For the latest discoveries in cyber research for the week of 4th August, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES Russia’s largest airline Aeroflot has been attacked by pro-Ukrainian hacktivist groups, resulting in severe flight delays and major technical disruptions. The attackers claim to have exfiltrated databases containing flight history, workstation data,…
ISC Stormcast For Monday, August 4th, 2025 https://isc.sans.edu/podcastdetail/9554, (Mon, Aug 4th) Source link
Just saw something that I thought was long gone. The username “pop3user” is showing up in our telnet/ssh logs. I don’t know how long ago it was that I used POP3 to retrieve e-mail from one of my mail servers. IMAP and various webmail systems have long since replaced this classic email protocol. But at…
# Titles: Microsoft Virtual Hard Disk (VHDX) 11 – Remote Code Execution (RCE) # Author: nu11secur1ty # Date: 07/23/2025 # Vendor: Microsoft # Software: https://www.microsoft.com/en-us/windows/windows-11?r=1 # Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-49683 # Base Score: 7.8 HIGHVector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H ## Overview This PowerShell script (`vdh.ps1`) demonstrates a **soft corruption vulnerability** in Windows Virtual Hard Disk (VHDX) handling, related…
#!/usr/bin/env python3 # Exploit Title: Ultimate Member WordPress Plugin 2.6.6 – Privilege Escalation # Exploit Author: Gurjot Singh # CVE: CVE-2023-3460 # Description : The attached PoC demonstrates how an unauthenticated attacker can escalate privileges to admin by abusing unsanitized input in `wp_capabilities` during registration. import requests import argparse import re import…
/* * Author : Byte Reaper * Telegram : @ByteReaper0 * CVE : CVE-2025-8191 * Title : Swagger UI 1.0.3 – Cross-Site Scripting (XSS) * Description : CVE-2025-8191, a vulnerability in the Swagger UI service due to poor description parameter filtering, leading to command execution on a remote server. * */ #include #include…
/* * Author : Byte Reaper * Title : LPAR2RRD 8.04 – Remote Code Execution (RCE) * CVE : CVE-2025-54769 * Vulnerability: RCE && directory traversal * Description : Uploads a malicious Perl script via the LPAR2RRD upgrade endpoint, * exploits directory traversal to place it in a CGI-executable path, then triggers remote…
/* * Author : Byte Reaper * CVE : CVE-2025-54589 * Title : Copyparty 1.18.6 – Reflected Cross-Site Scripting (XSS) * CVE-2025-54589 is a reflected cross-site scripting (XSS) vulnerability in Copyparty (≤ 1.18.6) where the filter parameter is inserted into the HTML response without proper sanitization, allowing an attacker to inject and execute arbitrary JavaScript…
# Titles: Microsoft Edge (Chromium-based) 135.0.7049.114/.115 – Information Disclosure # Date: 08/02/2025 # Vendor: Microsoft # Software: https://www.microsoft.com/bg-bg/edge/download?form=MA13FJ # Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-49741 ## Description # CVE-2025-49741 Exploit Server **Author:** nu11secur1ty (2025) ## Overview This Python script simulates an exploit targeting a Microsoft Edge (Chromium-based) information disclosure vulnerability identified as **CVE-2025-49741**. It runs…
/* * Author : Byte Reaper * CVE : CVE-2025-41373 * Vulnerability : SQL * Affected Path : /encuestas/integraweb_v4/integra/html/view/hislistadoacciones.php?idestudio= * Affected Versions : 2.1.2217.3 to v4.4.2236.1 * Description: * This endpoint concatenates the `idestudio` parameter directly into an SQL query * without proper sanitization or parameterization, allowing an attacker to inject * arbitrary SQL….
