🚨🚨CVE-2025-40778 (CVSS 8.6): BIND 9 Cache Poisoning Vulnerability A flawed BIND 9 resolver caches unrequested DNS records, letting off-path attackers spoof responses and poison the cache. This redirects clients to malicious infrastructure without new lookups. Search by…
CVE-2025-40778 - Today we go with 1-day #pruva repro for BIND9 High serverity issue. gist.github.com/N3mes1s/f76b4a… A vulnerable BIND 9 resolver (version 9.18.39) accepts and caches resource records that were not requested in the original DNS query. An off-path attacker who can race…
🛡️🔗 EDR-Redir: Breaking EDR with BindLink & Cloud Filter and how I detect it for MDE A new technique dubbed EDR-Redir from Zero Salarium shows how attackers can hijack or disable EDRs like Defender, Elastic, and Sophos by abusing Windows 11’s Bind Filter and Cloud Filter…
CVE-2025-54469 - Enforcer is vulnerable to Command Injection and Buffer overflow #Pruva today reproduced this interesting bug in NeuVector. gist.github.com/N3mes1s/7cc555… Agent pulled neuvector/enforcer:5.4.6, launched it with hijacked CLUSTER_RPC_PORT values, and confirmed…
🚨🚨CVE-2025-54469 (CVSS: 10): Critical NeuVector RCE Unsanitized CLUSTER_RPC_PORT/CLUSTER_LAN_PORT are passed to popen() at startup, allowing attackers who can modify env vars to inject arbitrary commands. Search by vul.cve Filter👉vul.cve="CVE-2025-54469" ZoomEye…
Now @OpenAI Slipped Shopping Into 800 Million #ChatGPT Users’ Chats—Here’s Why That Matters singularityhub.com/2025/10/24/ope…
SideWinder APT uses ClickOnce-based infection chain to deploy StealerBot malware -- cybersecuritynews.com/sidewinder-hac…
⚠️⚠️ CVE-2025-54236: Critical 9.1/10 Flaw in Magento / Adobe Commerce Enables Unauthenticated File-Upload & Account Takeover 🔥Deep Dive: slcyber.io/assetnote-secu… 🎯131k+ Results are found on the en.fofa.info nearly year. 🔗FOFA Link: en.fofa.info/result?qbase64… FOFA Query:…
Last week at #GITEX2025, we signed agreements with e& to modernize its core network infrastructure and OSS/BSS to state-of-art cloud-native solutions in the UAE: m.eric.sn/fSkr50XgOQT #NoNonsenseOSSBSS
🚨 Hackers Abuse ASP.NET Machine Keys to Compromise IIS Servers Read more: cybersecuritynews.com/hackers-abuse-… A sneaky hacking campaign where attackers used publicly available machine keys to break into Windows IIS web servers. These keys, meant…
🚨🚨CVE-2025-22167 (CVSS 8.7): Jira Path Traversal flaw allows arbitrary file writes to any JVM-writable path. Possible RCE when chained with other exploits. Search by vul.cve Filter👉vul.cve="CVE-2025-22167" ZoomEye Dork👉app="Atlassian JIRA" Over 107k vulnerable instances.…
‼️The plot thickens: Collins Aerospace was targeted by two ransomware gangs simultaneously, unaware of each other. After Everest exfiltrated data from an FTP server, another ransomware operator targeted the MUSE system and deployed ransomware. NCSC-UK stated, “We know the…
‼️ When Collins Aerospace shut down its Multi-User System Environment (MUSE), it informed the press and filed with the SEC, claiming a ransomware attack. This caused major European airports to halt passenger processing, stranding thousands and delaying numerous flights. Turns…
🚨 Developers, check your NuGet packages. A fake NuGet package “Netherеum.All” — spelled with a Cyrillic ‘e’ — was stealing wallet keys from Ethereum .NET projects. It even faked 11.7M downloads to look real. Full story ↓ thehackernews.com/2025/10/fake-n…
Reports indicate that the F5 BIG-IP source code leak is linked to state-sponsored campaigns utilizing the BRICKSTORM backdoor, highlighting ongoing cybersecurity threats. #Cybersecurity #F5BIGIP #BRICKSTORM resecurity.com/blog/article/f…
AI-generated code is now the cause of one-in-five breaches – but developers and security leaders alike are convinced the technology will come good eventually | IT Pro itpro.com/software/devel…
Report Shows Ransomware Hitting Manufacturing the Hardest | Manufacturing Business Technology mbtmag.com/cybersecurity/…
Proofpoint has identified a new sophisticated #cybercriminal. Dubbed #TA585, it manages its entire #cyberattack chain, including infrastructure, delivery, and malware installation. Read about its activity, capabilities, and technical details. @techday_ca brnw.ch/21wWPST
"It is now clear that near-term EV adoption will be slower than planned .... It's clear that ICE volumes will remain higher for longer....strong sustained demand" GM CEO Barra just out Q3 letter.. Note GM taking Q3 charge on EVs "and we expect future charges." #oott
$NVDA LOWER EARTH ORBIT AI FACTORIES? NVIDIA just posted a video of a 5GW datacenter in space. Meanwhile, $AMZN founder Jeff Bezos is talking about compute bases on the moon. $TSLA CEO targeting for Mars next?
Singapore’s Shanmugam warns weaponised technology fuelling ‘cyber arms race’ | South China Morning Post scmp.com/week-asia/poli…
Looking back, this was probably the most important slide from Analyst Day. For years CRQCs were a 2030 problem. Academic talk more than operational risk. Now the Department of War is saying encryption could be toast in just three years. That shifts it from lab demo to war budget…
Semiotik.IT #IoT »Manual trades embracing IoT for safer workplaces« iotbusinessnews.com/2025/10/02/man… #Semiotik #Smart #InternetOfThings
United States 趋势
- 1. #10SET N/A
- 2. $rdac N/A
- 3. Good Tuesday 28.8K posts
- 4. Freddie Freeman 78.2K posts
- 5. Dodgers 281K posts
- 6. #WorldSeries 222K posts
- 7. Jamaica 148K posts
- 8. #tuesdayvibe 1,908 posts
- 9. Wikipedia 73.8K posts
- 10. Grokipedia 107K posts
- 11. Klein 242K posts
- 12. #NationalFirstRespondersDay N/A
- 13. $PYPL 32.9K posts
- 14. USS George Washington 29.8K posts
- 15. Ohtani 146K posts
- 16. #PutThatInYourPipe N/A
- 17. PayPal 91.7K posts
- 18. Wordle 1,592 X N/A
- 19. Nelson 23.1K posts
- 20. Hurricane Melissa 113K posts
Something went wrong.
Something went wrong.