Ribbon Communications, a provider of telecom services to the U.S. government and telecom companies worldwide, revealed that nation-state hackers breached its IT network as early as December 2024. bleepingcomputer.com/news/security/…
🚨🚨CVE-2025-10932 (CVSS 8.2): Resource-exhaustion bug in MOVEit Transfer AS2 module; crafted AS2 requests can overwhelm servers and cause DoS. Search by vul.cve Filter👉vul.cve="CVE-2025-10932" ZoomEye Dork👉app="MOVEit Transfer" 474.5k+ results on ZoomEye. ZoomEye Link:…
⚠️⚠️ CVE-2025-64095: Critical 10.0/10 Flaw in DNN Platform (DotNetNuke) — allows unauthenticated website overwrite leading to full site compromise 🎯134k+ Results are found on the en.fofa.info nearly year. 🔗FOFA Link: en.fofa.info/result?qbase64… FOFA Query:…
Curious how🛰️satellite connectivity is transforming aviation✈️, maritime🚢, and land🚛🚅 mobility? What are the latest trends shaping the market - from hybrid networks 🌐 to innovations like direct-to-device (D2D)📱and IoT services🌟. 📺▶️ Watch now: gsoasatellite.com/webinar/the-fu…
Nation-state hackers reportedly infiltrated Ribbon Communications, a major telecom provider, potentially accessing its systems for nearly a year, affecting clients like the US DoD, while the company claims no evidence of customer system breaches. #Cybers… cybernews.com/security/ribbo…
✨Authentication bypass method: ✅Steps: 1. Target..com/carbon/server-admin/memory_info.jsp = redirect to login page [301 status] 2. Target..com/carbon/server-admin/memory_info.jsp;.jsp = gives the page content without authentication [200 status] Payload 👉🏼 ;.jsp Tip: 1. Find…
![darkshadow2bd's tweet image. ✨Authentication bypass method:
✅Steps:
1. Target..com/carbon/server-admin/memory_info.jsp = redirect to login page [301 status]
2. Target..com/carbon/server-admin/memory_info.jsp;.jsp = gives the page content without authentication [200 status]
Payload 👉🏼 ;.jsp
Tip:
1. Find…](https://pbs.twimg.com/media/G4gzvqfa8AEwr9d.jpg)
🚨 No signal. No data. No visibility. In today’s government facilities, shared Wi-Fi connectivity is no longer enough. Reliable, end-to-end mobile connectivity is now mission-critical. Learn how 5G + private networks are making it possible 👉 okt.to/y1PNwn
CVE-2025-55752 - exploit poc for the Apache Tomcat Rewrite Valve Relative Path Traversal, no RCE (for now) #pruva tried to fake it playing witht he rewrite, relaxing it a lot, but after some pass was able to reproduce. gist.github.com/N3mes1s/013061…
CVE-2025-55752 Apache Tomcat possible RCE if PUT is enabled 🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡🤡 This is like saying i can extract your data from db if sql query is enabled
🌐 AsyncRAT through infrastructure hunting hunt.io/blog/asyncrat-… We found a multi-stage intrusion method that combined trojanized ScreenConnect installers with open-directory hosting to deliver AsyncRAT and a bespoke PowerShell RAT. #ThreatHunting #AsyncRAT #MalwareAnalysis…
🚨🚨CVE-2025-36386 (CVSS 9.8): Auth bypass in IBM Maximo Application Suite allows remote attacker to access Cognos Analytics. Search by vul.cve Filter👉vul.cve="CVE-2025-36386" ZoomEye Dork👉app="IBM Maximo Manage" 1.2k+ results on ZoomEye. ZoomEye Link: zoomeye.ai/searchResult?q……
AhnLab Security Intelligence Center reports on Trigona threat actors' recent attacks on MS-SQL servers, utilizing both Trigona and Mimic ransomware, highlighting a specific email address used in the ransom note. #CyberSecurity #Ransomware asec.ahnlab.com/en/90793/
I Just Cracked a CL.0 HTTP Request Smuggling Exploit in Proof-of–Concept: youtu.be/T0qpYueRriE And It's a Nightmare for User Privacy!
youtube.com
YouTube
HTTP Request Smuggling Proof of Concept at Snapchat Cl.0 HTTP Request...
big companies only really execute well when there’s someone worth copying. they need a target. a template. a rival to imitate. google got its act together only once openai gave it a north star. same playbook with android vs iphone… apple led, google followed. facebook did it…
The laconic $10 trillion question: Scale or Speed? By Giri Devanur @giridevanur via @ForbesTechCncl & ReAlpha Tech Corp forbes.com/councils/forbe… cc @BetaMoroney @Nicochan33 @enilev @mvollmer1 @mikeflache @antgrasso @FrRonconi @ramonvidall @baski_LA @AkwyZ @Khulood_Almani…
#LoRaWAN is already transforming everyday life—from safety monitoring to smart cities and energy management. See the impact live at #CES2026! 📍 LoRa Alliance Booth 10349, North Hall, LVCC Learn more: hubs.li/Q03Qw8f40 #LoRaAlliance #LoRaWAN_in_Action
🚨🚨CVE-2025-40778 (CVSS 8.6): BIND 9 Cache Poisoning Vulnerability A flawed BIND 9 resolver caches unrequested DNS records, letting off-path attackers spoof responses and poison the cache. This redirects clients to malicious infrastructure without new lookups. Search by…
CVE-2025-40778 - Today we go with 1-day #pruva repro for BIND9 High serverity issue. gist.github.com/N3mes1s/f76b4a… A vulnerable BIND 9 resolver (version 9.18.39) accepts and caches resource records that were not requested in the original DNS query. An off-path attacker who can race…
🛡️🔗 EDR-Redir: Breaking EDR with BindLink & Cloud Filter and how I detect it for MDE A new technique dubbed EDR-Redir from Zero Salarium shows how attackers can hijack or disable EDRs like Defender, Elastic, and Sophos by abusing Windows 11’s Bind Filter and Cloud Filter…
CVE-2025-54469 - Enforcer is vulnerable to Command Injection and Buffer overflow #Pruva today reproduced this interesting bug in NeuVector. gist.github.com/N3mes1s/7cc555… Agent pulled neuvector/enforcer:5.4.6, launched it with hijacked CLUSTER_RPC_PORT values, and confirmed…
🚨🚨CVE-2025-54469 (CVSS: 10): Critical NeuVector RCE Unsanitized CLUSTER_RPC_PORT/CLUSTER_LAN_PORT are passed to popen() at startup, allowing attackers who can modify env vars to inject arbitrary commands. Search by vul.cve Filter👉vul.cve="CVE-2025-54469" ZoomEye…
Now @OpenAI Slipped Shopping Into 800 Million #ChatGPT Users’ Chats—Here’s Why That Matters singularityhub.com/2025/10/24/ope…
SideWinder APT uses ClickOnce-based infection chain to deploy StealerBot malware -- cybersecuritynews.com/sidewinder-hac…
United States Tendencias
- 1. Dodgers 762K posts
- 2. World Series 403K posts
- 3. World Series 403K posts
- 4. Blue Jays 124K posts
- 5. Yamamoto 237K posts
- 6. Will Smith 53.4K posts
- 7. jungkook 346K posts
- 8. Miguel Rojas 46.1K posts
- 9. Yankees 16.5K posts
- 10. #Worlds2025 40K posts
- 11. Nigeria 768K posts
- 12. Carlos Manzo 312K posts
- 13. Kershaw 39.4K posts
- 14. Baseball 173K posts
- 15. #T1WIN 13.2K posts
- 16. Kendrick 19.1K posts
- 17. Vladdy 23.3K posts
- 18. Dave Roberts 15.2K posts
- 19. Ohtani 93.5K posts
- 20. Hoffman 12.9K posts
Something went wrong.
Something went wrong.