2025-55182 – React Server Components Prototype Chain Vulnerability. https://github.com/ejpir/CVE-2025-55182-poc

■■■■□ Botnets on wheels: the mass hacking of dashcams. Researchers have discovered how to connect to someone else’s dashcam in a matter of seconds, and weaponize it for future attacks. Hackers can Hijack Your DashCams in Seconds and Weaponize them for Future Attacks. Botnets on wheels: the mass hacking of dashcams Hackers can Hijack Your…