All posts by John Doe

■■□□□ Tenable Confirms Data Breach – Hackers Accessed Customers’ Contact Details. https://www.tenable.com/blog/tenable-response-to-salesforce-and-salesloft-drift-incident

■■□□□ Zero-Day in Oracle Web-Based product. Class: Broken Access Control Researcher: Abdulazeiz Rashid CVE: NA

■■□□□ Beginner Android PT terminology. https://e1mazahy.gitbook.io/droidtomesec/android-pentesting/android-app-structure/broadcastreceiver

■■■■□ Zero-Day: 0-Click Vulnerability Enables Attackers to Takeover Email Access Using Punycode. Critical 0-Click Vulnerability Enables Attackers to Takeover Email Access Using Punycode

■■□□□ Hackers Leverage Raw Disk Reads to Bypass EDR Solutions and Access Highly Sensitive Files. Hackers Leverage Raw Disk Reads to Bypass EDR Solutions and Access Highly Sensitive Files

■■■■□ New TP-Link zero-day surfaces as CISA warns other flaws are exploited. https://www.bleepingcomputer.com/news/security/new-tp-link-zero-day-surfaces-as-cisa-warns-other-flaws-are-exploited/

■□□□□ 📰 Microsoft reports, “Multiple international subsea cables were cut in the Red Sea,” impacting the Azure Cloud platform.

■■□□□ Military | Declassified | Bad Intel | Bad Work | War Crimes US Navy SEALs killed several North Korean fishermen after encountering them by accident during a botched mission, US news outlet reports. Later the videos of these fishermen were downed in ocean by puncturing lungs of these fishermen by 🔪 stabbing them. https://www.aljazeera.com/news/2025/9/6/us-navy-seals-killed-north-korean-civilians-during-botched-mission-report

■■□□□ Correction for https://t.me/cKure/16273. Attribution to Google was incorrect. The attack did happen. Threat actor unknown.

🤖 CVE-2025-48539: Android bluetooth stack access over adjacent WiFi with no user interaction. With chains privilege escalation, the attacker can do full device access remotely. https://osv.dev/vulnerability/ASB-A-406785684