r/netsec bot
@r-netsec.bsky.social
Mirrors r/netsec, "a community-curated link aggregator of technical information security content." Unofficial. Operated by @tweedge.net, open source @ https://github.com/tweedge/xpost-reddit-to-fediverse
When The Impersonation Function Gets Used To Impersonate Users (Fortinet FortiWeb (??) Auth. Bypass) - watchTowr Labs
When The Impersonation Function Gets Used To Impersonate Users (Fortinet FortiWeb (??) Auth. Bypass) - watchTowr Labs
labs.watchtowr.com
November 14, 2025 at 2:54 PM
When The Impersonation Function Gets Used To Impersonate Users (Fortinet FortiWeb (??) Auth. Bypass) - watchTowr Labs
🚨 FIRST PUBLIC EVIDENCE: RedTail Cryptominer Targets Docker APIs
🚨 FIRST PUBLIC EVIDENCE: RedTail Cryptominer Targets Docker APIs
beelzebub.ai
November 14, 2025 at 10:24 AM
🚨 FIRST PUBLIC EVIDENCE: RedTail Cryptominer Targets Docker APIs
Milvus Proxy Authentication Bypass Vulnerability(CVE-2025-64513)
Milvus Proxy Authentication Bypass Vulnerability(CVE-2025-64513)
helixguard.ai
November 14, 2025 at 7:39 AM
Milvus Proxy Authentication Bypass Vulnerability(CVE-2025-64513)
Drawbot: Let’s Hack Something Cute! — Atredis Partners
Drawbot: Let’s Hack Something Cute! — Atredis Partners
www.atredis.com
November 13, 2025 at 7:24 PM
Drawbot: Let’s Hack Something Cute! — Atredis Partners
Breaking mPDF with regex and logic
Breaking mPDF with regex and logic
medium.com
November 13, 2025 at 5:54 PM
Breaking mPDF with regex and logic
Dehashed alternative for pentesters/red teamers
Dehashed alternative for pentesters/red teamers
sysleaks.com
November 13, 2025 at 11:54 AM
Dehashed alternative for pentesters/red teamers
Making .NET Serialization Gadgets by Hand
Making .NET Serialization Gadgets by Hand
www.vulncheck.com
November 12, 2025 at 10:39 PM
Making .NET Serialization Gadgets by Hand
MacOS Infection Vector: Using AppleScripts to bypass Gatekeeper
MacOS Infection Vector: Using AppleScripts to bypass Gatekeeper
pberba.github.io
November 12, 2025 at 7:09 PM
MacOS Infection Vector: Using AppleScripts to bypass Gatekeeper
Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101) - watchTowr Labs
Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101) - watchTowr Labs
labs.watchtowr.com
November 12, 2025 at 2:24 PM
Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101) - watchTowr Labs
No Leak, No Problem - Bypassing ASLR with a ROP Chain to Gain RCE
No Leak, No Problem - Bypassing ASLR with a ROP Chain to Gain RCE
modzero.com
November 12, 2025 at 7:54 AM
No Leak, No Problem - Bypassing ASLR with a ROP Chain to Gain RCE
[DISCLOSURE] DoorDash Enabled 5-Year XSS/HTML Injection Flaw via Official Email; VDP Misclassified Report for 15 Months
[DISCLOSURE] DoorDash Enabled 5-Year XSS/HTML Injection Flaw via Official Email; VDP Misclassified Report for 15 Months
gitlab.com
November 10, 2025 at 4:54 PM
[DISCLOSURE] DoorDash Enabled 5-Year XSS/HTML Injection Flaw via Official Email; VDP Misclassified Report for 15 Months
HTTP Request Smuggling in Kestrel via chunk extensions (CVE-2025-55315)
HTTP Request Smuggling in Kestrel via chunk extensions (CVE-2025-55315)
www.praetorian.com
November 10, 2025 at 4:39 PM
HTTP Request Smuggling in Kestrel via chunk extensions (CVE-2025-55315)
How much latency does a Throwing Star LAN Tap add to packet capture? (practical numbers appreciated)
How much latency does a Throwing Star LAN Tap add to packet capture? (practical numbers appreciated)
amzn.to
November 8, 2025 at 10:24 PM
How much latency does a Throwing Star LAN Tap add to packet capture? (practical numbers appreciated)
Arbitrary App Installation on Intune Managed Android Enterprise BYOD in Work Profile
Arbitrary App Installation on Intune Managed Android Enterprise BYOD in Work Profile
jgnr.ch
November 8, 2025 at 2:24 PM
Arbitrary App Installation on Intune Managed Android Enterprise BYOD in Work Profile
New 'Landfall' spyware exploited a Samsung 0-day delivered through WhatsApp messages
New 'Landfall' spyware exploited a Samsung 0-day delivered through WhatsApp messages
unit42.paloaltonetworks.com
November 7, 2025 at 10:54 PM
New 'Landfall' spyware exploited a Samsung 0-day delivered through WhatsApp messages
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299) - watchTowr Labs
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299) - watchTowr Labs
labs.watchtowr.com
November 7, 2025 at 2:09 PM
What’s That Coming Over The Hill? (Monsta FTP Remote Code Execution CVE-2025-34299) - watchTowr Labs
Free test for Post-Quantum Cryptography TLS
Free test for Post-Quantum Cryptography TLS
qcready.com
November 7, 2025 at 1:54 PM
Free test for Post-Quantum Cryptography TLS
The DragonForce Cartel: Scattered Spider at the gate
The DragonForce Cartel: Scattered Spider at the gate
www.acronis.com
November 7, 2025 at 1:39 PM
The DragonForce Cartel: Scattered Spider at the gate
LeakyInjector and LeakyStealer Duo Hunts For Crypto and Browser History
LeakyInjector and LeakyStealer Duo Hunts For Crypto and Browser History
hybrid-analysis.blogspot.com
November 6, 2025 at 7:24 PM
LeakyInjector and LeakyStealer Duo Hunts For Crypto and Browser History
Evading Elastic EDR's call stack signatures with call gadgets
Evading Elastic EDR's call stack signatures with call gadgets
offsec.almond.consulting
November 6, 2025 at 2:09 PM
Evading Elastic EDR's call stack signatures with call gadgets
I built Ashes CTI: a dual-mode (CLI + UI) Threat Intelligence platform for Windows
I built Ashes CTI: a dual-mode (CLI + UI) Threat Intelligence platform for Windows
ashes-cybersecurity.com
November 6, 2025 at 12:54 PM
I built Ashes CTI: a dual-mode (CLI + UI) Threat Intelligence platform for Windows
New! Cloud Filter Arbitrary File Creation EoP Patch Bypass LPE - CVE-2025-55680
New! Cloud Filter Arbitrary File Creation EoP Patch Bypass LPE - CVE-2025-55680
ssd-disclosure.com
November 5, 2025 at 11:24 AM
New! Cloud Filter Arbitrary File Creation EoP Patch Bypass LPE - CVE-2025-55680
Privilege Escalation With Jupyter From the Command Line
Privilege Escalation With Jupyter From the Command Line
www.adversis.io
November 5, 2025 at 12:09 AM
Privilege Escalation With Jupyter From the Command Line
Built SlopGuard - open-source defense against AI supply chain attacks (slopsquatting)
Built SlopGuard - open-source defense against AI supply chain attacks (slopsquatting)
aditya01933.github.io
November 4, 2025 at 6:39 PM
Built SlopGuard - open-source defense against AI supply chain attacks (slopsquatting)
Critical RCE Vulnerability CVE-2025-11953 Puts React Native Developers at Risk
Critical RCE Vulnerability CVE-2025-11953 Puts React Native Developers at Risk
jfrog.com
November 4, 2025 at 3:24 PM
Critical RCE Vulnerability CVE-2025-11953 Puts React Native Developers at Risk