Among the variety of cyber-attacks that we witness happening around us, Zero-day attacks are remarkably insidious in nature. Due to the fact that these attacks exploit the unknown vulnerabilities, zero-day...
Over the past year, security teams have observed an uptick in adversaries leveraging native Windows Scheduled Tasks to maintain footholds in compromised environments. Unlike elaborate rootkits or zero-day exploits, these techniques exploit built-in system functionality, enabling threat actors to persist without deploying additional binaries or complex toolchains. By integrating malicious commands directly into Task Scheduler
A sophisticated obfuscation technique that threat actors are using to bypass detection systems and exploit Python's eval() and exec() functions for malicious code execution. With over 100 supply chain attacks reported on PyPI in the past five years, these techniques pose a significant risk to organizations relying on Python packages. Key Takeaways1. Hackers hide malicious
A detailed proof-of-concept exploit and comprehensive vulnerability analysis have been released for CVE-2025-43300, a critical zero-click remote code execution flaw affecting Apple's image processing infrastructure. The vulnerability, discovered in Apple's implementation of JPEG Lossless Decompression within the RawCamera.bundle, allows attackers to achieve code execution without any user interaction through maliciously crafted DNG (Digital Negative) files.
arXiv:2508.15839v1 Announce Type: new Abstract: As AI systems increasingly influence critical decisions, they face threats that exploit reasoning mechanisms rather than technical infrastructure. We present a framework for cognitive cybersecurity, a systematic protection of AI reasoning processes from adversarial manipulation. Our contributions are threefold. First, we establish cognitive cybersecurity as a discipline complementing traditional cybersecurity and AI safety, addressing...
This past week was packed with high-severity disclosures and active exploitation reports across the global threat landscape. At the forefront, Apple rushed out emergency patches for yet another zero-day vulnerability affecting iOS, iPadOS, and macOS devices. The flaw, reportedly being exploited in the wild, highlights the continued trend of nation-state and surveillance actors leveraging critical
The term "In the Wild" is broadly used to refer to any activity that has been observed outside of a controlled environment. It's an important metric in security because criminals...
FortiWeb has recently released details of a vulnerability (CVE-2025-52970) - for which a technical exploit write-up exists but no public POC as of yet. Someone has now reversed the write-up and is actively attempting exploitation. I run a set of FortiWeb honeypots and got detections on this on three separate honeypots: GET /api/v2.0/system/status.systemstatus HTTP/1.1 Host: xxxxxxx User-Agent: Mozilla/5.0 (CentOS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0...
r/cybersecurity r/programming r/netsecstudents Hi everyone, I'm 15 years old and passionate about cybersecurity. Over the past months, I've been working on a small personal project called Elaina-Cute - an Exploitation & Command-and-Control (C2) framework made purely for learning purposes. Features (research-focused): Web & infrastructure exploitation (Web, LDAP, ADCS, WinRM, SSRF, etc.) Beacon/implant management over HTTP(S) TOR & Burp Suite integration for attack chains PyQt5 GUI + CLI Basic...
Cybersecurity researchers are calling attention to multiple campaigns that leverage known security vulnerabilities and expose Redis servers to various malicious activities, including leveraging the compromised devices as IoT botnets, residential proxies, or cryptocurrency mining infrastructure. The first set of attacks entails the exploitation of CVE-2024-36401 (CVSS score: 9.8), a critical
In this second post about Windsurf Cascade we are exploring the SpAIware attack, which allows memory persistent data exfiltration. SpAIware is an attack we first successfully demonstrated with ChatGPT last year and OpenAI mitigated. While inspecting the system prompt of Windsurf Cascade I noticed that it has a create_memory tool. Creating Memories The question that immediately popped into my head was if this tool will require human approval when Cascade creates a long-term memory, or if it is...
A Chinese state-sponsored hacking group known as Murky Panda (Silk Typhoon) exploits trusted relationships in cloud environments to gain initial access to the networks and data of downstream customers.
As mentioned in the thread: Remote execution MMS vulnerability in Apple and Android products : r/cybersecurity time is up! You can find the code to perform the exploit here If you have any questions regarding the code, feel free to drop a comment. Enjoy! submitted by /u/Firewolf386 [link] [comments]
A sophisticated China-nexus threat actor designated MURKY PANDA has emerged as a significant cybersecurity concern, conducting extensive cyberespionage operations against government, technology, academic, legal, and professional services entities across North America since late 2024. This advanced persistent threat group demonstrates exceptional capabilities in cloud environment exploitation and trusted-relationship compromises, marking a concerning evolution in state-sponsored
Scattered spider, ShinyHunters, Lapsus joining forces. Some of them getting arrested, their Telegram chats getting popped. Apple patches 0-day under active exploitation and much more!
Linux environments, long considered bastions of security, are facing a sophisticated new threat that challenges traditional assumptions about operating system safety. A recently discovered malware campaign exploits an ingenious attack vector that weaponizes RAR archive filenames to deliver the VShell backdoor, demonstrating how attackers are evolving beyond conventional exploitation techniques to target scripting patterns and
Artificial intelligence systems can automatically generate functional exploits for newly published Common Vulnerabilities and Exposures (CVEs) in just 10-15 minutes at approximately $1 per exploit. This breakthrough significantly compresses the traditional "grace period" that defenders typically rely on to patch vulnerabilities before working exploits become available. The research, conducted by security experts Efi Weiss and
arXiv:2508.15386v1 Announce Type: new Abstract: Memory corruption vulnerabilities remain one of the most severe threats to software security. They often allow attackers to achieve arbitrary code execution by redirecting a vulnerable program's control flow. While Control Flow Integrity (CFI) has gained traction to mitigate this exploitation path, developers are not provided with any direction on how to apply CFI to real-world software. In this work, we establish a taxonomy mapping LLVM's...
Microsoft restricts Chinese firms' access to its MAPP program, Apple patches a zero-day used in the wild, a Scattered Spider member gets 10 years in prison, and a new exploit broker pops up in the UAE.
submitted by /u/digicat [link] [comments]