Digitalcourage @digitalcourage

Recent searches

Search options

Only available when logged in.

13 posts10 participants2 posts today

**heise online English** @heiseonlineenglish@social.heise.de · 11h

11h

heise online English @heiseonlineenglish@social.heise.de

Critical Sharepoint security vulnerability: First patches are available

Microsoft has now released a patch, but attackers were not idle over the weekend. Dozens of SharePoint installations fell victim of "ToolShell"

https://www.heise.de/en/news/Critical-Sharepoint-security-vulnerability-First-patches-are-available-10494099.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

heise online · 11hCritical Sharepoint security vulnerability: First patches are available

More from

Dr. Christopher Kunz

#Backdoor #IT #Security

**heise Security** @heisec@social.heise.de · 11h *

11h *

heise Security @heisec@social.heise.de

Kritische Sharepoint-Sicherheitslücke: Erste Patches für "ToolShell" sind da

Microsoft hat mittlerweile einen Patch veröffentlicht, Angreifer waren am Wochenende jedoch nicht untätig. Dutzende Sharepoint-Installationen wurden Opfer.

https://www.heise.de/news/Kritische-Sharepoint-Sicherheitsluecke-Erste-Patches-fuer-ToolShell-sind-da-10493989.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#Backdoor #IT #Security #SharePoint #Exploit #news @de_edv

heise online · 11hKritische Sharepoint-Sicherheitslücke: Erste Patches für "ToolShell" sind da

More from

Dr. Christopher Kunz

**Pyrzout** @jos1264@social.skynetcloud.site · 21h

21h

Pyrzout @jos1264@social.skynetcloud.site

Microsoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) https://www.helpnetsecurity.com/2025/07/20/microsoft-sharepoint-servers-under-attack-via-zero-day-vulnerability-with-no-patch-cve-2025-53770/ #PaloAltoNetworks #EyeSecurity #SharePoint #Don'tmiss #CodeWhite #Microsoft #Hotstuff #exploit #0-day #News #CISA

Help Net Security · 21hMicrosoft SharePoint servers under attack via zero-day vulnerability with no patch (CVE-2025-53770) - Help Net Security

More from

Zeljka Zorz

**Pyrzout** @jos1264@social.skynetcloud.site · 1d

Pyrzout @jos1264@social.skynetcloud.site

SharePoint Under Attack: Microsoft Warns of Zero-Day Exploited in the Wild – No Patch Available https://www.securityweek.com/sharepoint-under-attack-microsoft-warns-of-zero-day-exploited-in-the-wild-no-patch-available/ #ThreatIntelligence #Vulnerabilities #vulnerability #CVE202553770 #SharePoint #Microsoft #Featured #exploit

**Pyrzout** @jos1264@social.skynetcloud.site · 1d

Pyrzout @jos1264@social.skynetcloud.site

**heise Security** @heisec@social.heise.de · 1d

heise Security @heisec@social.heise.de

Microsoft: Angriffe auf neue Sharepoint-Lücke – bislang kein Patch verfügbar

Microsoft warnt vor aktiven Angriffen auf eine bislang unbekannte Lücke in Sharepoint-Servern und benennt Erste-Hilfe-Maßnahmen für Verteidiger.

https://www.heise.de/news/Microsoft-Angriffe-auf-neue-Sharepoint-Luecke-bislang-kein-Patch-verfuegbar-10493705.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

heise online · 1dMicrosoft: Angriffe auf neue Sharepoint-Lücke – bislang kein Patch verfügbar

More from

#IT #Microsoft #Security

**N-gated Hacker News** @ngate@mastodon.social · 1d

N-gated Hacker News @ngate@mastodon.social

Ah yes, another "riveting" deep dive into exploiting #coprocessors, because who doesn't want to spend their weekends mapping DRAM for kicks? The writer proudly updates their #kernel #exploit to support more outdated devices, as if anyone was clamoring for "Trigon: The Sequel".
https://alfiecg.uk/2025/07/16/Trigon.html #deepdive #outdateddevices #techhumor #DRAMmapping #HackerNews #ngated

Alfie CG · 5dTrigon: exploiting coprocessors for fun and for profit (part 2)Where did we leave off? Background: KTRR IORVBAR Coprocessors Always-On Processor Investigation AXI? What’s that?! Mapping DRAM Code execution Improving the strategy What about A7 and A8(X)? Conclusion

**Nathaniel Gregory** @Faithslayer202@mastodon.social · 3d

Nathaniel Gregory @Faithslayer202@mastodon.social

‘ #Israel may redraw maps, #exploit minorities, strike #capitals & #starve children, but it cannot bomb its way into permanence. It cannot silence a region forever. It cannot build its future atop the ruins of others because those ruins remember.’

https://www.middleeasteye.net/opinion/damascus-gaza-israels-doctrine-hegemony-fatal-flaw

Middle East EyeFrom Damascus to Gaza, Israel’s plan to fragment the region may end up uniting itThe more Israel acts like a regional empire, the more the region begins to see it as a colonial one

#Palestine #MiddleEast #Genocide

Continued thread

**alip** @alip@mastodon.online · 4d

alip @alip@mastodon.online

aaand here's the #Linux version of the same #exploit which breaks Memory-Deny-Write-Execute (aka MDWE), https://bugzilla.kernel.org/show_bug.cgi?id=219227 #exherbo #sydbox #security

bugzilla.kernel.org219227 – MDWE does not prevent read-only, executable, shared memory regions to be updated by backing file writes

**alip** @alip@mastodon.online · 4d

alip @alip@mastodon.online

I wrote my first #HardenedBSD #exploit today and I feel proud! #exherbo #sydbox #security https://git.hardenedbsd.org/hardenedbsd/HardenedBSD/-/issues/107#note_41813

GitLabRead-only, executable memory regions can be updated by backing file writes regardless of shared status (#107) · Issues · HardenedBSD / HardenedBSD · GitLabArguably this breaks W^X. Similar implementations such as PaX prevent this. About private mappings, POSIX leaves unspecified whether changes made to the file after the mmap() call are...

**heise online English** @heiseonlineenglish@social.heise.de · 4d

heise online English @heiseonlineenglish@social.heise.de

Update now! Chrome security vulnerability is being exploited

Google updated its Chrome web browser on Wednesday night. The update also closes a vulnerability that had already been exploited.

https://www.heise.de/en/news/Update-now-Chrome-security-vulnerability-is-being-exploited-10488936.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

heise online · 4dUpdate now! Chrome security vulnerability is being exploitedBy Dirk Knop

#Chrome #Exploit #Google

**heise Security** @heisec@social.heise.de · 5d

heise Security @heisec@social.heise.de

Jetzt aktualisieren! Chrome-Sicherheitslücke wird angegriffen

Google hat in der Nacht zum Mittwoch den Chrome-Webbrowser aktualisiert. Das Update schließt auch eine bereits attackierte Lücke.

https://www.heise.de/news/Jetzt-aktualisieren-Chrome-Sicherheitsluecke-wird-angegriffen-10488795.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

heise online · 5dJetzt aktualisieren! Chrome-Sicherheitslücke wird angegriffenBy Dirk Knop

#Chrome #Exploit #Google

**Cambionn** @Cambion@mastodon.nl · 6d *

6d *

Cambionn @Cambion@mastodon.nl

#Today one of my colleagues put my attention on this article, and to be honest I do love the reporting style. Meme's and writing like this?

"The ‘good news’, I suspect, is that most orgs will be too lacking in logs to have evidence."

"China go brrr"

At least it's not dry

https://doublepulsar.com/citrixbleed-2-situation-update-everybody-already-got-owned-503c6d06da9f

Opera Winfrey meme with the text "You get an incident, everybody gets a citrix netscaler incident"

#security #datasecurity #infosec

**Pyrzout** @jos1264@social.skynetcloud.site · 6d

Pyrzout @jos1264@social.skynetcloud.site

WinRAR Zero-Day Exploit Allegedly on Sale for $80,000 https://dailydarkweb.net/winrar-zero-day-exploit-allegedly-on-sale-for-80000/ #Vulnerability #CyberSecurity #vulnerability #exploit #ZeroDay #WinRAR #RCE

Daily Dark WebWinRAR Zero-Day Exploit Allegedly on Sale for $80,000 - Daily Dark WebWinRAR Zero-Day Exploit Allegedly on Sale for $80,000 Discover the latest security threats and database leaks, including unauthorized VPN access and email breaches, in the cyber underground world.Stay informed about emerging cyber threats, such as unauthorized access to databases and sensitive information leaks, affecting global companies and organizations.Learn about the latest cyber incidents, including DDoS attacks and malware threats targeting cryptocurrency wallets and financial institutions.

**heise online English** @heiseonlineenglish@social.heise.de · 6d

heise online English @heiseonlineenglish@social.heise.de

Exploit available: Patch FortiWeb vulnerability now!

On Thursday, Fortinet released an update for FortiWeb. Exploits have emerged that abuse the critical gap.

https://www.heise.de/en/news/Exploit-available-Patch-FortiWeb-vulnerability-now-10485755.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

heise online · 6dExploit available: Patch FortiWeb vulnerability now!By Dirk Knop

#Exploit #IT #Security

**Steve Dustcircle** @dustcircle@masto.ai · Jul 14

Jul 14

Steve Dustcircle @dustcircle@masto.ai

Easy to #Exploit | Collapsing the #Urban-#Rural Divide

https://www.thedriftmag.com/easy-to-exploit/

The Drift · Jun 24Easy to ExploitCollapsing the Urban-Rural Divide

**Pyrzout** @jos1264@social.skynetcloud.site · Jul 14

Jul 14

Pyrzout @jos1264@social.skynetcloud.site

Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257) https://www.helpnetsecurity.com/2025/07/14/exploits-for-unauthenticated-fortiweb-rce-are-public-so-patch-quickly-cve-2025-25257/ #webapplicationsecurity #vulnerability #Don'tmiss #WatchTowr #Hotstuff #Fortinet #exploit #Rapid7 #News #PoC

Help Net Security · Jul 14Exploits for unauthenticated FortiWeb RCE are public, so patch quickly! (CVE-2025-25257) - Help Net Security

More from

Zeljka Zorz

**heise Security** @heisec@social.heise.de · Jul 14

Jul 14

heise Security @heisec@social.heise.de

Exploit verfügbar: FortiWeb-Sicherheitslücke jetzt patchen!

Am Donnerstag hat Fortinet ein Update für FortiWeb veröffentlicht. Exploits sind aufgetaucht, die die kritische Lücke missbrauchen.

https://www.heise.de/news/Exploit-verfuegbar-FortiWeb-Sicherheitsluecke-jetzt-patchen-10485654.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

heise online · Jul 14Angriffe wahrscheinlich: Exploit für FortiWeb-Lücke verfügbarBy Dirk Knop

#Exploit #IT #Security

**PrivacyDigest** @PrivacyDigest@mas.to · Jul 11

Jul 11

PrivacyDigest @PrivacyDigest@mas.to

Critical #CitrixBleed 2 #vulnerability has been under active #exploit for weeks

A critical vulnerability allowing #hackers to bypass #multifactor #authentication in network management devices made by #Citrix has been actively #exploited for more than a month, researchers said. The finding is at odds with advisories from the vendor saying there is no evidence of in-the-wild #exploitation.
#security #privacy

https://arstechnica.com/security/2025/07/critical-citrixbleed-2-vulnerability-has-been-under-active-exploit-for-weeks/

Ars Technica · Jul 9Critical CitrixBleed 2 vulnerability has been under active exploit for weeksBy Dan Goodin

**morgen** @morgenm@infosec.exchange · Jul 11 *

Jul 11 *

morgen @morgenm@infosec.exchange

Just published a proof-of-concept exploit for CVE-2025-32463, a new Linux privilege escalation vulnerability affecting sudo discovered and disclosed by Stratascale about 2 weeks ago.

The PoC is available on GitHub. A full technical writeup will be published on my blog soon.

GitHub: https://github.com/morgenm/sudo-chroot-CVE-2025-32463

Rust PoC for CVE-2025-32463 (sudo chroot "chwoot" Local PrivEsc) - morgenm/sudo-chroot-CVE-2025-32463

GitHubGitHub - morgenm/sudo-chroot-CVE-2025-32463: Rust PoC for CVE-2025-32463 (sudo chroot "chwoot" Local PrivEsc)Rust PoC for CVE-2025-32463 (sudo chroot "chwoot" Local PrivEsc) - morgenm/sudo-chroot-CVE-2025-32463

#CyberSecurity #ExploitDev #Linux

Drag & drop to upload

Recent searches

Search options

Administered by:

Server stats:

#exploit