Citrix Netscaler customers - keep calm and patch CVE-2025-5777 from Tuesday.
It allows unauth memory reads, has similarities to CitrixBleed (CVE-2023-4966) as may allow session token theft.
20.06.2025 15:52 β π 84 π 36 π¬ 2 π 2
Huntress continues to observe in-the-wild exploitation of CVE-2025-30406, a critical vulnerability in Gladinet CentreStack and Triofox
22.04.2025 13:07 β π 1 π 2 π¬ 1 π 0
Detecting Fake CAPTCHA Campaigns: ClickFix, ClearFake, and Etherhide
Summary
One of my good friends and former SOC protΓ©gΓ©βdropping π₯ analysis on a Monday afternoon. Epic work, @thecyber.dad π
www.thecyber.dad/p/detecting-...
22.04.2025 01:01 β π 7 π 2 π¬ 0 π 0
CVE extension to March 16th 2026
See yβall March 15th 2026 for the last minute renewal π«‘π
https://www.usaspending.gov/award/CONT_AWD_70RCSJ24FR0000018_7001_70RSAT20D00000001_7001
16.04.2025 14:31 β π 24 π 9 π¬ 2 π 1
BREAKING.
From a reliable source. MITRE support for the CVE program is due to expire tomorrow. The attached letter was sent out to CVE Board Members.
15.04.2025 17:23 β π 695 π 420 π¬ 38 π 207
Wow. CVE database is in serious trouble, in two days.
The cyber industry as a whole is in trouble also really, itβs the elephant in the room - the collapse of the White Houseβs support for cybersecurity is obvious and pronounced due to widespread cutbacks.
15.04.2025 18:12 β π 211 π 97 π¬ 9 π 10
cert.pl/uploads/docs... CERT Poland annual report.
04.04.2025 06:17 β π 0 π 0 π¬ 0 π 0
Retro-style poster titled "Now You're Debugging with Power!" promoting the Sysinternals Suite by Microsoft. It depicts a smiling technician in a suit holding a wrench, standing before a futuristic control panel, with an atomic rocket illustration overhead. The poster lists various Sysinternals tools like Process Explorer, Autoruns, Proc Monitor, Diskmon, RAMMA, and VMMap, each humorously described with atomic-era metaphors, emphasizing their capabilities in Windows diagnostics. The visual style evokes mid-20th-century propaganda posters, using bold typography and a warm, vintage color palette.
Here is one for you: 50's/60's space atomic age ads.
01.04.2025 03:26 β π 38 π 8 π¬ 1 π 0
CISAβs Red Team has been cut by DOGE. Somebody go hire them, theyβre really good.
11.03.2025 05:25 β π 203 π 136 π¬ 9 π 7
Use one Virtual Machine to own them allβββactive exploitation of ESXicape
A chain of three zero days allow threat actors to escape a Virtual Machine.
Update your VMware ESX farms ASAP.
There's an in the wild exploit chain being used which does VM -> Hypervisor escape, across all versions of ESXi. Allows full cluster access.
doublepulsar.com/use-one-virt...
05.03.2025 11:59 β π 62 π 29 π¬ 3 π 2
Original post on cyberplace.social
3 different VMware zero days, under active exploitation by ransomware groups
CVE-2025-22224, CVE-2025-22225, CVE-2025-22226
VMware ESXi
VMware Workstation Pro / Player (Workstation)
VMware Fusion
VMware Cloud Foundation
VMware Telco Cloud Platform
(Exploitation actually ESXi) [β¦]
04.03.2025 14:19 β π 64 π 27 π¬ 2 π 0
Aka @c_c_krebs over there
(he/him) Dad / Husband / Marine / Student / Teacher / @Hak5 / @NoVAHackers / @SiliconHBO / @NationalCCDC / @MARFORCYBER Auxiliary
Advances cybersecurity. Grows tech businesses. Fights malware.
CISO at Axonius. Faculty Fellow at SANS Institute. Creator of REMnux.
https://zeltser.com
Hacker. Friend. Cybersecurity Researcher at Huntress.
Web App (mostly) Hacker @NetSPI | Cybersecurity Educator | Content Creator | Ex-Brit | Links: http://linktr.ee/tib3rius (he/him) πΊπΈ A mostly unserious person.
Volatility Core developer, Dir. of Research Volexity, LSU Cyber
- Dad of two <3
- Co-founder Recon InfoSec
- SANS DFIR Instructor
- BlackHat Trainer
- IANS Faculty
- Trainer @digitaldefenseinstitute.com
- Blog: https://blog.ecapuano.com
- ⬑ ODESZA, Lane 8, Kasbo π§
- β€ @whit.zip
Cybersecurity weather person and award winning shitposter. Shitposting is an anagram of Top Insights. You may be surprised to know I am not representing [β¦]
[bridged from https://cyberplace.social/@GossiTheDog on the fediverse by https://fed.brid.gy/ ]
DFIR by day, DFIR by night.
Former vet tech.
Violinist, Salty, Tired, Meme Enthusiast.
Dogfather / Goon / Degenerate / southphillycisos.com/
Software and hardware hacker, (in)security researcher, musician,MTB/Gravel cyclist,politics nerd. Not necessarily in that order.βͺοΈSecurity research lead at that (other) bird company βͺοΈMastodon: https://infosec.exchange/@0xamit
English/Χ’ΧΧ¨ΧΧͺ/Poco espaΓ±ol
Breaker of software, responder of incidents, IANS Faculty, VP R&D Hunter Strategy, Supreme Allied Commander of ANTIFA.
Hi, I'm Scott Helme, a Security Researcher, Entrepreneur and International Speaker. I'm the creator of Report URI and Security Headers, and I deliver world renowned training on Hacking and Encryption.
https://scotthelme.co.uk
Co-Founder https://hacker.house cyber security assurance & hacker training ~ ISBN9781119561453 ~ a book on professional hacking. Contact for competitive quotes on cyber security projects.
Defcon goon, Adversarial Architect. Photography, Driving, Blog and general purveyor of chaos. Metal/DnB Fan
βοΈ AI Security R&D @ Prophet Security
π IR/TH/Incident Management Instructor
ποΈ Frequent Guest on Cybersecurity Defender's Podcast
Professional hacker, accidental educator. Rhode Island is not an island.
Placeholder profile : https://x.com/cyb3rops | glad to be in this respectful safe space | vi/vim
UK's best combined Information Security Conference and training event.
https://44con.com
