■■■■■ Google Chrome RCE (no sandbox) via CanonicalEquality::EqualValueType() Google Chrome RCE (no sandbox) via CanonicalEquality::EqualValueType()
All posts by John Doe
October 7, 2025 at 02:02AM
■■■■□ Google Chrome RCE Vulnerability Details Released Along with Exploit Code. Google Chrome RCE Vulnerability Details Released Along with Exploit Code
October 6, 2025 at 02:35PM
📱 Critical zero-click vulnerability (CVE-2025-55177) within WhatsApp has been leveraged in targeted spyware operations, in conjunction with an Apple Imagel0 flaw (CVE-2025-43300). This combination enabled malicious actors to disseminate exploits via WhatsApp, resulting in potential data exfiltration from the user’s Apple device. The attack sequence involved: 🚫Attacker-controlled delivery 🚫Malicious DNG/remote image (Imagel0) parsing vulnerability (OOB…
October 5, 2025 at 08:33PM
🆕 We will move to a new website 📡 ckure.org
October 4, 2025 at 01:02AM
■■■□□ Signal adds new cryptographic defense against quantum attacks. https://www.bleepingcomputer.com/news/security/signal-adds-new-cryptographic-defense-against-quantum-attacks/
October 3, 2025 at 04:39PM
■■■■■ New WireTap Attack Extracts Intel SGX ECDSA Key via DDR4 Memory-Bus Interposer. In yet another piece of research, academics from Georgia Institute of Technology and Purdue University have demonstrated that the security guarantees offered by Intel’s Software Guard eXtensions (SGX) can be bypassed on DDR4 systems to passively decrypt sensitive data. https://thehackernews.com/2025/10/new-wiretap-attack-extracts-intel-sgx.html
October 3, 2025 at 11:40AM
■■■■□ Data-Leak | Security update: Incident related to Red Hat Consulting GitLab instance. https://www.redhat.com/en/blog/security-update-incident-related-red-hat-consulting-gitlab-instance
October 3, 2025 at 02:24AM
🔑 OpenSSL Vulnerabilities Let Attackers Execute Malicious Code and Recover Private Key Remotely. ➿CVE-2025-9230: Memory Corruption Vulnerability ➿CVE-2025-9231: Timing Side-Channel Flaw OpenSSL Vulnerabilities Let Attackers Execute Malicious Code and Recover Private Key Remotely
October 2, 2025 at 01:00PM
■■■□□ 📡 Cisco Meraki interactive auditing tool in python. 〰️Installs its own dependencies. 〰️Tool does read-only API check. 〰️Dumps the config in JSON (missing natively in Meraki Dashboard) 〰️Has option to select Network or dump-all 〰️Performs security audit and saves in csv And saves as: meraki/ └── NetworkName/ ├── config.json # Complete configuration dump └──…
October 1, 2025 at 07:30PM
■□□□□ Hackers Actively Scanning to Exploit Palo Alto Networks PAN-OS Global Protect Vulnerability. Hackers Actively Scanning to Exploit Palo Alto Networks PAN-OS Global Protect Vulnerability