Changes and updates Add a Show Password option when setting the screen locking password. Update the uBlock Origing extension for Tor Browser to 1.62.0. Update Tor Browser to 14.5.4. Fixed problems Display an empty page instead of the homepage of Tor Browser when opening new tabs in the Unsafe Browser. (#21004) Remove duplicated CPU microcode…
# Exploit Title: Microsoft Excel 2024 Use after free – Remote Code Execution (RCE) # Author: nu11secur1ty # Date: 06/24/2025 # Vendor: Microsoft # Software: https://www.microsoft.com/en/microsoft-365/excel?market=af # Reference: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-47165 # CVE: CVE-2025-47165 # Versions: Microsoft Office LTSC 2024 , Microsoft Office LTSC 2021, Microsoft 365 Apps for Enterprise # Description: The attacker can trick…
# Exploit Title: freeSSHd 1.0.9 – Denial of Service (DoS) # Date: 2024-01-13 # Discovery by: Fernando Mengali # Linkedin: https://www.linkedin.com/in/fernando-mengali/ # Software Link: https://www.exploit-db.com/apps/be82447d556d60db55053d658b4822a8-freeSSHd.exe # Version: 1.0.9 # Tested on: Window XP Professional – Service Pack 2 and 3 – English # Vulnerability Type: Denial of Service (DoS) # Tested on: Windows XP -…
# Exploit Title: Pterodactyl Panel 1.11.11 – Remote Code Execution (RCE) # Date: 22/06/2025 # Exploit Author: Zen-kun04 # Vendor Homepage: https://pterodactyl.io/ # Software Link: https://github.com/pterodactyl/panel # Version: < 1.11.11 # Tested on: Ubuntu 22.04.5 LTS # CVE: CVE-2025-49132 import requests import json import argparse import colorama import urllib3 urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) arg_parser =…
– **Exploit Title**: OneTrust SDK 6.33.0 – Denial Of Service (DoS) – **Date**: 01/01/2025 – **Exploit Author**: Alameen Karim Merali – **Vendor Homepage**: [OneTrust JavaScript API](https://developer.onetrust.com/onetrust/docs/javascript-api) – **Software Link**: [otBannerSdk.js v6.33.0](https://discord.com/assets/oneTrust/v4/scripttemplates/6.33.0/otBannerSdk.js) – **Version**: 6.33.0 – **Tested on**: Kali Linux – **CVE ID**: CVE-2024-57708 ## Vulnerability Summary A vulnerability exists in **OneTrust SDK v6.33.0**…
# Exploit Title: PX4 Military UAV Autopilot 1.12.3 – Denial of Service (DoS) # Author: Mohammed Idrees Banyamer (@banyamer_security) # GitHub: https://github.com/mbanyamer # Date: 2025-06-21 # Tested on: Ubuntu 20.04 LTS + PX4 SITL (jMAVSim) # CVE: CVE-2025-5640 # Type: Denial of Service (DoS) via Buffer Overflow # Platform: Cross-platform (Military UAVs / PX4 SITL…
ISC Stormcast For Thursday, June 26th, 2025 https://isc.sans.edu/podcastdetail/9506, (Thu, Jun 26th) Source link
“The art of communication is the language of leadership.” — James Humes, former Presidential speechwriter and author. Cybersecurity teams face adversaries who thrive in chaos. Attackers move fast, automate, and strike where defenses are weakest. In a borderless digital world, disruption is constant, driven by innovation, complexity, and the pressure to move faster, often at…
Key findings Amid ongoing tensions between Iran and Israel, the Iranian threat group Educated Manticore, associated with the Islamic Revolutionary Guard Corps, has launched spear-phishing campaigns targeting Israeli journalists, high-profile cyber security experts and computer science professors from leading Israeli universities. In some of those campaigns, Israeli technology and cyber security professionals were approached by attackers who…
In this write-up we present a malware sample found in the wild that boasts a novel and unusual evasion mechanism — an attempted prompt injection (”Ignore all previous instructions…”) aimed to manipulate AI models processing the sample. The sample gives the impression of an isolated component or an experimental proof-of-concept, and we can only speculate…
