Aggregator
Russia-linked APT28 uses PRISMEX to infiltrate Ukraine and allied infrastructure with advanced tactics
2 weeks 5 days ago
APT28 targets Ukraine and allies with PRISMEX malware, using stealthy techniques for espionage and command-and-control. Russia-linked group APT28 (aka UAC-0001, aka Fancy Bear, Pawn Storm, Sofacy Group, Sednit, BlueDelta, and STRONTIUM) is running a spear-phishing campaign against Ukraine and its allies, deploying a new malware suite called PRISMEX. Active since September 2025, the campaign uses advanced stealth techniques like steganography and […]
Pierluigi Paganini
Threat Actors Get Crafty With Emojis to Escape Detection
2 weeks 5 days ago
When 🤖 means "bot available," 🧰 signifies "toolkit," or 💰💰💰 translates to "big ransom," bad actors can evade filters and keep it all on the down-low.
Jai Vijayan
TikTok removes covert networks ahead of Hungary vote as disinformation concerns grow
2 weeks 5 days ago
The company said the networks used fake accounts to post and amplify political content aimed at Hungarian users, including material critical of opposition leader Péter Magyar and his Tisza Party as well as content targeting Prime Minister Viktor Orbán’s ruling Fidesz.
Palo Alto Networks security advisory (AV26-331)
2 weeks 5 days ago
Canadian Centre for Cyber Security
BlueHammer: Windows zero-day exploit leaked
2 weeks 5 days ago
A buggy but functional proof-of-concept (PoC) exploit for an unpatched Windows local privilege escalation vulnerability dubbed BlueHammer has been published on GitHub by someone who goes by the handle Chaotic Eclipse and Nightmare Eclipse. Several security researchers have fixed the bugs in the exploit and made it work on patched Windows 10, 11, and Windows Server systems, and the question now is whether Microsoft is planning or working on a fix. The BlueHammer PoC exploit … More →
The post BlueHammer: Windows zero-day exploit leaked appeared first on Help Net Security.
Zeljka Zorz
AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties
2 weeks 5 days ago
Discovery used to be the bottleneck for open source bugs, but with automated discovery, remediation's the bottleneck, which bounties don't fund.
Jai Vijayan
XP95
2 weeks 5 days ago
You must login to view this content
cohenido
Submit #791276: Totolink A7100RU 7.4cu.2313_b20191024 Command Injection [Accepted]
2 weeks 5 days ago
Submit #791276 / VDB-356380
LtzHuster2
Submit #791274: Totolink A7100RU 7.4cu.2313_b20191024 Command Injection [Accepted]
2 weeks 5 days ago
Submit #791274 / VDB-356379
LtzHuster2
Submit #791272: Totolink A7100RU 7.4cu.2313_b20191024 Command Injection [Accepted]
2 weeks 5 days ago
Submit #791272 / VDB-356378
LtzHust2
Submit #791271: Totolink A7100RU 7.4cu.2313_b20191024 Command Injection [Accepted]
2 weeks 5 days ago
Submit #791271 / VDB-356377
LtzHust2
Submit #791266: Totolink A7100RU 7.4cu.2313_b20191024 Command Injection [Accepted]
2 weeks 5 days ago
Submit #791266 / VDB-356376
LtzHust2
Submit #791217: Tenda i12 V1.0.0.11(3862) Path Traversal [Accepted]
2 weeks 5 days ago
Submit #791217 / VDB-356375
LtzHust2
Submit #791199: SourceCodester Resort Reservation System (PHP + SQLite3) 1.0 SQL Injection [Duplicate]
2 weeks 5 days ago
Submit #791199 / VDB-236235
Antony Esthak Twinson
Submit #791164: SourceCodester Resort Reservation System (PHP + SQLite3) 1.0 Local File Inclusion [Duplicate]
2 weeks 5 days ago
Submit #791164 / VDB-236234
Antony Esthak Twinson
Submit #791154: SourceCodester Resort Reservation System (PHP + SQLite3) 1.0 Local File Inclusion [Duplicate]
2 weeks 5 days ago
Submit #791154 / VDB-236234
Antony Esthak Twinson
Submit #791025: SourceCodester Patients Waiting Area Queue Management System 1.0 SQL Injection [Duplicate]
2 weeks 5 days ago
Submit #791025 / VDB-332350
himanshuh4cker
Submit #790769: jeecgboot jimureport <= 2.3.0 Code Injection [Accepted]
2 weeks 5 days ago
Submit #790769 / VDB-356374
anch0r
The Gentleman
2 weeks 5 days ago
You must login to view this content
cohenido