cKure Red

Description
Critical feeds (on average 1 post / week) from InfoSec world 🌎

Main Channel: @cKure

Buy us ☕️ or have any queries email us
📨 [email protected]
Advertising
We recommend to visit

Community chat: https://t.me/hamster_kombat_chat_2

Twitter: x.com/hamster_kombat

YouTube: https://www.youtube.com/@HamsterKombat_Official

Bot: https://t.me/hamster_kombat_bot
Game: https://t.me/hamster_kombat_bot/

Last updated 3 months, 1 week ago

Your easy, fun crypto trading app for buying and trading any crypto on the market

Last updated 3 months ago

Turn your endless taps into a financial tool.
Join @tapswap_bot


Collaboration - @taping_Guru

Last updated 4 days, 5 hours ago

6 months ago

⚡️ HTML entities that create ASCII characters inside a JavaScript URL.

https://shazzer.co.uk/vectors/667b4120d631543fa1c420a5

shazzer.co.uk

HTML entities that create ASCII characters inside a JavaScript URL - Shazzer

This vector loops through all entities and assigns them to a JavaScript URL and checks if they decode to ASCII characters.

***⚡️*** **HTML entities that create ASCII characters inside a JavaScript URL.**
6 months, 1 week ago

✔️ BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution.

https://google.github.io/security-research/pocs/linux/bleedingtooth/writeup.html

security-research

BleedingTooth: Linux Bluetooth Zero-Click Remote Code Execution

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

6 months, 1 week ago

⚠️ CVE-2024-0044 (Android LPE) impacting Android 12 and 13.

Source: https://www.linkedin.com/posts/lukasstefanko_whatsapp-vulnerability-activity-7208453738829598720-5Px4

6 months, 1 week ago

⚔️ Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762

https://www.assetnote.io/resources/research/two-bytes-is-plenty-fortigate-rce-with-cve-2024-21762

www.assetnote.io

Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762

Early this February, Fortinet released an advisory for an "out-of-bounds write vulnerability" that could lead to remote code execution. The issue affected the SSL VPN component of their FortiGate network appliance and was potentially already being exploited…

***⚔️*** **Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762**
6 months, 2 weeks ago

⚡️PoC Exploit published for SharePoint XXE injection ?

https://cybersecuritynews.com/poc-exploit-xxe-injection-vulnerability/

Cyber Security News

PoC Exploit Published For SharePoint XML eXternal Entity (XXE) Injection Vulnerability

A new XXE (XML eXternal Entity) Injection has been discovered to affect SharePoint on both on-prem and cloud instances.

***⚡️*****PoC Exploit published for SharePoint XXE injection** ***?***
6 months, 2 weeks ago

? **PHP just fixed RCE vulnerability, which affects XAMPP by default.

CVE-2024-4577: Make PHP-CGI Argument Injection Great Again!**
https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html

Orange

CVE-2024-4577 - Yet Another PHP RCE: Make PHP-CGI Argument Injection Great Again!

This is ***🍊*** speaking

***?*** **PHP just fixed RCE vulnerability, which affects XAMPP by default.
6 months, 3 weeks ago

? Hacking Millions of Modems (owned by an ISP). A story by Sam Curry.

https://samcurry.net/hacking-millions-of-modems

samcurry.net

Hacking Millions of Modems (and Investigating Who Hacked My Modem)

Two years ago, something very strange happened to me while working from my home network. I was exploiting a blind XXE vulnerability that required an external HTTP server to smuggle out files, so I spun up an AWS box and ran a simple Python webserver to receive…

***?*** **Hacking Millions of Modems (owned by an ISP). A story by Sam Curry.**
6 months, 3 weeks ago

ℹ️ Air-Gap Bypass: Various Methods for Extracting Information from Isolated Systems.

https://github.com/seyedhojjathosseini/Advanced-Methods-for-Extracting-Information-from-Isolated-Systems

GitHub

GitHub - seyedhojjathosseini/Advanced-Methods-for-Extracting-Information-from-Isolated-Systems: Advanced Methods for Extracting…

Advanced Methods for Extracting Information from Isolated Systems - seyedhojjathosseini/Advanced-Methods-for-Extracting-Information-from-Isolated-Systems

***ℹ️*** **Air-Gap Bypass: Various Methods for Extracting Information from Isolated Systems.**
6 months, 3 weeks ago

? State-sponsored terrorism by Israel ?? caught by OpenAI.

OpenAI bans accounts of the mercenaries. Facebook (Meta) follows suit.

Disrupting deceptive uses of AI by covert influence operations.

We have terminated accounts linked to covert influence operations; no significant audience increase due to our services.
-OpenAI

Official statement:
https://openai.com/index/disrupting-deceptive-uses-of-AI-by-covert-influence-operations/

Supporting article by journalists in Israel: https://www.timesofisrael.com/openai-says-it-disrupted-covert-influence-operation-by-israeli-firm-stoic/

Stoic also acted to meddle with elections in India ??

https://www.business-standard.com/elections/lok-sabha-election/openai-report-on-lok-sabha-polls-zero-zeno-what-is-israeli-firm-stoic-and-how-it-tried-to-disrupt-lok-sabha-polls-2024-124060100518_1.html

Openai

Disrupting deceptive uses of AI by covert influence operations

We’ve terminated accounts linked to covert influence operations; no significant audience increase due to our services.

***?*** State-sponsored terrorism by Israel ***??*** caught by OpenAI.
We recommend to visit

Community chat: https://t.me/hamster_kombat_chat_2

Twitter: x.com/hamster_kombat

YouTube: https://www.youtube.com/@HamsterKombat_Official

Bot: https://t.me/hamster_kombat_bot
Game: https://t.me/hamster_kombat_bot/

Last updated 3 months, 1 week ago

Your easy, fun crypto trading app for buying and trading any crypto on the market

Last updated 3 months ago

Turn your endless taps into a financial tool.
Join @tapswap_bot


Collaboration - @taping_Guru

Last updated 4 days, 5 hours ago