🚨#hack #snaphack📢 #buyingcontent #monkeyapp #telegramlinks #snapchatleak #crypto #bitcoin💵฿#easymoney #snaphacking Apple just patched a zero-day under active attack!

CVE-2025-24201 let hackers escape the WebKit 🦸🏻‍♂sandbox-Apple calls the exploit extremely sophisticated‼‼ https://t.co/0aVq2l6TQs

@MMM13772 @gezine_dev @StretchEcho @flat_z WEBKIT vulnerability CVE-2025-24201 for 7.xx ps5 was found 5 months ago by Nathan Fargo. But no any exploit yet (

#hack #snaphack📢 #buyingcontent #monkeyapp #telegramlinks #snapchatleak #crypto #bitcoin💵฿#easymoney #snaphacking Apple just patched a zero-day under active attack!

CVE-2025-24201 let hackers escape the WebKit 🦸🏻‍♂sandbox-Apple calls the exploit extremely sophisticated‼ https://t.co/KLMpOjYln8

WhatsApp patched a zero-click exploit (CVE-2025-55177) combined with an Apple bug (CVE-2025-43300), used to silently hack < 200 targets, incl. journalists & activists. For political dissidents, this means heightened surveillance risks. Update now & reset devices! #CyberSecurity

@KianErfaan really? was it the 15.6.1 (CVE-2025-43300) update ? that was a MacOS vulnerability by the way

After analyzing 98% of vulnerabilities from past week, CVE-2025-43300 has 107 articles published from different internet sources, no other cve has these many articles. More information here: https://t.co/SyyDujjO8C #vulnerability #CyberSecurity #ThreatIntel #CVE #SecurityAlert

[1day1line] CVE-2025-29824: LPE vulnerability in Windows CLFS driver (clfs.sys) via Use-After-Free

https://t.co/7bAFLvDf8K

Today’s one-liner is about a Use-After-Free vulnerability discovered in the Windows CLFS driver. An attacker can manipulate freed structure pointers to

🚨 Cybersecurity researchers have uncovered a new wave of RansomExx ransomware attacks leveraging a now-patched Windows flaw (CVE-2025-29824) to deploy the PipeMagic malware framework. https://t.co/gLWPhPZvMR

#Cybersecurity #Ransomware #Microsoft

Defenses

-> Patch CVE-2025-29824

-> Watch for fake apps/DLL hijacking

-> Monitor LSASS access

-> Patch identified CVE-2025-29824

PipeMagic proves ransomware frameworks are evolving fast.

Attackers exploiting Apache ActiveMQ CVE-2023-46604 are now patching the flaw themselves — blocking rivals and evading detection after deploying malware. A reminder: patched ≠ safe if adversaries did it. #cybersecurity #Linux #infosec #ITsecurity https://t.co/fgsYFyyBIx

⚠️ Weekly vuln radar. https://t.co/Cd6L8ACyLV – spot what’s trending before it’s everywhere:

CVE-2025-53770

CVE-2025-43300

CVE-2025-5777

CVE-2024-21887

CVE-2023-46604 (@ThreatBookLabs)

CVE-2025-7776

CVE-2025-54309

CVE-2025-7775

CVE-2025-53771 https://t.co/q4Rx5wWFSt

Attackers exploiting Apache ActiveMQ CVE-2023-46604 are now patching the flaw themselves — blocking rivals and evading detection after deploying malware. A reminder: patched ≠ safe if adversaries did it. #cybersecurity #Linux #infosec #ITsecurity https://t.co/fgsYFyyBIx

“Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775"

https://t.co/1A7Wg9V39f

SOURCE - https://t.co/xvqjYIZllv

.

#cybersecurity #informationsecurity #hacking #DataSecurity #websecurity #cybersecurityawareness #Pendragonsecurity https://t.co/CyLoDihRRb

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

Is CVE-2025-7775 still in nsppe? not seeing an obvious oob write. (just some oob read) https://t.co/gYWilsu0au

"#PoC #Exploit Released for CrushFTP 0-day Vulnerability (#CVE-2025-54309)"

#7com1068 https://t.co/VLLJGHxFrg

🚨 Hackers exploit CrushFTP zero-day (CVE-2025-54309) to seize server control. WatchTowr Labs reveals critical admin access vulnerability.

https://t.co/znp52u0qk2

HackRead: 🚨 Hackers are exploiting a CrushFTP Zero-Day (CVE-2025-54309) to gain admin access and take over servers. Update to v10.8.5 or v11.3.4 now!

Read: https://t.co/OQtq9E3MoY

#CyberSecurity #CrushFTP #Vulnerability #0day

When a SSRF is enough: Full Docker Escape on Windows Docker Desktop (CVE-2025-9074) https://t.co/TZT6O6OJ0g

#Docker has patched CVE-2025-9074, a critical flaw in Docker Desktop that could allow attackers to compromise host systems and escalate privileges; Researchers uncovered a novel #Linux attack using malicious RAR filenames to deliver the VShell backdoor.

Docker Fixes CVE-2025-9074, Critical Container Escape Vulnerability With CVSS Score 9.3 https://t.co/i6nstI2CY5 via @TheHackersNews

Whats app spyware related vulnerabilities :3

CVE-2019-3568 CVE-2022-36934 CVE-2022-27492 CVE-2025-30401 CVE-2025-55177

I would never allow WhatsApp in my environment... Idc how much you scream and cry. https://t.co/O29FopKU7F

@Shadow_Tsar You're right—WhatsApp has faced real vulnerabilities in 2025, like CVE-2025-30401 allowing malware via spoofed attachments on Windows, and a zero-day in video files enabling code execution (per Check Point and Appknox reports). While E2E encryption protects message content,

@de_bugger_ The video's claims are accurate. It describes a real WhatsApp scam using steganography to embed malware in images, enabling data theft like OTPs and bank details upon download. Confirmed via sources like Hindustan Times and CVE-2025-30401 (patched vulnerability). Disable

Raw IP data shared daily for your constituency in our Vulnerable HTTP reporting https://t.co/qxv0Gv5ELc tagged 'cve-2025-57819'

and

Compromised Website reporting https://t.co/D1KZAGvfTr tagged 'freepbx-compromised'

CVE-2025-57819 tracker :

https://t.co/Fb9oAClSSM

FreePBX CVE-2025-57819 (CVSS 10.0) incidents: 6620 unpatched instances seen 2025-08-29, at least 386 compromised.

Dashboard links:

Vulnerable (unpatched): https://t.co/rbUGWLZQe4

Compromised:

https://t.co/MCmXiOB0qI

Check for compromise, patch - https://t.co/acH146DX7G https://t.co/sE8MDI8egy

* WhatsApp zero-day (CVE-2025-55177) → patched after spyware-linked exploitation (tied to Apple CVE-2025-43300).

* Sangoma FreePBX auth-bypass (CVE-2025-57819) → added to CISA KEV.

* FBI seizes VerifTools fake ID marketplace → $6.4M in fraud stopped.

👉 Which is the bigger systemic threat here—**messaging app spyware chains** or **identity fraud markets**?

https://reddit.com/link/1n448au/video/ho0xemtrb6mf1/player

WhatsApp patched a zero-click exploit (CVE-2025-55177) combined with an Apple bug (CVE-2025-43300), used to silently hack < 200 targets, incl. journalists & activists. For political dissidents, this means heightened surveillance risks. Update now & reset devices! #CyberSecurity

Whats app spyware related vulnerabilities :3

CVE-2019-3568 CVE-2022-36934 CVE-2022-27492 CVE-2025-30401 CVE-2025-55177

I would never allow WhatsApp in my environment... Idc how much you scream and cry. https://t.co/O29FopKU7F

🚨 Reports reveal a zero-click WhatsApp exploit (CVE-2025-55177) chained with an iOS flaw (CVE-2025-43300) to spy on activists & journalists. WhatsApp has warned users potentially targeted in the last 90 days.

#CyberSecurity #ZeroClick #iOS #WhatsApp #Infosec https://t.co/vPDbzqP4oq

BadSuccessor (CVE-2025-53779) Technique Persists Despite Microsoft Patch https://t.co/N9Ww1hBydB

Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today:

**1. [CVE-2025-7776](https://nvd.nist.gov/vuln/detail/CVE-2025-7776)**

- 📝 Memory overflow vulnerability leading to unpredictable or erroneous behavior and Denial of ServiceinNetScaler ADC and NetScaler Gateway whenNetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) with PCoIP Profile bounded to it

- 📅 **Published:** 26/08/2025

- 📈 **CVSS:** 8.8

- 🧭 **Vector:** CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:L

- 📣 **Mentions:** 5

- ⚠️ **Priority:** 2

- 📝 **Analysis:** Memory overflow vulnerability in NetScaler ADC and Gateway, when configured for VPN virtual server, ICA Proxy, CVPN, RDP Proxy with PCoIP Profile, causing unpredictable behavior and Denial of Service. Exploitation not detected in the wild, but due to high CVSS score, it's a priority 2 vulnerability.

---

**2. [CVE-2025-55177](https://nvd.nist.gov/vuln/detail/CVE-2025-55177)**

- 📝 Incomplete authorization of linked device synchronization messages in WhatsApp for iOS prior to v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 could have allowed an unrelated user to trigger processing of content from an arbitrary URL on a targets device. We assess that this vulnerability, in combination with an OS-level vulnerability on Apple platforms (CVE-2025-43300), may have been exploited in a sophisticated attack against specific targeted users.

- 📅 **Published:** 29/08/2025

- 📈 **CVSS:** 8

- 🧭 **Vector:** CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

- 📣 **Mentions:** 12

- 📝 **Analysis:** Unauthorized linked device synchronization messages in WhatsApp for iOS prior v2.25.21.73, WhatsApp Business for iOS v2.25.21.78, and WhatsApp for Mac v2.25.21.78 may have been exploited in targeted attacks, leveraging CVE-2025-43300 on Apple platforms. This is a priority 2 vulnerability due to high CVSS score and potential for sophistication, despite no confirmed exploits detected.

---

**3. [CVE-2025-57819](https://nvd.nist.gov/vuln/detail/CVE-2025-57819)**

- 📝 FreePBX is an open-source web-based graphical user interface. FreePBX 15, 16, and 17 endpoints are vulnerable due to insufficiently sanitized user-supplied data allowing unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution. This issue has been patched in endpoint versions 15.0.66, 16.0.89, and 17.0.3.

- 📅 **Published:** 28/08/2025

- 📈 **CVSS:** 10

- 🛡️ **CISA KEV:** True

- 🧭 **Vector:** CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

- 📣 **Mentions:** 11

- ⚠️ **Priority:** 1+

- 📝 **Analysis:** Unauthenticated access granted due to insufficient data sanitization in FreePBX versions 15, 16, and 17 allows arbitrary database manipulation and remote code execution. This vulnerability has been patched in versions 15.0.66, 16.0.89, and 17.0.3. Given known exploitation and high CVSS score, this is a priority 1+ issue.

---

**4. [CVE-2025-27363](https://nvd.nist.gov/vuln/detail/CVE-2025-27363)**

- 📝 An out of bounds write exists in FreeType versions 2.13.0 and below (newer versions of FreeType are not vulnerable) when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code assigns a signed short value to an unsigned long and then adds a static value causing it to wrap around and allocate too small of a heap buffer. The code then writes up to 6 signed long integers out of bounds relative to this buffer. This may result in arbitrary code execution. This vulnerability may have been exploited in the wild.

- 📅 **Published:** 11/03/2025

- 📈 **CVSS:** 8.1

- 🛡️ **CISA KEV:** True

- 🧭 **Vector:** CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C/CR:H/IR:H/AR:H/MAV:N/MAC:L/MPR:N/MUI:N/MS:U/MC:H/MI:H/MA:H

- 📣 **Mentions:** 110

- ⚠️ **Priority:** 1+

- 📝 **Analysis:** A heap buffer overflow in FreeType versions 2.13.0 and below allows arbitrary code execution due to an out-of-bounds write during font parsing. This issue appears to have been exploited in the wild, making it a priority 1+ vulnerability.

---

**5. [CVE-2025-54309](https://nvd.nist.gov/vuln/detail/CVE-2025-54309)**

- 📝 CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy feature is not used, mishandles AS2 validation and consequently allows remote attackers to obtain admin access via HTTPS, as exploited in the wild in July 2025.

- 📅 **Published:** 18/07/2025

- 📈 **CVSS:** 9

- 🛡️ **CISA KEV:** True

- 🧭 **Vector:** CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

- 📣 **Mentions:** 33

- ⚠️ **Priority:** 1+

- 📝 **Analysis:** Remote attackers can obtain admin access via HTTPS in CrushFTP versions before 10.8.5 and 11.3.4_23 due to improper AS2 validation. This vulnerability, exploited in the wild in July 2025, has a high CVSS score but low EPSS, making it a priority 2 issue.

---

**6. [CVE-2025-43300](https://nvd.nist.gov/vuln/detail/CVE-2025-43300)**

- 📝 An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Sonoma 14.7.8, macOS Ventura 13.7.8, iPadOS 17.7.10, macOS Sequoia 15.6.1, iOS 18.6.2 and iPadOS 18.6.2. Processing a malicious image file may result in memory corruption. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

- 📅 **Published:** 21/08/2025

- 📈 **CVSS:** 0

- 🛡️ **CISA KEV:** True

- 🧭 **Vector:** n/a

- 📣 **Mentions:** 23

- ⚠️ **Priority:** 1+

- 📝 **Analysis:** A memory corruption issue exists in macOS and iOS versions listed, stemming from processing malicious image files. While not widely exploited, Apple has reported a targeted attack. Given the potential for sophisticated attacks and the high CVSS score, this vulnerability warrants attention as a priority 2 concern.

---

**7. [CVE-2025-26496](https://nvd.nist.gov/vuln/detail/CVE-2025-26496)**

- 📝 Access of Resource Using Incompatible Type (Type Confusion) vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux (File Upload modules) allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19.

- 📅 **Published:** 22/08/2025

- 📈 **CVSS:** 9.3

- 🧭 **Vector:** CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

- 📣 **Mentions:** 4

- ⚠️ **Priority:** 2

- 📝 **Analysis:** A Type Confusion vulnerability enables Local Code Inclusion in File Upload modules of Tableau Server and Desktop (Windows, Linux) versions before 2025.1.3, 2024.2.12, 2023.3.19. Despite no known exploits, the high CVSS score and the vulnerability's nature warrant a priority 2 rating.

---

**8. [CVE-2025-7775](https://nvd.nist.gov/vuln/detail/CVE-2025-7775)**

- 📝 Memory overflow vulnerability leading to Remote Code Execution and/or Denial of Service in NetScaler ADC and NetScaler Gateway whenNetScaler is configured as Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with IPv6 services or servicegroups bound with IPv6 servers (OR) NetScaler ADC and NetScaler Gateway 13.1, 14.1, 13.1-FIPS and NDcPP: LB virtual servers of type (HTTP, SSL or HTTP_QUIC) bound with DBS IPv6 services or servicegroups bound with IPv6 DBS servers (OR) CR virtual server with type HDX

- 📅 **Published:** 26/08/2025

- 📈 **CVSS:** 9.2

- 🛡️ **CISA KEV:** True

- 🧭 **Vector:** CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L

- 📣 **Mentions:** 12

- ⚠️ **Priority:** 1+

- 📝 **Analysis:** A critical remote code execution/denial of service vulnerability has been identified in NetScaler ADC and Gateway versions 13.1, 14.1, 13.1-FIPS, and NDcPP. Exploitation occurs when NetScaler is configured as a gateway or AAA virtual server, bound with IPv6 services, servicegroups bound with IPv6 servers, LB virtual servers of type HTTP/SSL/HTTP_QUIC, DBS IPv6 services or servicegroups bound with IPv6 DBS servers, or CR virtual server with type HDX. This vulnerability is currently actively exploited in the wild (CISA KEV: confirmed exploited), making it a priority 1+ vulnerability.

---

**9. [CVE-2025-53779](https://nvd.nist.gov/vuln/detail/CVE-2025-53779)**

- 📝 Windows Kerberos Elevation of Privilege Vulnerability

- 📅 **Published:** 12/08/2025

- 📈 **CVSS:** 7.2

- 🧭 **Vector:** CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C

- 📣 **Mentions:** 14

- ⚠️ **Priority:** 2

- 📝 **Analysis:** A Windows Kerberos Elevation of Privilege flaw allows local attackers to gain full control; no known exploits in the wild, but the high CVSS score indicates a priority 2 concern due to low Exploitability Scoring System (EPSS) score.

---

**10. [CVE-2023-48409](https://nvd.nist.gov/vuln/detail/CVE-2023-48409)**

- 📝 In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/mali_kbase_core_linux.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

- 📅 **Published:** 08/12/2023

- 📈 **CVSS:** 0

- 🧭 **Vector:** n/a

- 📣 **Mentions:** 2

- ⚠️ **Priority:** 2

- 📝 **Analysis:** A local privilege escalation issue exists in gpu_pixel_handle_buffer_liveness_update_ioctl, due to an integer overflow in mali_kbase_core_linux.c. No user interaction required for exploitation; this is currently a priority 2 vulnerability, given its high CVSS score and low EPSS.

---

Let us know if you're tracking any of these or if you find any issues with the provided details.

🗣️ BadSuccessor (CVE-2025-53779) Technique Persists Despite Microsoft Patch https://t.co/jSAzvAVvNs

Security analysis of Sonoff Smart Home IoT devices (CVE-2024-7205 and CVE-2024-7206)

https://t.co/ClGHZieY6J

Credits Jerin Sunny and Shakir Zari

#iot #infosec https://t.co/39fuqehQmw

IoT Security Research (w/@js0n37 ) – From Chip to Cloud: Hacking Sonoff Smart Home Devices.

Found & disclosed:

🔹 CVE-2024-7206 – Firmware Extraction & SSL Pinning Bypass.

🔹 CVE-2024-7205 – Secondary user takeover.

Full: https://t.co/SV9Xr86TD6

#IoTSecurity #HardwareSecurity

#Vulnerability #CVE20247205 CVE-2024-7205 in eWeLink Cloud Service Exposes Devices to Takeover https://t.co/hxkb97hzWs

Security analysis of Sonoff Smart Home IoT devices (CVE-2024-7205 and CVE-2024-7206)

https://t.co/ClGHZieY6J

Credits Jerin Sunny and Shakir Zari

#iot #infosec https://t.co/39fuqehQmw

IoT Security Research (w/@js0n37 ) – From Chip to Cloud: Hacking Sonoff Smart Home Devices.

Found & disclosed:

🔹 CVE-2024-7206 – Firmware Extraction & SSL Pinning Bypass.

🔹 CVE-2024-7205 – Secondary user takeover.

Full: https://t.co/SV9Xr86TD6

#IoTSecurity #HardwareSecurity

{\n "Source": "CVE FEED",\n "Title": "CVE-2024-7206 - eWeLink SSL Pinning Bypass (Device Cloning Vulnerability)", \n "Content": "CVE ID : CVE-2024-7206 \nPublished : Oct. 8, 2024, 7:15 a.m. | 38 minutes ago \nDescription : SSL Pinning Bypass in eWeLink Some hardware products allows local ATTACKER to Decrypt TLS communication and Extract secrets to clone the device via Flash the modified firmware \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...",\n "Detection Date": "08 Oct 2024",\n "Type": "Vulnerability"\n}\n🔹 t.me/cvedetector 🔹

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158

https://t.co/tuPPgsYkrt https://t.co/wV5RqVPU3g

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158

https://www.helpnetsecurity.com/2025/08/27/plex-media-server-cve-2025-34158-attack/:

1. The flaw’s CVSS score is the highest possible, and tells us that it can be exploited remotely over the internet, without user interaction or attackers having to authenticate first.

2. This means that attackers may access private data through it, corrupt it, or making it unavailable for use by crashing or disabling the Plex server.

3. Last Friday, Censys flagged 428,083 devices – predominantly located in the US and Europe – exposing the Plex Media Server web interface / login portal to the internet.

@secharvester

300k+ Plex Media Server instances still vulnerable to attack via CVE-2025-34158 - Help Net Security https://t.co/MGLyRoHnbz

Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309) https://t.co/Y6JiYlzdPX

Advisory - Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309)

https://t.co/ymkRDaYZMZ

#bugbounty

Advisory - Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309)

https://blog.amberwolf.com/blog/2025/august/advisory---netskope-client-for-windows---local-privilege-escalation-via-rogue-server/

#VulnerabilityReport #bufferoverflow CVE-2025-31700 & CVE-2025-31701: Buffer Overflow Flaws in Dahua IP Cameras Expose Devices to RCE https://t.co/O7t8gnnmr9

Critical security flaws found in Dahua cameras, including Dahua Hero C1 and more, allow remote code execution and full device control. Firmware updates released on July 7, 2025. #CVE-2025-31700 #CVE-2025-31701 #China

https://t.co/iI3inwCxW0

Исследователи Bitdefender обнаружили исправленные критические уязвимости в прошивках умных камер Dahua, которые позволяют злоумышленникам перехватывать управление уязвимыми устройствами.

Уязвимости затрагивают протокол ONVIF и обработчики загрузки файлов, позволяя неавторизированным злоумышленникам удаленно выполнять произвольные команды.

Проблемы отслеживаются как CVE-2025-31700 и CVE-2025-31701 (CVSS: 8,1) и влияют на следующие устройства с версиями до 16 апреля 2025 года: IPC-1XXX, IPC-2XXX, IPC-WX, IPC-ECXX, SD3A, SD2A, SD3D, SDT2A и SD2C Series.

Оба недостатка относятся ошибкам переполнения буфера и эксплуатируются путем отправки специально созданных вредоносных пакетов, что потенциально приводит к DoS или RCE.

В частности, CVE-2025-31700 описывается как переполнение стека буфера в обработчике запросов ONVIF (Open Network Video Interface Forum), тогда как уязвимость CVE-2025-31701 касается ошибки переполнения в обработчике загрузки файлов RPC.

Как отмечает Dahua, некоторые устройства имеют защитные механизмы, в том числе рандомизацию адресного пространства (ASLR), что снижает вероятность успешного использования RCE.

Однако атаки типа DoS по-прежнему вполне реализуемы.

В свою очередь, Bitdefender предупреждает, что устройства, подключенные к интернету через переадресацию портов или UPnP, особенно подвержены риску, а успешная эксплуатация обеспечивает доступ к камере с правами root без взаимодействия с пользователем.

При этом эксплойт обходит проверки целостности прошивки, так что злоумышленники могут загружать неподписанные полезные нагрузки или сохраняться через пользовательские демоны, что затрудняет очистку.

Учитывая, что устройства Dahua популярны, в том числе и в России, пользователям следует внимательно отнестись к рекомендациям поставщика и накатить соответствующие обновления.

#VulnerabilityReport #bufferoverflow CVE-2025-31700 & CVE-2025-31701: Buffer Overflow Flaws in Dahua IP Cameras Expose Devices to RCE https://t.co/O7t8gnnmr9

Critical security flaws found in Dahua cameras, including Dahua Hero C1 and more, allow remote code execution and full device control. Firmware updates released on July 7, 2025. #CVE-2025-31700 #CVE-2025-31701 #China

https://t.co/iI3inwCxW0

Исследователи Bitdefender обнаружили исправленные критические уязвимости в прошивках умных камер Dahua, которые позволяют злоумышленникам перехватывать управление уязвимыми устройствами.

Уязвимости затрагивают протокол ONVIF и обработчики загрузки файлов, позволяя неавторизированным злоумышленникам удаленно выполнять произвольные команды.

Проблемы отслеживаются как CVE-2025-31700 и CVE-2025-31701 (CVSS: 8,1) и влияют на следующие устройства с версиями до 16 апреля 2025 года: IPC-1XXX, IPC-2XXX, IPC-WX, IPC-ECXX, SD3A, SD2A, SD3D, SDT2A и SD2C Series.

Оба недостатка относятся ошибкам переполнения буфера и эксплуатируются путем отправки специально созданных вредоносных пакетов, что потенциально приводит к DoS или RCE.

В частности, CVE-2025-31700 описывается как переполнение стека буфера в обработчике запросов ONVIF (Open Network Video Interface Forum), тогда как уязвимость CVE-2025-31701 касается ошибки переполнения в обработчике загрузки файлов RPC.

Как отмечает Dahua, некоторые устройства имеют защитные механизмы, в том числе рандомизацию адресного пространства (ASLR), что снижает вероятность успешного использования RCE.

Однако атаки типа DoS по-прежнему вполне реализуемы.

В свою очередь, Bitdefender предупреждает, что устройства, подключенные к интернету через переадресацию портов или UPnP, особенно подвержены риску, а успешная эксплуатация обеспечивает доступ к камере с правами root без взаимодействия с пользователем.

При этом эксплойт обходит проверки целостности прошивки, так что злоумышленники могут загружать неподписанные полезные нагрузки или сохраняться через пользовательские демоны, что затрудняет очистку.

Учитывая, что устройства Dahua популярны, в том числе и в России, пользователям следует внимательно отнестись к рекомендациям поставщика и накатить соответствующие обновления.

Whats app spyware related vulnerabilities :3

CVE-2019-3568 CVE-2022-36934 CVE-2022-27492 CVE-2025-30401 CVE-2025-55177

I would never allow WhatsApp in my environment... Idc how much you scream and cry. https://t.co/O29FopKU7F

■■■■■ Here's a full technical rewrite of the WhatsApp vs. NSO Group spyware case, focusing on CVE-2019-3568, its exploitation logic, and WhatsApp’s patch implementation:

➿➿

CVE-2019-3568 – WhatsApp VoIP Stack RCE

Exploit Summary

CVE-ID: CVE-2019-3568

Vulnerability Type: Memory corruption – heap-based buffer overflow

Attack Vector:

Remote, via malformed RTCP (Real-time Transport Control Protocol) packets sent during a WhatsApp voice call

Impact:

Remote Code Execution (RCE) in WhatsApp process without user interaction (zero-click)

Platform:

Android and iOS WhatsApp clients

Patched:WhatsApp v2.19.134 (Android) and v2.19.51 (iOS), May 2019.

➿➿

Exploitation Logic

1. Target Surface

Exploit leverages the libSRTP-based VoIP stack, which handles RTCP packets used for session feedback and control in encrypted voice calls.

RTCP parsing logic failed to sanitize certain control fields, especially those related to extended report block lengths and payload types.

2. Exploit Algorithm Flow

1. Attacker initiates WhatsApp voice call to target (call never needs to be answered).

2. During SIP/VoIP session setup, attacker injects a malformed RTCP packet:

- Payload includes an extended report (XR) with a length field that causes heap corruption.

- The data pointer is shifted to point into a controlled heap region.

3. Heap spray is used prior to the call to fill memory with ROP gadgets or shellcode.

4. WhatsApp’s VoIP thread parses the corrupted RTCP payload:

- Triggers a buffer overflow

- Hijacks return address via overwritten heap metadata

5. Final stage loader downloads and injects the Pegasus spyware binary into user space.

➿➿

Vulnerability Root Cause

A lack of proper bounds checking in srtp_unprotect() when handling compound RTCP packet lengths.

Specifically, incorrect handling of:

block_length in XR headers

packet size mismatch vs actual read buffer

ASLR and DEP were bypassed using dynamic heap shaping and ROP chains tailored to the victim’s device/OS version.

➿➿

Patch Details (May 2019)

WhatsApp Patch Analysis

Introduced stricter validation in the VoIP media engine:

Validated block_length and total_length fields in RTCP/XR headers

Rejected malformed RTCP packets that exceeded expected control sizes

Recompiled the VoIP library with stack canaries, PIE, RELRO, and hardened malloc on Android and iOS

Moved critical parsing logic out of untrusted network threads into a sandboxed process (in newer versions)

Net Result

Fully blocked the RTCP overflow path

Rendered Pegasus’s existing payload delivery channel ineffective

Led NSO to shift to other attack chains (like the “Heaven” WhatsApp impersonation method)

➿➿

Notable Tools Used by NSO Group

Tool Purpose

🤍WIS WhatsApp impersonator client (Heaven)

🤍Q&Q Toolset RTCP generator and packet modifier

🤍Pegasus Final payload with device takeover

🤍TraceStitch Heap layout prediction & ROP generator

➿➿

Forensics Indicators

Malformed rtcp packets seen in logs: unusual XR block types and lengths.

WhatsApp crash logs showing access violation in libwhatsapp.so VoIP thread.

Outbound connections to AWS/Vultr endpoints post-exploitation.

[Content removed]

🚨 New Templates Bounty Issue 💰

CVE-2025-3515 - Contact Form 7 Drag and Drop Multiple File Upload - Unrestricted File Upload 💰 👾

Issue: https://t.co/8fXPZoGDQz

#bugbounty #NucleiTemplates #cve #opensource

🚨 CVE-2025-3515

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and upload .phar or other dangerous file types on the affected site's server, which may make remote code execution possible on the servers that are configured to handle .phar files as executable PHP scripts, particularly in default Apache+mod_php configurations where the file extension is not strictly validated before being passed to the PHP interpreter.

🎖@cveNotify

CVE-2025-3515 - WordPress Contact Form 7 Drag and Drop Multiple File Upload Remote Code Execution Vulnerability

CVE ID : CVE-2025-3515

Published : June 17, 2025, 10:15 a.m. | 1 hour, 56 minutes ago

Description : The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and upload .phar or other dangerous file types on the affected site's server, which may make remote code execution possible on the servers that are configured to handle .phar files as executable PHP scripts, particularly in default Apache+mod_php configurations where the file extension is not strictly validated before being passed to the PHP interpreter.

Severity: 8.1 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE-2025-9679

SQL Injection in itsourcecode Student Information System 1.0 via course_edit1.php

https://t.co/WEA2L5Jp7f

CVE-2025-9679 A security vulnerability has been detected in itsourcecode Student Information System 1.0. This affects an unknown function of the file /course_edit1.php. Such manipula… https://t.co/c3PkEBcg5X

CVE Alert: CVE-2025-9692 - Campcodes - Online Shopping System - https://t.co/31rvCAtyUf

#OSINT #ThreatIntel #CyberSecurity #cve-2025-9692 #campcodes #online-shopping-system

CVE-2025-9692

SQL Injection in Campcodes Online Shopping System 1.0 via /product.php Parameter

https://t.co/FiGIALFUZn

CVE-2025-9692 A vulnerability was found in Campcodes Online Shopping System 1.0. Affected is an unknown function of the file /product.php. Performing manipulation of the argument p r… https://t.co/p8H7bLiV6C

CVE-2025-9701 A vulnerability was determined in SourceCodester Simple Cafe Billing System 1.0. The impacted element is an unknown function of the file /receipt.php. Executing manipul… https://t.co/RDLFxgUZyz

CVE-2025-9701

SQL Injection in SourceCodester Simple Cafe Billing System 1.0 via ID Parameter

https://t.co/F6BRoJRNH8

CVE-2025-9702

SQL Injection in SourceCodester Simple Cafe Billing System 1.0 via Sales Report

https://t.co/4cHxBNeo3M

CVE-2025-9702 A vulnerability was identified in SourceCodester Simple Cafe Billing System 1.0. This affects an unknown function of the file /sales_report.php. The manipulation of the… https://t.co/iaZRX0Yf57

CVE-2025-9700

SQL Injection in SourceCodester Online Book Store 1.0 via Pubid Parameter

https://t.co/Uaj1bN4PsI

CVE-2025-9700 A flaw has been found in SourceCodester Online Book Store 1.0. This issue affects some unknown processing of the file /publisher_list.php. This manipulation of the argu… https://t.co/QrGT67DLOA

CVE Alert: CVE-2025-9691 - Campcodes - Online Shopping System - https://t.co/DRkJuVIC17

#OSINT #ThreatIntel #CyberSecurity #cve-2025-9691 #campcodes #online-shopping-system

CVE-2025-9691 A vulnerability has been found in Campcodes Online Shopping System 1.0. This impacts an unknown function of the file /login.php. Such manipulation of the argument Passw… https://t.co/FivWPKd7uF

CVE-2025-9705

SQL Injection Vulnerability in SourceCodester Water Billing System 1.0

https://t.co/P1fLy04W2I

CVE-2025-9705 A weakness has been identified in SourceCodester Water Billing System 1.0. Affected is an unknown function of the file /paybill.php. This manipulation of the argument I… https://t.co/7ZOFLcdKhZ

CVE-2025-9699

SQL Injection in SourceCodester Online Polling System 1.0 via Argument Manipulation

https://t.co/smqo1TeChZ

CVE-2025-9699 A vulnerability was detected in SourceCodester Online Polling System Code 1.0. This vulnerability affects unknown code of the file /admin/checklogin.php. The manipulati… https://t.co/YAWs1OkyLj

CVE-2025-9706

SQL Injection Vulnerability in SourceCodester Water Billing System 1.0

https://t.co/QtFJLo2RuV

CVE-2025-9706 A security vulnerability has been detected in SourceCodester Water Billing System 1.0. Affected by this vulnerability is an unknown functionality of the file /edit.php.… https://t.co/wj2Y3LRoRk

CVE Alert: CVE-2025-0165 - IBM - watsonx Orchestrate Cartridge for IBM Cloud Pak for Data - https://t.co/Zos7bEQs1c

#OSINT #ThreatIntel #CyberSecurity #cve-2025-0165 #ibm #watsonx-orchestrate-cartridge-for-ibm-cloud-pak-for-data

CVE-2025-0165

SQL Injection Vulnerability in IBM watsonx Orchestrate Cartridge for IBM Cloud Pak

https://t.co/MBz55PzhGI

CVE Alert: CVE-2025-9694 - Campcodes - Advanced Online Voting System - https://t.co/esxZC3Xi0H

#OSINT #ThreatIntel #CyberSecurity #cve-2025-9694 #campcodes #advanced-online-voting-system

CVE-2025-9694 A vulnerability was determined in Campcodes Advanced Online Voting System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/login.php. … https://t.co/Ghb9HvV6oZ