John Doe

May 23, 2025 at 10:28AM

May 23, 2025John DoeUncategorized

■□□□□ Fortinet acquires Israeli cyber startup Suridata for tens of millions to boost SaaS protection. Suridata raised around $14 million and built an AI-powered platform to protect SaaS apps. https://www.calcalistech.com/ctechnews/article/r1i21132blx

May 22, 2025 at 11:20PM

May 22, 2025John DoeUncategorized

■■□□□ United States / China: Chinese hackers breach US local governments using Cityworks zero-day. https://www.bleepingcomputer.com/news/security/chinese-hackers-breach-us-local-governments-using-cityworks-zero-day/

May 22, 2025 at 09:41PM

May 22, 2025John DoeUncategorized

■■■□□ BadSuccessor: Abusing dMSA to Escalate Privileges in Active Directory. https://www.akamai.com/blog/security-research/abusing-dmsa-for-privilege-escalation-in-active-directory https://thehackernews.com/2025/05/critical-windows-server-2025-dmsa.html

May 22, 2025 at 07:08PM

May 22, 2025John DoeUncategorized

■■□□□ Marks & Spencer said hackers broke into its systems by tricking employees at a third-party contractor, skirting its digital defences to launch a cyberattack. https://www.thehindu.com/sci-tech/technology/ms-says-cyber-hackers-broke-in-through-third-party-contractor/article69604614.ece

May 22, 2025 at 05:21PM

May 22, 2025John DoeUncategorized

■■□□□ CVE-2025-4123 Grafana open redirect → XSS/SSRF via path traversal.

May 22, 2025 at 02:08AM

May 21, 2025John DoeUncategorized

■■■■□□ OSINT: A race of speed and lies (in war context). https://m.economictimes.com/news/india/lies-now-open-sourced-india-pakistan-conflict-puts-spotlight-on-open-source-intelligence-and-credibility-problem/articleshow/121240828.cms

May 22, 2025 at 12:54AM

May 21, 2025John DoeUncategorized

🍎CVE-2025-31200: Apple iPhone RCE by opening a video file. 🎞https://youtu.be/nTO3TRBW00E

May 22, 2025 at 12:52AM

May 21, 2025John DoeUncategorized

■□□□□ Microsoft admits to the support of genocide via its cyber capability.

May 21, 2025 at 02:32PM

May 21, 2025John DoeUncategorized

■■■□□ South Asian Ministries Hit by SideWinder APT Using Old Office Flaws and Custom Malware. High-level government institutions in Sri Lanka, Bangladesh, and Pakistan have emerged as the target of a new campaign orchestrated by a threat actor known as SideWinder. https://www.acronis.com/en-us/cyber-protection-center/posts/from-banks-to-battalions-sidewinders-attacks-on-south-asias-public-sector/ https://thehackernews.com/2025/05/south-asian-ministries-hit-by.html

May 21, 2025 at 02:28PM

May 21, 2025John DoeUncategorized

■■■■□ Full-Blown SSRF to Gain Access to Millions of Users’ Records and Multiple Internal Panels. https://medium.com/@skycer_00/full-blown-ssrf-to-gain-access-to-millions-of-users-records-and-multiple-internal-panels-3719d9b802e9