Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 05 May 2026 03:03:52 +0000 8b0516c5-dc4a-4ca1-a672-2946891639c8 https://db.gcve.eu/sighting/8b0516c5-dc4a-4ca1-a672-2946891639c8/export {"uuid": "8b0516c5-dc4a-4ca1-a672-2946891639c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9854", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1540", "content": "#exploit\nCVE-2020-9854:\n\"Unauthd\" (macOS user -> kernel escalation with SIP bypass, three logic bugs ftw) (PoC)\nhttps://objective-see.com/blog/blog_0x4D.html", "creation_timestamp": "2021-10-27T03:11:44.000000Z"} {"uuid": "8b0516c5-dc4a-4ca1-a672-2946891639c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9854", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1540", "content": "#exploit\nCVE-2020-9854:\n\"Unauthd\" (macOS user -> kernel escalation with SIP bypass, three logic bugs ftw) (PoC)\nhttps://objective-see.com/blog/blog_0x4D.html", "creation_timestamp": "2021-10-27T03:11:44.000000Z"} https://db.gcve.eu/sighting/8b0516c5-dc4a-4ca1-a672-2946891639c8/export Wed, 27 Oct 2021 03:11:44 +0000 0c5afd3b-84d4-4d51-b32e-0b7e7c8b7f22 https://db.gcve.eu/sighting/0c5afd3b-84d4-4d51-b32e-0b7e7c8b7f22/export {"uuid": "0c5afd3b-84d4-4d51-b32e-0b7e7c8b7f22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9854", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7411", "content": "#exploit\n1. CVE-2020-9854:\n\"Unauthd\" - three logic bugs ftw\nhttps://objective-see.org/blog/blog_0x4D.html\n\n2. CVE-2022-3875, CVE-2022-3876, CVE-2022-3877:\nVulnerabilities in Passwordstate\nhttps://www.modzero.com/modlog/archives/2022/12/19/better_make_sure_your_password_manager_is_secure/index.html", "creation_timestamp": "2022-12-23T22:31:07.000000Z"} {"uuid": "0c5afd3b-84d4-4d51-b32e-0b7e7c8b7f22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9854", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7411", "content": "#exploit\n1. CVE-2020-9854:\n\"Unauthd\" - three logic bugs ftw\nhttps://objective-see.org/blog/blog_0x4D.html\n\n2. CVE-2022-3875, CVE-2022-3876, CVE-2022-3877:\nVulnerabilities in Passwordstate\nhttps://www.modzero.com/modlog/archives/2022/12/19/better_make_sure_your_password_manager_is_secure/index.html", "creation_timestamp": "2022-12-23T22:31:07.000000Z"} https://db.gcve.eu/sighting/0c5afd3b-84d4-4d51-b32e-0b7e7c8b7f22/export Fri, 23 Dec 2022 22:31:07 +0000 4f71b630-8268-4ef0-98f6-9b14e73532c3 https://db.gcve.eu/sighting/4f71b630-8268-4ef0-98f6-9b14e73532c3/export {"uuid": "4f71b630-8268-4ef0-98f6-9b14e73532c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9854", "type": "seen", "source": "https://t.me/crackcodes/1979", "content": "#exploit\n1. CVE-2020-9854:\n\"Unauthd\" - three logic bugs ftw\nhttps://objective-see.org/blog/blog_0x4D.html\n\n2. CVE-2022-3875, CVE-2022-3876, CVE-2022-3877:\nVulnerabilities in Passwordstate\nhttps://www.modzero.com/modlog/archives/2022/12/19/better_make_sure_your_password_manager_is_secure/index.html", "creation_timestamp": "2022-12-24T17:39:19.000000Z"} {"uuid": "4f71b630-8268-4ef0-98f6-9b14e73532c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9854", "type": "seen", "source": "https://t.me/crackcodes/1979", "content": "#exploit\n1. CVE-2020-9854:\n\"Unauthd\" - three logic bugs ftw\nhttps://objective-see.org/blog/blog_0x4D.html\n\n2. CVE-2022-3875, CVE-2022-3876, CVE-2022-3877:\nVulnerabilities in Passwordstate\nhttps://www.modzero.com/modlog/archives/2022/12/19/better_make_sure_your_password_manager_is_secure/index.html", "creation_timestamp": "2022-12-24T17:39:19.000000Z"} https://db.gcve.eu/sighting/4f71b630-8268-4ef0-98f6-9b14e73532c3/export Sat, 24 Dec 2022 17:39:19 +0000 b7778851-5652-45f9-baa7-2d1270f41a69 https://db.gcve.eu/sighting/b7778851-5652-45f9-baa7-2d1270f41a69/export {"uuid": "b7778851-5652-45f9-baa7-2d1270f41a69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9854", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/339", "content": "Cyber Security News - \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\nMeddler-in-the-Middle Phishing Attacks Explained\n\nhttps://unit42.paloaltonetworks.com/meddler-phishing-attacks\n\n\u200aOWASSRF \u2013 New Exploit Let Attacker Execute Remote Code on Microsoft Exchange Server\n\nhttps://gbhackers.com/owassrf/\n\n\u200b\u200bWindows Drivers Reverse Engineering Methodology\n\nThis blog post details a methodology for reverse engineering and finding vulnerable code paths in Windows drivers.\nIncluding a guide for setting up a lab for (the pesky) kernel debugging.\n\nhttps://voidsec.com/windows-drivers-reverse-engineering-methodology/\n\n\u200aGuide: Reporting Telnyx LLC spam\n\nhttps://latesthackingnews.com/2022/12/22/guide-reporting-telnyx-llc-spam/\n\n\u200aNetLlix - A Project Created With An Aim To Emulate And Test Exfiltration Of Data Over Different Network Protocols\n\nhttp://www.kitploit.com/2022/12/netllix-project-created-with-aim-to.html\n\n\u200aZoom Whiteboard patches XSS bug\n\nhttps://portswigger.net/daily-swig/zoom-whiteboard-patches-xss-bug\n\n\u200aBug bounty and AI: How machine learning is changing the game for cybersecurity\n\nhttps://blog.intigriti.com/2022/12/22/bug-bounty-and-ai-how-machine-learning-is-changing-the-game-for-cybersecurity/\n\n\u200aBlack Hat Europe 2022 NOC: The SOC Inside the NOC\n\nhttps://blogs.cisco.com/security/black-hat-europe-2022-noc-the-soc-inside-the-noc\n\nCVE-2020-9854: \"Unauthd\" - three logic bugs ftw\n\nhttps://objective-see.org/blog/blog_0x4D.html\n\nCritical Remote Code Execution Vulnerability in Linux Kernel\n\nhttps://securityonline.info/critical-remote-code-execution-vulnerability-in-linux-kernel/\n\n\u200aLean, green coding machine: How sustainable computing drive can reduce attack surfaces\n\nhttps://portswigger.net/daily-swig/lean-green-coding-machine-how-sustainable-computing-drive-can-reduce-attack-surfaces\n\n\u200aBrave launches FrodoPIR, a privacy-focused database query system\n\nhttps://www.bleepingcomputer.com/news/security/brave-launches-frodopir-a-privacy-focused-database-query-system/\n\n\u200aHTTP Header Injection\n\nhttps://infosecwriteups.com/http-header-injection-4ba857fb9a16?source=rss----7b722bfd1b8d---4\n\n\u200aVice Society ransomware gang switches to new custom encryptor\n\nhttps://www.bleepingcomputer.com/news/security/vice-society-ransomware-gang-switches-to-new-custom-encryptor/\n\n\u200aComcast Xfinity accounts hacked in widespread 2FA bypass attacks\n\nhttps://www.bleepingcomputer.com/news/security/comcast-xfinity-accounts-hacked-in-widespread-2fa-bypass-attacks/\n\n\u200aInsiders worry CISA is too distracted from critical cyber mission\n\nhttps://www.cyberscoop.com/cisa-dhs-easterly-cyber-mission/\n\n\u200aDuckDuckGo now blocks Google sign-in pop-ups on all sites\n\nhttps://www.bleepingcomputer.com/news/security/duckduckgo-now-blocks-google-sign-in-pop-ups-on-all-sites/\n\n\u200aSoftware bills of material face long road to adoption\n\nhttps://www.cyberscoop.com/dhs-sbom-adoption/\n\n\u200aLastpass: Hackers stole customer vault data in cloud storage breach\n\nhttps://www.bleepingcomputer.com/news/security/lastpass-hackers-stole-customer-vault-data-in-cloud-storage-breach/\n\n\u200aLeading sports betting firm BetMGM discloses data breach\n\nhttps://www.bleepingcomputer.com/news/security/leading-sports-betting-firm-betmgm-discloses-data-breach/\n\n\u200aCritical Remote Code Execution Vulnerability in Linux Kernel\n\nhttps://securityonline.info/critical-remote-code-execution-vulnerability-in-linux-kernel/\n\n\u200aPoC Code Published for Triggering RCE (CVE-2022-43571) in Splunk Enterprise\n\nhttps://securityonline.info/poc-code-published-for-triggering-rce-cve-2022-43571-in-splunk-enterprise/\n\n\u200aRaspberry Robin Malware Attacks Against Telecom and Government Sectors\n\nhttps://cybersecuritynews.com/raspberry-robin-malware/\n\n\u200aNew Zerobot Malware Exploiting Apache Vulnerabilities to Launch DDoS Attack\n\nhttps://cybersecuritynews.com/zerobot-malware/\n\n\u200aKmsdBot Botnet Leverages SSH to Compromise Systems and to Launch DDoS Attacks\n\nhttps://gbhackers.com/kmsdbot-ddos-botnet/\n\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-01-03T20:18:12.000000Z"} {"uuid": "b7778851-5652-45f9-baa7-2d1270f41a69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9854", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/339", "content": "Cyber Security News - \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\nMeddler-in-the-Middle Phishing Attacks Explained\n\nhttps://unit42.paloaltonetworks.com/meddler-phishing-attacks\n\n\u200aOWASSRF \u2013 New Exploit Let Attacker Execute Remote Code on Microsoft Exchange Server\n\nhttps://gbhackers.com/owassrf/\n\n\u200b\u200bWindows Drivers Reverse Engineering Methodology\n\nThis blog post details a methodology for reverse engineering and finding vulnerable code paths in Windows drivers.\nIncluding a guide for setting up a lab for (the pesky) kernel debugging.\n\nhttps://voidsec.com/windows-drivers-reverse-engineering-methodology/\n\n\u200aGuide: Reporting Telnyx LLC spam\n\nhttps://latesthackingnews.com/2022/12/22/guide-reporting-telnyx-llc-spam/\n\n\u200aNetLlix - A Project Created With An Aim To Emulate And Test Exfiltration Of Data Over Different Network Protocols\n\nhttp://www.kitploit.com/2022/12/netllix-project-created-with-aim-to.html\n\n\u200aZoom Whiteboard patches XSS bug\n\nhttps://portswigger.net/daily-swig/zoom-whiteboard-patches-xss-bug\n\n\u200aBug bounty and AI: How machine learning is changing the game for cybersecurity\n\nhttps://blog.intigriti.com/2022/12/22/bug-bounty-and-ai-how-machine-learning-is-changing-the-game-for-cybersecurity/\n\n\u200aBlack Hat Europe 2022 NOC: The SOC Inside the NOC\n\nhttps://blogs.cisco.com/security/black-hat-europe-2022-noc-the-soc-inside-the-noc\n\nCVE-2020-9854: \"Unauthd\" - three logic bugs ftw\n\nhttps://objective-see.org/blog/blog_0x4D.html\n\nCritical Remote Code Execution Vulnerability in Linux Kernel\n\nhttps://securityonline.info/critical-remote-code-execution-vulnerability-in-linux-kernel/\n\n\u200aLean, green coding machine: How sustainable computing drive can reduce attack surfaces\n\nhttps://portswigger.net/daily-swig/lean-green-coding-machine-how-sustainable-computing-drive-can-reduce-attack-surfaces\n\n\u200aBrave launches FrodoPIR, a privacy-focused database query system\n\nhttps://www.bleepingcomputer.com/news/security/brave-launches-frodopir-a-privacy-focused-database-query-system/\n\n\u200aHTTP Header Injection\n\nhttps://infosecwriteups.com/http-header-injection-4ba857fb9a16?source=rss----7b722bfd1b8d---4\n\n\u200aVice Society ransomware gang switches to new custom encryptor\n\nhttps://www.bleepingcomputer.com/news/security/vice-society-ransomware-gang-switches-to-new-custom-encryptor/\n\n\u200aComcast Xfinity accounts hacked in widespread 2FA bypass attacks\n\nhttps://www.bleepingcomputer.com/news/security/comcast-xfinity-accounts-hacked-in-widespread-2fa-bypass-attacks/\n\n\u200aInsiders worry CISA is too distracted from critical cyber mission\n\nhttps://www.cyberscoop.com/cisa-dhs-easterly-cyber-mission/\n\n\u200aDuckDuckGo now blocks Google sign-in pop-ups on all sites\n\nhttps://www.bleepingcomputer.com/news/security/duckduckgo-now-blocks-google-sign-in-pop-ups-on-all-sites/\n\n\u200aSoftware bills of material face long road to adoption\n\nhttps://www.cyberscoop.com/dhs-sbom-adoption/\n\n\u200aLastpass: Hackers stole customer vault data in cloud storage breach\n\nhttps://www.bleepingcomputer.com/news/security/lastpass-hackers-stole-customer-vault-data-in-cloud-storage-breach/\n\n\u200aLeading sports betting firm BetMGM discloses data breach\n\nhttps://www.bleepingcomputer.com/news/security/leading-sports-betting-firm-betmgm-discloses-data-breach/\n\n\u200aCritical Remote Code Execution Vulnerability in Linux Kernel\n\nhttps://securityonline.info/critical-remote-code-execution-vulnerability-in-linux-kernel/\n\n\u200aPoC Code Published for Triggering RCE (CVE-2022-43571) in Splunk Enterprise\n\nhttps://securityonline.info/poc-code-published-for-triggering-rce-cve-2022-43571-in-splunk-enterprise/\n\n\u200aRaspberry Robin Malware Attacks Against Telecom and Government Sectors\n\nhttps://cybersecuritynews.com/raspberry-robin-malware/\n\n\u200aNew Zerobot Malware Exploiting Apache Vulnerabilities to Launch DDoS Attack\n\nhttps://cybersecuritynews.com/zerobot-malware/\n\n\u200aKmsdBot Botnet Leverages SSH to Compromise Systems and to Launch DDoS Attacks\n\nhttps://gbhackers.com/kmsdbot-ddos-botnet/\n\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-01-03T20:18:12.000000Z"} https://db.gcve.eu/sighting/b7778851-5652-45f9-baa7-2d1270f41a69/export Tue, 03 Jan 2023 20:18:12 +0000 cec1841f-02ef-40d7-8dba-91c3e8fdb540 https://db.gcve.eu/sighting/cec1841f-02ef-40d7-8dba-91c3e8fdb540/export {"uuid": "cec1841f-02ef-40d7-8dba-91c3e8fdb540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9854", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2222", "content": "Cyber Security News - \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\nMeddler-in-the-Middle Phishing Attacks Explained\n\nhttps://unit42.paloaltonetworks.com/meddler-phishing-attacks\n\n\u200aOWASSRF \u2013 New Exploit Let Attacker Execute Remote Code on Microsoft Exchange Server\n\nhttps://gbhackers.com/owassrf/\n\n\u200b\u200bWindows Drivers Reverse Engineering Methodology\n\nThis blog post details a methodology for reverse engineering and finding vulnerable code paths in Windows drivers.\nIncluding a guide for setting up a lab for (the pesky) kernel debugging.\n\nhttps://voidsec.com/windows-drivers-reverse-engineering-methodology/\n\n\u200aGuide: Reporting Telnyx LLC spam\n\nhttps://latesthackingnews.com/2022/12/22/guide-reporting-telnyx-llc-spam/\n\n\u200aNetLlix - A Project Created With An Aim To Emulate And Test Exfiltration Of Data Over Different Network Protocols\n\nhttp://www.kitploit.com/2022/12/netllix-project-created-with-aim-to.html\n\n\u200aZoom Whiteboard patches XSS bug\n\nhttps://portswigger.net/daily-swig/zoom-whiteboard-patches-xss-bug\n\n\u200aBug bounty and AI: How machine learning is changing the game for cybersecurity\n\nhttps://blog.intigriti.com/2022/12/22/bug-bounty-and-ai-how-machine-learning-is-changing-the-game-for-cybersecurity/\n\n\u200aBlack Hat Europe 2022 NOC: The SOC Inside the NOC\n\nhttps://blogs.cisco.com/security/black-hat-europe-2022-noc-the-soc-inside-the-noc\n\nCVE-2020-9854: \"Unauthd\" - three logic bugs ftw\n\nhttps://objective-see.org/blog/blog_0x4D.html\n\nCritical Remote Code Execution Vulnerability in Linux Kernel\n\nhttps://securityonline.info/critical-remote-code-execution-vulnerability-in-linux-kernel/\n\n\u200aLean, green coding machine: How sustainable computing drive can reduce attack surfaces\n\nhttps://portswigger.net/daily-swig/lean-green-coding-machine-how-sustainable-computing-drive-can-reduce-attack-surfaces\n\n\u200aBrave launches FrodoPIR, a privacy-focused database query system\n\nhttps://www.bleepingcomputer.com/news/security/brave-launches-frodopir-a-privacy-focused-database-query-system/\n\n\u200aHTTP Header Injection\n\nhttps://infosecwriteups.com/http-header-injection-4ba857fb9a16?source=rss----7b722bfd1b8d---4\n\n\u200aVice Society ransomware gang switches to new custom encryptor\n\nhttps://www.bleepingcomputer.com/news/security/vice-society-ransomware-gang-switches-to-new-custom-encryptor/\n\n\u200aComcast Xfinity accounts hacked in widespread 2FA bypass attacks\n\nhttps://www.bleepingcomputer.com/news/security/comcast-xfinity-accounts-hacked-in-widespread-2fa-bypass-attacks/\n\n\u200aInsiders worry CISA is too distracted from critical cyber mission\n\nhttps://www.cyberscoop.com/cisa-dhs-easterly-cyber-mission/\n\n\u200aDuckDuckGo now blocks Google sign-in pop-ups on all sites\n\nhttps://www.bleepingcomputer.com/news/security/duckduckgo-now-blocks-google-sign-in-pop-ups-on-all-sites/\n\n\u200aSoftware bills of material face long road to adoption\n\nhttps://www.cyberscoop.com/dhs-sbom-adoption/\n\n\u200aLastpass: Hackers stole customer vault data in cloud storage breach\n\nhttps://www.bleepingcomputer.com/news/security/lastpass-hackers-stole-customer-vault-data-in-cloud-storage-breach/\n\n\u200aLeading sports betting firm BetMGM discloses data breach\n\nhttps://www.bleepingcomputer.com/news/security/leading-sports-betting-firm-betmgm-discloses-data-breach/\n\n\u200aCritical Remote Code Execution Vulnerability in Linux Kernel\n\nhttps://securityonline.info/critical-remote-code-execution-vulnerability-in-linux-kernel/\n\n\u200aPoC Code Published for Triggering RCE (CVE-2022-43571) in Splunk Enterprise\n\nhttps://securityonline.info/poc-code-published-for-triggering-rce-cve-2022-43571-in-splunk-enterprise/\n\n\u200aRaspberry Robin Malware Attacks Against Telecom and Government Sectors\n\nhttps://cybersecuritynews.com/raspberry-robin-malware/\n\n\u200aNew Zerobot Malware Exploiting Apache Vulnerabilities to Launch DDoS Attack\n\nhttps://cybersecuritynews.com/zerobot-malware/\n\n\u200aKmsdBot Botnet Leverages SSH to Compromise Systems and to Launch DDoS Attacks\n\nhttps://gbhackers.com/kmsdbot-ddos-botnet/\n\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-01-03T20:18:12.000000Z"} {"uuid": "cec1841f-02ef-40d7-8dba-91c3e8fdb540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-9854", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2222", "content": "Cyber Security News - \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06 #Pentesting \n\nMeddler-in-the-Middle Phishing Attacks Explained\n\nhttps://unit42.paloaltonetworks.com/meddler-phishing-attacks\n\n\u200aOWASSRF \u2013 New Exploit Let Attacker Execute Remote Code on Microsoft Exchange Server\n\nhttps://gbhackers.com/owassrf/\n\n\u200b\u200bWindows Drivers Reverse Engineering Methodology\n\nThis blog post details a methodology for reverse engineering and finding vulnerable code paths in Windows drivers.\nIncluding a guide for setting up a lab for (the pesky) kernel debugging.\n\nhttps://voidsec.com/windows-drivers-reverse-engineering-methodology/\n\n\u200aGuide: Reporting Telnyx LLC spam\n\nhttps://latesthackingnews.com/2022/12/22/guide-reporting-telnyx-llc-spam/\n\n\u200aNetLlix - A Project Created With An Aim To Emulate And Test Exfiltration Of Data Over Different Network Protocols\n\nhttp://www.kitploit.com/2022/12/netllix-project-created-with-aim-to.html\n\n\u200aZoom Whiteboard patches XSS bug\n\nhttps://portswigger.net/daily-swig/zoom-whiteboard-patches-xss-bug\n\n\u200aBug bounty and AI: How machine learning is changing the game for cybersecurity\n\nhttps://blog.intigriti.com/2022/12/22/bug-bounty-and-ai-how-machine-learning-is-changing-the-game-for-cybersecurity/\n\n\u200aBlack Hat Europe 2022 NOC: The SOC Inside the NOC\n\nhttps://blogs.cisco.com/security/black-hat-europe-2022-noc-the-soc-inside-the-noc\n\nCVE-2020-9854: \"Unauthd\" - three logic bugs ftw\n\nhttps://objective-see.org/blog/blog_0x4D.html\n\nCritical Remote Code Execution Vulnerability in Linux Kernel\n\nhttps://securityonline.info/critical-remote-code-execution-vulnerability-in-linux-kernel/\n\n\u200aLean, green coding machine: How sustainable computing drive can reduce attack surfaces\n\nhttps://portswigger.net/daily-swig/lean-green-coding-machine-how-sustainable-computing-drive-can-reduce-attack-surfaces\n\n\u200aBrave launches FrodoPIR, a privacy-focused database query system\n\nhttps://www.bleepingcomputer.com/news/security/brave-launches-frodopir-a-privacy-focused-database-query-system/\n\n\u200aHTTP Header Injection\n\nhttps://infosecwriteups.com/http-header-injection-4ba857fb9a16?source=rss----7b722bfd1b8d---4\n\n\u200aVice Society ransomware gang switches to new custom encryptor\n\nhttps://www.bleepingcomputer.com/news/security/vice-society-ransomware-gang-switches-to-new-custom-encryptor/\n\n\u200aComcast Xfinity accounts hacked in widespread 2FA bypass attacks\n\nhttps://www.bleepingcomputer.com/news/security/comcast-xfinity-accounts-hacked-in-widespread-2fa-bypass-attacks/\n\n\u200aInsiders worry CISA is too distracted from critical cyber mission\n\nhttps://www.cyberscoop.com/cisa-dhs-easterly-cyber-mission/\n\n\u200aDuckDuckGo now blocks Google sign-in pop-ups on all sites\n\nhttps://www.bleepingcomputer.com/news/security/duckduckgo-now-blocks-google-sign-in-pop-ups-on-all-sites/\n\n\u200aSoftware bills of material face long road to adoption\n\nhttps://www.cyberscoop.com/dhs-sbom-adoption/\n\n\u200aLastpass: Hackers stole customer vault data in cloud storage breach\n\nhttps://www.bleepingcomputer.com/news/security/lastpass-hackers-stole-customer-vault-data-in-cloud-storage-breach/\n\n\u200aLeading sports betting firm BetMGM discloses data breach\n\nhttps://www.bleepingcomputer.com/news/security/leading-sports-betting-firm-betmgm-discloses-data-breach/\n\n\u200aCritical Remote Code Execution Vulnerability in Linux Kernel\n\nhttps://securityonline.info/critical-remote-code-execution-vulnerability-in-linux-kernel/\n\n\u200aPoC Code Published for Triggering RCE (CVE-2022-43571) in Splunk Enterprise\n\nhttps://securityonline.info/poc-code-published-for-triggering-rce-cve-2022-43571-in-splunk-enterprise/\n\n\u200aRaspberry Robin Malware Attacks Against Telecom and Government Sectors\n\nhttps://cybersecuritynews.com/raspberry-robin-malware/\n\n\u200aNew Zerobot Malware Exploiting Apache Vulnerabilities to Launch DDoS Attack\n\nhttps://cybersecuritynews.com/zerobot-malware/\n\n\u200aKmsdBot Botnet Leverages SSH to Compromise Systems and to Launch DDoS Attacks\n\nhttps://gbhackers.com/kmsdbot-ddos-botnet/\n\n\n\ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-01-03T20:18:12.000000Z"} https://db.gcve.eu/sighting/cec1841f-02ef-40d7-8dba-91c3e8fdb540/export Tue, 03 Jan 2023 20:18:12 +0000