All posts by John Doe

■■■■■ Here’s a full technical rewrite of the WhatsApp vs. NSO Group spyware case, focusing on CVE-2019-3568, its exploitation logic, and WhatsApp’s patch implementation: ➿➿ CVE-2019-3568 – WhatsApp VoIP Stack RCE Exploit Summary CVE-ID: CVE-2019-3568 Vulnerability Type: Memory corruption – heap-based buffer overflow Attack Vector: Remote, via malformed RTCP (Real-time Transport Control Protocol) packets sent…

■■■■□ NSO Fallout Between April and May 2019, NSO Group’s Pegasus spyware targeted 1,223 WhatsApp users across 51 countries. The distribution of victims by country is as follows: Country Number of Victims Mexico 456 India 100 Bahrain 82 Morocco 69 Pakistan 58 Indonesia 54 Israel 51 Spain 12 Netherlands 11 Hungary 8 France 7 United…

■■■■□ Jewish NSO group Fallout. NSO Group developed a specialized system called the WhatsApp Installation Server (WIS) to deploy its Pegasus spyware. This server sent malformed messages through WhatsApp’s infrastructure, mimicking legitimate traffic. These messages exploited vulnerabilities in WhatsApp’s code, causing target devices to reach out to NSO-controlled servers and install the spyware—all without user…

■■■■□ Seven things we learned from WhatsApp vs. NSO Group spyware lawsuit. Seven things we learned from WhatsApp vs. NSO Group spyware lawsuit

■■■■□ Interesting post. Bypassing Cloudflare: From Smart RXSS Payload to Full Account Takeover. https://www.linkedin.com/posts/hushamosman_xss-bugbounty-cloudflarebypass-ugcPost-7328051349504311296-k1FE

■■□□□ 2025-05-12: Unidentified malware infection from email attachment. https://www.malware-traffic-analysis.net/2025/05/12/index.html

■■■■□ Zero-Day: PoC Exploit Released For Linux Kernel’s nftables Subsystem Vulnerability. PoC Exploit Released For Linux Kernel’s nftables Subsystem Vulnerability

■□□□□ Interesting thread on AI https://x.com/ngxson/status/1921980096421806127

■■■■□ India and Pakistan are still in a cyber war, even though the guns stopped amid ceasefire. UPI payment systems from India down a couple of times today are likely due to the cyber-attacks across the border. While in Pakistan, major sites allegedly suffer data leak including government agencies.

■■■■■ 🇨🇳 WireWatch: Measuring the security of proprietary network encryption in the global Android ecosystem. How secure are the apps on your Android phone? Researchers at the Citizen Lab and Princeton evaluated the network security of Android apps & found that a large portion of popular Chinese apps use broken proprietary network protocols instead of…