Hacking

#!/usr/bin/env python3 # -*- coding: utf-8 -*- # Exploit Title: Fortra GoAnywhere MFT 7.4.1 – Authentication Bypass # Date: 2025-05-25 # Exploit Author: @ibrahimsql # Exploit Author’s github: https://github.com/ibrahimsql # Vendor Homepage: https://www.fortra.com/products/secure-file-transfer/goanywhere-mft # Software Link: https://www.fortra.com/products/secure-file-transfer/goanywhere-mft/free-trial # Version: < 7.4.1 # Tested on: Kali Linux 2024.1 # CVE: CVE-2024-0204 # Description: # Fortra GoAnywhere…

Microsoft’s May 2025 Patch Tuesday rolls out critical security updates, addressing multiple vulnerabilities across Windows, Office, and other key products. Here’s a quick breakdown of what you need to know. Microsoft Patch Tuesday for May 2025 In this month’s Patch Tuesday, May 2025 edition, Microsoft addressed 76 vulnerabilities. The updates include five critical and 66…

RAT’s are popular malware. They are many of them in the wild, Quasar[1] being one of them. The malware has been active for a long time and new campaigns come regularly back on stage. I spotted an interesting .bat file (Windows script) that attracted my attention because it is very well obfuscated. This file is a…

# Exploit Title: Campcodes Online Hospital Management System 1.0 – SQL Injection # Google Dork: N/A # Exploit Author: Carine Constantino # Vendor Homepage: https://www.campcodes.com # Software Link: https://www.campcodes.com/projects/online-hospital-management-system-using-php-and-mysql/ # Version: 1.0 # Tested on: Linux – Ubuntu Ubuntu 23.10 # CVE: CVE-2025-5298 # Campcodes Online Hospital Management System 1.0 is vulnerable to…

ISC Stormcast For Wednesday, June 11th, 2025 https://isc.sans.edu/podcastdetail/9488, (Wed, Jun 11th) Source link

# Exploit Title: SolarWinds Serv-U 15.4.2 HF1 – Directory Traversal # Date: 2025-05-28 # Exploit Author: @ibrahimsql # Exploit Author’s github: https://github.com/ibrahimsql # Vendor Homepage: https://www.solarwinds.com/serv-u-managed-file-transfer-server # Software Link: https://www.solarwinds.com/serv-u-managed-file-transfer-server/registration # Version: <= 15.4.2 HF1 # Tested on: Kali Linux 2024.1 # CVE: CVE-2024-28995 # Description: # SolarWinds Serv-U was susceptible to a directory…

Last updated at Mon, 02 Jun 2025 19:44:55 GMT At the Take Command 2025 Virtual Cybersecurity Summit, a standout session titled Risk Revolution brought together Rapid7 product leaders and ESG analyst Tyler Shields to unpack the evolution of exposure management — and how organizations can build more context-driven, proactive risk strategies. Hosted by Ryan Blanchard,…

When launching privacy-critical apps and services, developers want to make sure that every packet really only goes through Tor. One mistyped proxy setting–or a single system-call outside the SOCKS wrapper–and your data is suddenly on the line. That’s why today, we are excited to introduce oniux: a small command-line utility providing Tor network isolation for…

Last updated at Tue, 03 Jun 2025 20:30:10 GMT The rise of GenAI-powered applications – from internal copilots to customer-facing chatbots – is changing how businesses operate. While these tools drive innovation, they also introduce a fast moving, often invisible layer of risk. Most traditional AppSec tools were never built to handle the unique threats…

Microsoft’s June 2025 Patch Tuesday has landed, addressing a new batch of critical and important vulnerabilities across Windows and enterprise products. Here’s a quick breakdown of what you need to know. Microsoft Patch Tuesday for June 2025 In this month’s Patch Tuesday, June 2025 edition, Microsoft addressed 69 vulnerabilities. The updates include 10 critical and…