Hacking

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. Source link

There are some upcoming DShield honeypot [1] changes that introduce some opportunities for additional customization and data analysis. For most users, no additional actions are needed. A couple of those changes: dshield.ini file move from /etc/ to /srv/dshield/etc/ – A symbolic link will exist for the previous file location for backward compatibility. If you…

2.5 million people were affected, in a breach that could spell more trouble down the line. Source link

#!/usr/bin/env python3 # Exploit Title: Grandstream GSD3710 1.0.11.13 – Stack Overflow # Date: 2025-05-29 # Exploit Author: Pepelux # Vendor Homepage: https://www.grandstream.com/ # Version: Grandstream GSD3710 – firmware:1.0.11.13 and lower # Tested on: Linux and MacOS # CVE: CVE-2022-2025 “”” Author: Jose Luis Verdeguer (@pepeluxx) Required: Pwntools Example: $…

ISC Stormcast For Friday, June 6th, 2025 https://isc.sans.edu/podcastdetail/9482, (Fri, Jun 6th) Source link

In today’s ever-evolving security landscape, organizations face an unprecedented expansion of digital assets—and with that expansion comes a growing attack surface. We’re proud to announce that Qualys has been named The Leader in the 2025 KuppingerCole Leadership Compass for Attack Surface Management (ASM), a testament to our commitment to providing comprehensive and proactive cybersecurity solutions….

Last updated at Fri, 06 Jun 2025 23:25:29 GMT ThinManager Path Traversal (CVE-2023-27855) Arbitrary File Upload Authors: Michael Heinzl and TenableType: AuxiliaryPull request: #20138 contributed by h4x-x0rPath: admin/networking/thinmanager_traversal_uploadAttackerKB reference: CVE-2023-2917 Description: Adds an auxiliary module that targets CVE-2023-27855, a path traversal vulnerability in ThinManager <= v13.0.1 to upload an arbitrary file to the target system…

#!/usr/bin/env python3 # Exploit Title: Microsoft Windows Server 2025 JScript Engine – Remote Code Execution (RCE) # Exploit Author: Mohammed Idrees Banyamer # Instagram: @@banyamer_security # GitHub: https://github.com/mbanyamer # Date: 2025-05-31 # CVE: CVE-2025-30397 # Vendor: Microsoft # Affected Versions: Windows Server 2025 (build 25398 and prior) # Tested on: Windows Server 2025 +…

For the latest discoveries in cyber research for the week of 2nd June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES IT management software company ConnectWise confirmed that a sophisticated nation-state cyberattack had compromised its environment, affecting a limited number of customers using its ScreenConnect remote access tool. The company launched a forensic…

Wireshark release 4.4.7 fixes 1 vulnerability (%%cve:2025-5601%%) and 8 bugs. Source link