# Exploit Title: Wing FTP Server 7.4.3 – Unauthenticated Remote Code Execution (RCE) # CVE: CVE-2025-47812 # Date: 2025-06-30 # Exploit Author: Sheikh Mohammad Hasan aka 4m3rr0r (https://github.com/4m3rr0r) # Vendor Homepage: https://www.wftpserver.com/ # Version: Wing FTP Server <= 7.4.3 # Tested on: Linux (Root Privileges), Windows (SYSTEM Privileges) # Description: # Wing FTP Server…
We’re proud to share that Qualys has been named an Overall Leader in the 2025 KuppingerCole Leadership Compass for Cloud-Native Application Protection Platforms (CNAPP)—achieving leadership positions in both product and market presence. This recognition validates our commitment to delivering trusted and cutting-edge risk-driven cloud security that helps global enterprises protect what matters across hybrid environments,…
For the latest discoveries in cyber research for the week of 29th June, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Grocery giant Ahold Delhaize has disclosed a data breach that resulted in the theft of personal, financial, employment, and health information belonging to over 2.2 million individuals from its American business systems….
ISC Stormcast For Monday, June 30th, 2025 https://isc.sans.edu/podcastdetail/9510, (Mon, Jun 30th) Source link
ISC Stormcast For Friday, June 27th, 2025 https://isc.sans.edu/podcastdetail/9508, (Fri, Jun 27th) Source link
Changes and updates Add a Show Password option when setting the screen locking password. Update the uBlock Origing extension for Tor Browser to 1.62.0. Update Tor Browser to 14.5.4. Fixed problems Display an empty page instead of the homepage of Tor Browser when opening new tabs in the Unsafe Browser. (#21004) Remove duplicated CPU microcode…
# Exploit Title: Microsoft Excel 2024 Use after free – Remote Code Execution (RCE) # Author: nu11secur1ty # Date: 06/24/2025 # Vendor: Microsoft # Software: https://www.microsoft.com/en/microsoft-365/excel?market=af # Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47165 # CVE: CVE-2025-47165 # Versions: Microsoft Office LTSC 2024 , Microsoft Office LTSC 2021, Microsoft 365 Apps for Enterprise # Description: The attacker can trick…
# Exploit Title: freeSSHd 1.0.9 – Denial of Service (DoS) # Date: 2024-01-13 # Discovery by: Fernando Mengali # Linkedin: https://www.linkedin.com/in/fernando-mengali/ # Software Link: https://www.exploit-db.com/apps/be82447d556d60db55053d658b4822a8-freeSSHd.exe # Version: 1.0.9 # Tested on: Window XP Professional – Service Pack 2 and 3 – English # Vulnerability Type: Denial of Service (DoS) # Tested on: Windows XP -…
# Exploit Title: Pterodactyl Panel 1.11.11 – Remote Code Execution (RCE) # Date: 22/06/2025 # Exploit Author: Zen-kun04 # Vendor Homepage: https://pterodactyl.io/ # Software Link: https://github.com/pterodactyl/panel # Version: < 1.11.11 # Tested on: Ubuntu 22.04.5 LTS # CVE: CVE-2025-49132 import requests import json import argparse import colorama import urllib3 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) arg_parser =…
– **Exploit Title**: OneTrust SDK 6.33.0 – Denial Of Service (DoS) – **Date**: 01/01/2025 – **Exploit Author**: Alameen Karim Merali – **Vendor Homepage**: [OneTrust JavaScript API](https://developer.onetrust.com/onetrust/docs/javascript-api) – **Software Link**: [otBannerSdk.js v6.33.0](https://discord.com/assets/oneTrust/v4/scripttemplates/6.33.0/otBannerSdk.js) – **Version**: 6.33.0 – **Tested on**: Kali Linux – **CVE ID**: CVE-2024-57708 ## Vulnerability Summary A vulnerability exists in **OneTrust SDK v6.33.0**…
