AutoIT3[1] is a powerful language that helps to built nice applications for Windows environments, mainly to automate tasks. If it looks pretty old, the latest version was released last September and it remains popular amongst developers, for the good… or the bad! Malware written in AutoIt3 has existed since the late 2000s, when attackers realized…
ISC Stormcast For Friday, December 5th, 2025 https://isc.sans.edu/podcastdetail/9726, (Fri, Dec 5th) Source link
Overview On December 3, 2025, Meta disclosed a new vulnerability, CVE-2025-55182, which has since been dubbed React2Shell. A second CVE identifier, CVE-2025-66478, was assigned and published to track the vulnerability in the context of Next.js. However this second CVE has since been rejected as a duplicate of CVE-2025-55182, as the root cause in all cases…
A critical remote code execution (RCE) vulnerability in 7-Zip (CVE-2025-11001) is now being actively exploited. The issue stems from improper handling of symbolic links within crafted ZIP files. When a malicious archive is extracted, 7-Zip may write files outside the intended directory, allowing an attacker to overwrite system files or execute arbitrary code with the…
In cybersecurity today, regulation is everywhere, but resilience isn’t keeping pace. In this episode of Experts on Experts: Commanding Perspectives, Craig Adams chats with Sabeen Malik, VP of Public Policy & Government Affairs at Rapid7, about what’s broken (and what’s promising) in today’s regulatory landscape. Sabeen pulls from her experience across diplomacy, operations, and government…
[This is a Guest Diary by Jackie Nguyen, an ISC intern as part of the SANS.edu BACS program] The ISC internship didn’t just teach me about security, it changed how I thought about threats entirely. There’s something intriguing about watching live attacks materialize on your DShield Honeypot, knowing that somewhere across the world, an attacker…
ISC Stormcast For Thursday, December 4th, 2025 https://isc.sans.edu/podcastdetail/9724, (Thu, Dec 4th) Source link
# Exploit Title: phpMyFAQ 2.9.8 Cross-Site Request Forgery (CSRF) # Date: 2024-10-26 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/thorsten/phpMyFAQ # Software Link: https://github.com/thorsten/phpMyFAQ # Version: 2.9.8 # Tested on: Ubuntu Windows # CVE : CVE-2017-15735 PoC: While still logged in, open another browser window: …
# Exploit Title: phpMyFAQ 2.9.8 – Cross-Site Request Forgery(CSRF) # Date: 2024-10-26 # Exploit Author: CodeSecLab # Vendor Homepage: https://github.com/thorsten/phpMyFAQ # Software Link: https://github.com/thorsten/phpMyFAQ # Version: 2.9.8 # Tested on: Ubuntu Windows # CVE : CVE-2017-15734 PoC: Get http://phpmyfaq/admin/index.php?action=clear-visits Reproduction: While still logged in, open another browser window to access the link. …
From internet blackouts in Iran to Russia’s evolving censorship tactics, 2025 has tested Tor’s anti-censorship tools like never before. These are the moments where the work of Tor’s anti-censorship team is more important than ever, to fulfill our mission of preserving connectivity between users in affected regions and the rest of the world. In this…
