Podcasts about vuln

[Vos Métamorphoses] Transformer le doute en élan créatif, faire des silences un chant de l'âme : c'est le chemin de Yaël Naïm. Née à Paris, élevée en Israël, elle se fait connaître dans le monde entier avec New Soul, hymne lumineux écrit en pleine traversée du désert, alors qu'elle doutait de tout, y compris d'elle-même. Chanteuse, autrice-compositrice, lauréate des Victoires de la Musique, elle trace depuis un chemin singulier fait de métamorphoses intérieures, de résilience et de dépouillement. Son art explore la lumière comme l'ombre, la maternité comme la solitude créative, l'échec comme la renaissance. Découvrez au micro de Marion Duchêne le parcours inspirant d'une artiste qui apprend à surfer sur les vagues de la vie. Le film documentaire réalisé par Jill Coulon, Yael Naim, une nouvelle âme, sera dispo sur Arte à partir du 23 septembre 2025. Retrouvez toutes les actualités de Yael Naim sur son site.Quelques citations du podcast avec Yael Naim :"On sait qu'un jour on va mourir, donc on ajuste les choses.""Le métissage est primordial pour notre survie même."Thèmes abordés lors du podcast avec Yael Naim :00:00Introduction02:00Présentation de l'invitée02:58Surfer sur les vagues de la vie04:10De la déception à la liberté05:46Dépasser ses croyances08:47L'expression artistique en héritage10:50L'urgence de créer12:05L'art comme langage17:20L'influence de Frida Kahlo18:23L'importance du métissage20:35La résonance avec le public23:04Le besoin de faire seule26:40La musique pour surmonter le deuil28:52Création et vulnérabilité31:35La peur de la maternité35:17La cause des femmes37:49Comment maintenir le feu intérieur ?Avant-propos et précautions à l'écoute du podcast Découvrez Objectif Métamorphose, notre programme en 12 étapes pour partir à la rencontre de soi-même.Suivez nos RS : Insta, Facebook & TikTokAbonnez-vous sur Apple Podcast / Spotify / Deezer / CastBox / YoutubeSoutenez Métamorphose en rejoignant la Tribu MétamorphosePhoto DR Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Après avoir appris que son cancer est un incurable, l'entrepreneur Alexandre Fayeulle écrit son livre “Vulnérable” afin de faire l'éloge de ce mot. Il souhaite lever le tabou autour de ce terme et de rendre positives les connotations qui sont liées dans la société et l'entreprise. Il raconte comment il a fait de cette vulnérabilité une force dans sa société Advens. ----------------------------------------------------------------------- SMART IMPACT - Le magazine de l'économie durable et responsable SMART IMPACT, votre émission dédiée à la RSE et à la transition écologique des entreprises. Découvrez des actions inspirantes, des solutions innovantes et rencontrez les leaders du changement.

Dans cet épisode, nous revenons sur les tragiques suicides de plusieurs personnes après des échanges avec ChatGPT. OpenAI annonce des mesures de sécurité. Seront-elles efficaces ?Avec Bruno Guglielminetti, du podcast Mon Carnet de Montréal

Notre alimentation moderne repose sur une illusion de diversité. Derrière les rayons bien garnis de nos supermarchés se cache une réalité bien plus uniforme qu'il n'y paraît : 75 % de ce que nous mangeons dépend uniquement de 12 espèces végétales (riz, blé, maïs, pommes de terre, etc.) et de 5 espèces animales (bœuf, porc, poulet, mouton et chèvre). Cette homogénéité, dénoncée par l'Organisation des Nations Unies pour l'alimentation et l'agriculture (FAO), constitue une fragilité majeure pour l'ensemble du système alimentaire mondial.La première source de vulnérabilité est biologique. Lorsqu'un nombre limité d'espèces domine notre alimentation, le système devient très sensible aux maladies, aux insectes ravageurs ou aux aléas climatiques. Un exemple marquant est celui du champignon Fusarium qui a détruit la variété de bananes Gros Michel dans les années 1950. Aujourd'hui, c'est la banane Cavendish – unique variété commercialisée à grande échelle – qui est menacée par une nouvelle souche de ce champignon.Même problème pour le blé ou le maïs : en cas de sécheresse ou d'épidémie fongique sur une zone de production majeure, c'est l'ensemble de la chaîne alimentaire qui vacille, avec des conséquences sur les prix, la disponibilité, voire des famines dans certaines régions du globe. La standardisation agricole, en cherchant la rentabilité maximale, a sacrifié la résilience.La vulnérabilité est aussi génétique. En sélectionnant uniquement certaines variétés productives, souvent génétiquement très proches, on affaiblit la capacité d'adaptation naturelle des espèces. Or, cette diversité génétique est cruciale pour faire face aux changements rapides du climat, à l'émergence de nouveaux parasites ou à l'évolution des conditions agricoles.Enfin, cette uniformité a aussi des conséquences nutritionnelles. Une alimentation fondée sur quelques plantes riches en glucides mais pauvres en micronutriments peut contribuer à des carences en vitamines, minéraux ou fibres. Diversifier les cultures, c'est aussi diversifier l'assiette et améliorer la santé publique.Face à ce constat, la FAO appelle à diversifier plutôt qu'intensifier. Il ne s'agit plus seulement de produire plus, mais de produire mieux et plus varié. Cela implique de remettre en culture des plantes oubliées, d'encourager l'agriculture locale et les systèmes agroécologiques, et de protéger les races animales locales adaptées aux territoires.En conclusion, notre dépendance à un petit nombre d'espèces agricoles rend notre alimentation aussi fragile qu'efficace. Pour sécuriser l'avenir alimentaire de la planète, la biodiversité doit revenir au cœur de nos champs… et de nos assiettes. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Getting a Better Handle on International Domain Names and Punycode International Domain names can be used for phishing and other attacks. One way to identify suspect names is to look for mixed script use. https://isc.sans.edu/diary/Getting%20a%20Better%20Handle%20on%20International%20Domain%20Names%20and%20Punycode/32234 Citrix Netscaler Vulnerabilities CVE-2025-7775, CVE-2025-7776 and CVE-2025-8424 Citrix patched three vulnerabilities in Netscaler. One is already being exploited https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694938&articleTitle=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2025_7775_CVE_2025_7776_and_CVE_2025_8424 git vulnerability exploited (CVE-2025-48384) A git vulnerability patched in early July is now being exploited https://github.com/git/git/security/advisories/GHSA-vwqx-4fm8-6qc9

Don't Forget The "-n" Command Line Switch Disabling reverse DNS lookups for IP addresses is important not just for performance, but also for opsec. Xavier is explaining some of the risks. https://isc.sans.edu/diary/Don%27t%20Forget%20The%20%22-n%22%20Command%20Line%20Switch/32220 watchTowr releases details about recent Commvault flaws Users of the Commvault enterprise backup solution must patch now after watchTowr released details about recent vulnerabilities https://labs.watchtowr.com/guess-who-would-be-stupid-enough-to-rob-the-same-vault-twice-pre-auth-rce-chains-in-commvault/?123 Docker Desktop Vulnerability CVE-2025-9074 A vulnerability in Docker Desktop allows attackers to escape from containers to attack the host. https://docs.docker.com/desktop/release-notes/#4443

Referências do Episódio/bin/live - WOMCYPatching for persistence: How DripDropper Linux malware moves through the cloudCVE-2023-46604Warlock: From SharePoint Vulnerability Exploit to Enterprise RansomwareSECURITY ALERT: Microsoft SharePoint On-prem Vulnerabilities (CVE-2025-49704, CVE-2025-49706, CVE-2025-53770, CVE-2025-53771)GodRAT – New RAT targeting financial institutionsStable Channel Update for ChromeOS / ChromeOS FlexRoteiro e apresentação: Carlos Cabral e Bianca OliveiraEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia

Keeping an Eye on MFA Bombing Attacks Attackers will attempt to use authentication fatigue by bombing users with MFA authentication requests. Rob is talking in this diary about how to investigate these attacks in a Microsoft ecosystem. https://isc.sans.edu/diary/Keeping+an+Eye+on+MFABombing+Attacks/32208 Critical Cisco Secure Firewall Management Center Software RADIUS Remote Code Execution Vulnerability An OS command injection vulnerability may be abused to gain access to the Cisco Secure Firewall Management Center software. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-radius-rce-TNBKf79 F5 Access for Android vulnerability An attacker with a network position that allows them to intercept network traffic may be able to read and/or modify data in transit. The attacker would need to intercept vulnerable clients specifically, since other clients would detect the man-in-the-middle (MITM) attack. https://my.f5.com/manage/s/article/K000152049

Jean-Philippe de Tonnac, grâce à ses recherches, ses ouvrages sur le féminin, sa dimension sacrée, sa puissance et sa mission, pouvait enfin se consacrer au masculin. Dans son ouvrage Éloge de la vulnérabilité des hommes, qui succède au Cercle des guérisseuses, il a pu mener une quête profonde vers la guérison et la réhabilitation de l'identité masculine. Elle aussi a été mise à mal par tant de siècles, au cours desquels l'humanité s'est affaiblie en accentuant ses divisions au lieu de s'enrichir des complémentarités aussi merveilleuses que sacrées qui unissent l'homme et la femme. Comme il l'écrit lui-même « en blessant son féminin, notre humanité s'est tiré une flèche dans les deux pieds ». Selon Jean-Philippe de Tonnac, c'est en respectant la femme et en passant par elle que l'on peut guérir le masculin. En s'appuyant sur son parcours personnel, en préférant toujours d'abord l'aide des femmes, c'est grâce à elles qu'il a pu enfin aller à la rencontre d'hommes qui ont vécu l'expérience d'accepter leur vulnérabilité. Des hommes qui ont réussi à transformer leur faiblesse en force, et qui savent aujourd'hui aider et accompagner de nombreuses personnes. Au cours de cet épisode, Jean-Philippe de Tonnac évoque certains de ces hommes, qu'il décrit dans son livre. La profondeur et l'originalité du regard de Jean-Philippe de Tonnac apporte des lumières inédites sur les causes profondes qui, plutôt que de les rapprocher, ont opposé les hommes et les femmes depuis les origines. Des lumières indispensables pour guérir et éclairer nos vies.  Pour lire L'éloge de la vulnérabilité des hommes, du masculin blessé au masculin sacré, le livre de Jean-Philippe de Tonnac, cliquer ici. LA FORCE DANS LA FAIBLESSE ?  Chers amis, chers auditeurs de Zeteo, Il a fallu bien des épreuves, des recherches, des expériences insolites, des rencontres, des circonstances inattendues, des révélations et des guérisons, pour que Jean-Philippe de Tonnac parvienne enfin à accepter et à vivre en conscience sa propre incarnation. Atteint par une maladie rare et mystérieuse dès l'enfance, dont il témoigne dans ses deux participations précédentes à Zeteo, Jean-Philippe de Tonnac dit comment il est parvenu à réconcilier en lui le corps et l'esprit. Il fallait passer par les femmes. Par certaines femmes, qu'il a eu la chance ou le courage de rencontrer. Celles qui lui ont révélé la puissance sacrée du féminin dans ce monde et grâce à qui il a enfin pu guérir le masculin en lui. Son Éloge de la vulnérabilité des hommes apporte cette révélation fondamentale dont nous nous sommes trop longtemps détournés : c'est en accueillant et en aimant nos faiblesses que nous devenons forts. Cette sagesse se prête mal aux tristes illustrations que nous offre l'actualité. Mais elle est un formidable signe d'espoir pour tous. Nous pourrons être entraînés bas, parfois très bas, mais nous pourrons toujours nous relever. C'est le cœur du message du Christ. Peut-être que la faiblesse de Zeteo fait parfois sa force ? Grâce à ses témoins, ses auditeurs et ses donateurs, les semaines succèdent aux semaines, avec à chaque fois des pépites nouvelles comme celle d'aujourd'hui. Merci infiniment à ceux qui témoignent, écoutent, font transmettre Zeteo. Merci infiniment à ceux qui soutiennent par un don ce podcast à la fois fragile et fort, Fraternellement, Guillaume Devoud  Pour faire un don, il suffit de cliquer ici pour aller sur notre compte de paiement de dons en ligne sécurisé par HelloAsso. Ou de cliquer ici pour aller sur notre compte Paypal. Vos dons sont défiscalisables à hauteur de 66% : par exemple, un don de 50€ ne coûte en réalité que 17€. Le reçu fiscal est généré automatiquement et immédiatement à tous ceux qui passent par la plateforme de paiement sécurisé en ligne de HelloAsso Nous délivrons directement un reçu fiscal à tous ceux qui effectuent un paiement autrement (Paypal, chèque à l'association Telio, 116 boulevard Suchet, 75016 Paris – virement : nous écrire à info@zeteo.fr ).   Pour lire d'autres messages de nos auditeurs : cliquer ici. Pour en savoir plus au sujet de Zeteo, cliquer ici. Pour lire les messages de nos auditeurs, cliquer ici. Nous contacter : contact@zeteo.fr Proposer votre témoignage ou celui d'un proche : temoignage@zeteo.fr

AI and Faster Attack Analysis A few use cases for LLMs to speed up analysis https://isc.sans.edu/diary/AI%20and%20Faster%20Attack%20Analysis%20%5BGuest%20Diary%5D/32198 Proxyware Malware Being Distributed on YouTube Video Download Site Popular YouTube download sites will attempt to infect users with proxyware. https://asec.ahnlab.com/en/89574/ Xerox Freeflow Core Vulnerability Horizon3.ai discovered XXE Injection (CVE-2025-8355) and Path Traversal (CVE-2025-8356) vulnerabilities in Xerox FreeFlow Core, a print orchestration platform. These vulnerabilities are easily exploitable and enable unauthenticated remote attackers to achieve remote code execution on vulnerable FreeFlow Core instances. https://horizon3.ai/attack-research/attack-blogs/from-support-ticket-to-zero-day/ SANS.edu Research: Darren Carstensen Evaluating Zero Trust Network Access: A Framework for Comparative Security Testing Not all Zero Trust Network Access (ZTNA) solutions are created equal, and despite bold marketing claims, many fall short of delivering proper Zero Trust security. https://www.sans.edu/cyber-research/evaluating-zero-trust-network-access-framework-comparative-security-testing/

Durant l'été, je vous propose une sélection des meilleurs épisodes de Vlan sur la dernière saison. L'occasion de découvrir ou redécouvrir des épisodes qui ont énormément plu. Melvine Deba est handballeuse professionnelle et autrice d'un ouvrage "un espace de vulérabilité partagé".Nous avons adoré regarder les J.Os mais connaissons mal la réalité des sportifs de haut niveau.Melvine partage avec une grande sincérité son parcours exceptionnel, tant sur le terrain qu'au-delà. Elle dévoile les réalités cachées derrière les mythes des athlètes infaillibles, en abordant des sujets essentiels comme la performance, la blessure, et la quête de sens dans un monde obsédé par le succès.À travers son récit, elle nous entraîne dans une réflexion profonde sur la vulnérabilité, la pression de la perfection, et la nécessité de redéfinir la force.Elle nous parle de son expérience personnelle face à un accident qui a bouleversé sa carrière, mais aussi de son combat intérieur pour retrouver sa dignité et son estime de soi après un traumatisme d'enfance.Cet épisode est une invitation à repenser notre rapport à la réussite, à embrasser notre humanité dans toute sa complexité, et à trouver la liberté dans l'acceptation de nos faiblesses. Un témoignage puissant et inspirant qui résonnera en chacun de nous.Des questions que l'on se pose : Quel est, selon toi, le plus grand mythe autour des sportifs de haut niveau ?Peux-tu nous expliquer ce qui s'est passé lors de ta blessure et comment tu l'as vécue ?Quel est ton rapport à la performance, et comment fais-tu la différence entre le plaisir de jouer et la pression de performer ?À quel moment as-tu réalisé que tu avais plus peur d'échouer que l'envie de gagner ?Comment as-tu réussi à dépasser cette peur de l'échec et à trouver une reconnaissance intérieure ?Quelles démarches ou outils as-tu mis en place pour te reconnecter à toi-même après ta blessure ?Comment gères-tu le passage de l'hyperactivité sportive à l'immobilisation forcée ?Est-ce que cette période d'arrêt a remis en question tes valeurs et ton "drive" personnel ?Qu'est-ce que cela fait de devoir constamment prouver sa valeur, en particulier dans un contexte où tu dois démontrer ta force en tant que femme et athlète ?Pourquoi as-tu choisi d'écrire un livre pour partager ton histoire, plutôt que de la raconter à tes proches en premier ?Timelaps :00:00 Rapport à la performance influencé par l'enfance.07:22 Obsession pour le sport conduisant à blessures.11:50 Coach aide à trouver dignité malgré blessure.16:17 Rapport à l'échec, lecture de "Osez vraiment réussir"24:39 Choisir entre être fort et vulnérable.29:54 Blessure, psy, agression sexuelle, nettoyer, inceste, mots.33:44 Déni de l'inceste et clichés sur les femmes.42:52 Tentative d'assassinat réfléchie, partage de vulnérabilité.44:19 L'écriture m'a permis de guérir et d'évoluer.54:17 Différencier les silences, introspectif, méditatif, nécessaire.55:43 Trop de bruit, retrouver le silence intérieur.01:01:38 Apprentissage de l'espagnol par son et émotion. Suggestion d'autres épisodes à écouter : Vlan #77 Pourquoi vous devriez vous intéresser à l'esport avec Angela Natividad (https://audmns.com/ngplEvZ) #154 Changer de vie et revenir à l'essentiel avec Pedro Correa (https://audmns.com/yWsWFgE) #278 Sortir de l'hypernormalité pour être soi avec Ines Weber (https://audmns.com/nMPymjS)Hébergé par Audiomeans. Visitez audiomeans.fr/politique-de-confidentialite pour plus d'informations.

Le Central Electricity Board (CEB) renforce son engagement en faveur de la transition énergétique et du soutien aux plus démunis. Deux nouveaux plans ont été mis sur pied pour aider, d'une part, les familles à faible revenu, et d'autre part, les ONG et les institutions religieuses. Selon Thierry Ramasawmy, responsable de la communication au CEB, 1 000 panneaux solaires seront installés gratuitement dans les foyers vulnérables. « Ces familles bénéficieront chaque mois de 100 kWh d'électricité gratuits, déduits directement de leur facture », précise-t-il. Le second dispositif vise les ONG et les institutions religieuses, qui pourront elles aussi faire installer gratuitement des panneaux photovoltaïques, afin de réduire leurs coûts énergétiques et réorienter leurs ressources vers leurs missions sociales. Julie, l'un des bénéficiaires, témoigne : « C'est un vrai soulagement. Mes factures ont considérablement baissé, et je peux mieux gérer mes autres dépenses. » Pour plus d'informations sur ces deux plans, les intéressés peuvent se rendre dans l'agence CEB la plus proche ou appeler le 8912.

Mass Internet Scanning from ASN 43350 Our undergraduate intern Duncan Woosley wrote up aggressive scans from ASN 43350 https://isc.sans.edu/diary/Mass+Internet+Scanning+from+ASN+43350+Guest+Diary/32180/#comments HTTP/1.1 Desync Attacks Portswigger released details about new types of HTTP/1.1 desync attacks it uncovered. These attacks are particularly critical for organizations using middleboxes to translate from HTTP/2 to HTTP/1.1 https://portswigger.net/research/http1-must-die Microsoft Warns of Exchange Server Vulnerability An attacker with admin access to an Exchange Server in a hybrid configuration can use this vulnerability to gain full domain access. The issue is mitigated by an April hotfix, but was not noted in the release of the April Hotfix. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-53786 Sonicwall Update Sonicwall no longer believes that a new vulnerability was used in recent compromises https://www.sonicwall.com/support/notices/gen-7-and-newer-sonicwall-firewalls-sslvpn-recent-threat-activity/250804095336430 SANS.edu Research: Wellington Rampazo, Shift Left the Awareness and Detection of Developers Using Vulnerable Open-Source Software Components https://www.sans.edu/cyber-research/shift-left-awareness-detection-developers-using-vulnerable-open-source-software-components/

C'est une idée très répandue : les yeux clairs seraient globalement plus fragiles. Ils seraient moins résistants à la lumière du soleil et nécessiteraient d'être davantage protégés. En France, nous serions 30% à avoir les yeux bleus selon le Figaro santé. Lorsque nous avons les yeux ouverts, les rayons lumineux passent par la pupille, une ouverture au centre de l'iris dont le diamètre varie en fonction de la luminosité. Ces rayons viennent frapper la rétine, une membrane chargée de capter les rayons lumineux. Et quelle est la fonction de l'iris ? La lumière est-elle dangereuse pour les yeux ? Comment protéger ses yeux ? Ecoutez la suite de cet épisode de "Maintenant Vous Savez". Un podcast écrit et réalisé par Emilie Drugeon. Date de première diffusion : 9 juin 2023 À écouter aussi : ⁠La viande rouge est-elle vraiment la moins écologique ?⁠ ⁠L'eau dans laquelle vous allez vous baigner cet été est-elle vraiment propre ?⁠ ⁠Comment obtenir des billets de concerts pas chers ?⁠ Retrouvez tous les épisodes de ⁠"Maintenant vous savez".⁠ Suivez Bababam sur ⁠Instagram⁠. Learn more about your ad choices. Visit megaphone.fm/adchoices

Securing Firebase: Lessons Re-Learned from the Tea Breach Inspried by the breach of the Tea app, Brendon Evans recorded a video to inform of Firebase security issues https://isc.sans.edu/diary/Securing%20Firebase%3A%20Lessons%20Re-Learned%20from%20the%20Tea%20Breach/32158 WebKit Vulnerability Exploited before Apple Patch A WebKit vulnerablity patched by Apple yesterday has already been exploited in Google Chrome. Google noted the exploit with its patch for the same vulnerability in Chrome. https://nvd.nist.gov/vuln/detail/CVE-2025-6558 Scattered Spider Update CISA released an update for its report on Scattered Spider, noting that the group also calls helpdesks impersonating users, not just the other way around. https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a

Apple Updates Everything: July 2025 Edition Apple released updates for all of its operating systems patching 89 different vulnerabilities. Many vulnerabilities apply to multiple operating systems. https://isc.sans.edu/diary/Apple%20Updates%20Everything%3A%20July%202025/32154 Python Triage A quick python script by Xavier to efficiently search through files, even compressed once, for indicators of compromise. https://isc.sans.edu/diary/Triage+is+Key+Python+to+the+Rescue/32152/ PaperCut Attacks CISA added a 2024 Papercut vulnerability to the known exploited vulnerability list. https://www.cisa.gov/news-events/alerts/2025/07/28/cisa-adds-three-known-exploited-vulnerabilities-catalog

Parasitic SharePoint Exploits We are seeing attacks against SharePoint itself and attempts to exploit backdoors left behind by attackers. https://isc.sans.edu/diary/Parasitic%20Sharepoint%20Exploits/32148 Cisco ISE Vulnerability Exploited A recently patched vulnerability in Cisco ISE is now being exploited. The Zero Day Initiative has released a blog detailing the exploit chain to obtain code execution as an unauthenticated user. https://www.zerodayinitiative.com/blog/2025/7/24/cve-2025-20281-cisco-ise-api-unauthenticated-remote-code-execution-vulnerability MyAsus Vulnerablity The MyAsus tool does not store its access tokens correctly, potentially providing an attacker with access to sensitive functions https://www.asus.com/content/security-advisory/

The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com

Microsoft Released Patches for SharePoint Vulnerability CVE-2025-53770 CVE-2025-53771 Microsoft released a patch for the currently exploited SharePoint vulnerability. It also added a second CVE number identifying the authentication bypass vulnerability. https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/ How Quickly Are Systems Patched? Jan took Shodan data to check how quickly recent vulnerabilities were patched. The quick answer: Not fast enough. https://isc.sans.edu/diary/How%20quickly%20do%20we%20patch%3F%20A%20quick%20look%20from%20the%20global%20viewpoint/32126 HP Enterprise Instant On Access Points Vulnerability HPE patched two vulnerabilities in its Instant On access points (aka Aruba). One allows for authentication bypass, while the second one enables arbitrary code execution as admin. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04894en_us Revealing the AppLocker Bypass Risks in The Suggested Block-list Policy AppLocker sample policies suffer from a simple bug that may enable some rule bypass, but only if signatures are not enforced. While reviewing Microsoft s suggested configuration, Varonis Threat Labs noticed a subtle but important issue: the MaximumFileVersion field was set to 65355 instead of the expected 65535. https://www.varonis.com/blog/applocker-bypass-risks Ghost Crypt Malware Leverages Zoho WorkDrive The Ghost malware tricks users into downloading by sending links to Zoho WorkDrive locations. https://www.esentire.com/blog/ghost-crypt-powers-purerat-with-hypnosis

SSH Tunneling in Action: direct-tcp requests Attackers are compromising ssh servers to abuse them as relays. The attacker will configure port forwarding direct-tcp connections to forward traffic to a victim. In this particular case, the Yandex mail server was the primary victim of these attacks. https://isc.sans.edu/diary/SSH%20Tunneling%20in%20Action%3A%20direct-tcp%20requests%20%5BGuest%20Diary%5D/32094 Fortiguard FortiWeb Unauthenticated SQL injection in GUI (CVE-2025-25257) An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in FortiWeb may allow an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. https://www.fortiguard.com/psirt/FG-IR-25-151 Ruckus Virtual SmartZone (vSZ) and Ruckus Network Director (RND) contain multiple vulnerabilities Ruckus products suffer from a number of critical vulnerabilities. There is no patch available, and users are advised to restrict access to the vulnerable admin interface. https://kb.cert.org/vuls/id/613753

"À quoi ça sert de se dire chrétien pour un responsable politique si vous n'êtes pas capable de le faire transparaître dans votre engagement ?" Homme politique, diplomate et premier ministre sous Jacques Chirac, Dominique de Villepin raconte pour la première fois sa trajectoire personnelle derrière son personnage public, à l'occasion de la sortie de son nouveau livre "Le pouvoir de dire non". Il se livre sans détour sur la mort de son frère, sur sa mise à l'écart de la scène politique, puis sur le long chemin vers l'acceptation de sa propre fragilité. Bonne écoute.

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-6543 Citrix patched a memory overflow vulnerability leading to unintended control flow and denial of service. https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788 Remote code execution in CentOS Web Panel - CVE-2025-48703 An arbitrary file upload vulnerability in the user (not admin) part of Web Panel can be used to execute arbitrary code https://fenrisk.com/rce-centos-webpanel Gogs Arbitrary File Deletion Vulnerability Due to the insufficient patch for the CVE-2024-39931, it's still possible to delete files under the .git directory and achieve remote command execution. https://github.com/gogs/gogs/security/advisories/GHSA-wj44-9vcg-wjq7 Let s Encrypt Will Soon Issue IP Address-Based Certs Let s Encrypt is almost ready to issue certificates for IP address SANs from Let's Encrypt's production environment. They'll only be available under the short-lived profile (which has a 6-day validity period), and that profile will remain allowlist-only for a while. https://community.letsencrypt.org/t/getting-ready-to-issue-ip-address-certificates/238777

This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integration of open source tools in enhancing security measures. The conversation delves into various aspects of cybersecurity, focusing on aircraft tracking, data filtering, the evolution of vulnerability management, and the role of AI in enhancing security measures. The speakers discuss the challenges posed by default credentials and the shared responsibility model in cloud infrastructure. They also explore the limitations of AI in cybersecurity and the potential for future advancements, particularly in localized LLMs. The conversation delves into the intersection of technology, cybersecurity, and privacy, exploring the implications of AI on energy demands, vulnerabilities in telecom infrastructure, the complexities of network maintenance, and the challenges of ransomware negotiations. The discussion also touches on privacy concerns related to data tracking by major tech companies like Meta and Apple, as well as the evolving landscape of legal implications in the face of cyber threats. This segment is sponsored by runZero. Get complete visibility across your total attack surface in literally minutes - no agents, no authentication required. Start a free trial or access the free Community Edition at https://securityweekly.com/runzero. HD Moore joins us to discuss finding all the things and how vulnerability management has changed. In the security news: Hacking from a light bulb Reverse engineering, the easy ways Detecting Jitter FCC probes into Cyber Trust Mark Bluetooth Jamming New Wifi Apple features: What could go wrong? Just turn off the Internet for the entire country Meta's Localhost tracking Hacking printers, for realz this time Are we not patching 2023 CVEs? Cleaning up legacy drivers One of the Best Hackers in the Country is an AI Bot Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-880

This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integration of open source tools in enhancing security measures. The conversation delves into various aspects of cybersecurity, focusing on aircraft tracking, data filtering, the evolution of vulnerability management, and the role of AI in enhancing security measures. The speakers discuss the challenges posed by default credentials and the shared responsibility model in cloud infrastructure. They also explore the limitations of AI in cybersecurity and the potential for future advancements, particularly in localized LLMs. The conversation delves into the intersection of technology, cybersecurity, and privacy, exploring the implications of AI on energy demands, vulnerabilities in telecom infrastructure, the complexities of network maintenance, and the challenges of ransomware negotiations. The discussion also touches on privacy concerns related to data tracking by major tech companies like Meta and Apple, as well as the evolving landscape of legal implications in the face of cyber threats. This segment is sponsored by runZero. Get complete visibility across your total attack surface in literally minutes - no agents, no authentication required. Start a free trial or access the free Community Edition at https://securityweekly.com/runzero. HD Moore joins us to discuss finding all the things and how vulnerability management has changed. In the security news: Hacking from a light bulb Reverse engineering, the easy ways Detecting Jitter FCC probes into Cyber Trust Mark Bluetooth Jamming New Wifi Apple features: What could go wrong? Just turn off the Internet for the entire country Meta's Localhost tracking Hacking printers, for realz this time Are we not patching 2023 CVEs? Cleaning up legacy drivers One of the Best Hackers in the Country is an AI Bot Show Notes: https://securityweekly.com/psw-880

This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integration of open source tools in enhancing security measures. The conversation delves into various aspects of cybersecurity, focusing on aircraft tracking, data filtering, the evolution of vulnerability management, and the role of AI in enhancing security measures. The speakers discuss the challenges posed by default credentials and the shared responsibility model in cloud infrastructure. They also explore the limitations of AI in cybersecurity and the potential for future advancements, particularly in localized LLMs. The conversation delves into the intersection of technology, cybersecurity, and privacy, exploring the implications of AI on energy demands, vulnerabilities in telecom infrastructure, the complexities of network maintenance, and the challenges of ransomware negotiations. The discussion also touches on privacy concerns related to data tracking by major tech companies like Meta and Apple, as well as the evolving landscape of legal implications in the face of cyber threats. This segment is sponsored by runZero. Get complete visibility across your total attack surface in literally minutes - no agents, no authentication required. Start a free trial or access the free Community Edition at https://securityweekly.com/runzero. HD Moore joins us to discuss finding all the things and how vulnerability management has changed. In the security news: Hacking from a light bulb Reverse engineering, the easy ways Detecting Jitter FCC probes into Cyber Trust Mark Bluetooth Jamming New Wifi Apple features: What could go wrong? Just turn off the Internet for the entire country Meta's Localhost tracking Hacking printers, for realz this time Are we not patching 2023 CVEs? Cleaning up legacy drivers One of the Best Hackers in the Country is an AI Bot Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-880

This conversation explores the intersection of cybersecurity and emerging technologies, focusing on innovative hacking techniques, the evolution of vulnerability management, and the critical importance of asset discovery. The discussion also delves into the implications of cyber warfare, the persistent threat of default passwords, and the integration of open source tools in enhancing security measures. The conversation delves into various aspects of cybersecurity, focusing on aircraft tracking, data filtering, the evolution of vulnerability management, and the role of AI in enhancing security measures. The speakers discuss the challenges posed by default credentials and the shared responsibility model in cloud infrastructure. They also explore the limitations of AI in cybersecurity and the potential for future advancements, particularly in localized LLMs. The conversation delves into the intersection of technology, cybersecurity, and privacy, exploring the implications of AI on energy demands, vulnerabilities in telecom infrastructure, the complexities of network maintenance, and the challenges of ransomware negotiations. The discussion also touches on privacy concerns related to data tracking by major tech companies like Meta and Apple, as well as the evolving landscape of legal implications in the face of cyber threats. This segment is sponsored by runZero. Get complete visibility across your total attack surface in literally minutes - no agents, no authentication required. Start a free trial or access the free Community Edition at https://securityweekly.com/runzero. HD Moore joins us to discuss finding all the things and how vulnerability management has changed. In the security news: Hacking from a light bulb Reverse engineering, the easy ways Detecting Jitter FCC probes into Cyber Trust Mark Bluetooth Jamming New Wifi Apple features: What could go wrong? Just turn off the Internet for the entire country Meta's Localhost tracking Hacking printers, for realz this time Are we not patching 2023 CVEs? Cleaning up legacy drivers One of the Best Hackers in the Country is an AI Bot Show Notes: https://securityweekly.com/psw-880

Extracting Data From JPEGs Didier shows how to efficiently extract data from JPEGs using his tool jpegdump.py https://isc.sans.edu/diary/A%20JPEG%20With%20A%20Payload/32048 Windows Recall Export in Europe In its latest insider build for Windows 11, Microsoft is testing an export feature for data stored by Recall. The feature is limited to European users and requires that you note an encryption key that will be displayed only once as Recall is enabled. https://blogs.windows.com/windows-insider/2025/06/13/announcing-windows-11-insider-preview-build-26120-4441-beta-channel/ Anubis Ransomware Now Wipes Data The Anubis ransomware, usually known for standard double extortion, is now also wiping data preventing any recovery even if you pay the ransom. https://www.trendmicro.com/en_us/research/25/f/anubis-a-closer-look-at-an-emerging-ransomware.html Mitel Vulnerabilities CVE-2025-47188 Mitel this week patched a critical path traversal vulnerability (sadly, no CVE), and Infoguard Labs published a PoC exploit for an older file upload vulnerability. https://labs.infoguard.ch/posts/cve-2025-47188_mitel_phone_unauthenticated_rce/ https://www.mitel.com/support/mitel-product-security-advisory-misa-2025-0007

Automated Tools to Assist with DShield Honeypot Investigations https://isc.sans.edu/diary/Automated%20Tools%20to%20Assist%20with%20DShield%20Honeypot%20Investigations%20%5BGuest%20Diary%5D/32038 EchoLeak: Zero-Click Microsoft 365 Copilot Data Leak Microsoft fixed a vulnerability in Copilot that could have been abused to exfiltrate data from Copilot users. Copilot mishandled instructions an attacker included in documents inspected by Copilot and executed them. https://www.aim.security/lp/aim-labs-echoleak-blogpost Thunderbolt Vulnerability Thunderbolt users may be tricked into downloading arbitrary files if an email includes a mailbox:/// URL. https://www.mozilla.org/en-US/security/advisories/mfsa2025-49/

Quasar RAT Delivered Through Bat Files Xavier is walking you through a quick reverse analysis of a script that will injection code extracted from a PNG image to implement a Quasar RAT. https://isc.sans.edu/diary/Quasar%20RAT%20Delivered%20Through%20Bat%20Files/32036 Delayed Windows 11 24H2 Rollout Microsoft slightly throttled the rollout of windows 11 24H2 due to issues stemming from the patch Tuesday fixes. https://learn.microsoft.com/en-us/windows/release-health/windows-message-center#3570 An In-Depth Analysis of CVE-2025-33073 Patch Tuesday fixed an already exploited SMB client vulnerability. A blog by Synacktiv explains the nature of the issue and how to exploit it. https://www.synacktiv.com/en/publications/ntlm-reflection-is-dead-long-live-ntlm-reflection-an-in-depth-analysis-of-cve-2025 Connectwise Rotating Signing Certificates Connectwise is rotating signing certificates after a recent compromise, and will release a new version of its Screen share software soon to harden its configuration. https://www.connectwise.com/company/trust/advisories KDE Telnet URL Vulnerablity The Konsole delivered as part of KDE may be abused to execute arbitrary code via telnet URLs. https://kde.org/info/security/advisory-20250609-1.txt

CISA, Microsoft warn of Windows zero-day used in attack on ‘major' Turkish defense org 40K IoT cameras worldwide stream secrets to anyone with a browser Marks & Spencer begins taking online orders again, out for seven weeks due to cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta.  With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information.  The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive.  Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines.

Annie rencontre des difficultés relationnelles avec ses filles, qui deviennent agressives lorsqu'elle se montre vulnérable. Elle attribue ce comportement à leur passé familial marqué par l'alcoolisme et les problèmes psychiatriques de leur père décédé. Annie souhaite améliorer ses relations avec ses filles tout en gérant ses propres fragilités. Chaque soir, en direct, Caroline Dublanche accueille les auditeurs pour 2h30 d'échanges et de confidences. Pour participer, contactez l'émission au 09 69 39 10 11 (prix d'un appel local) ou sur parlonsnous@rtl.fr.Distribué par Audiomeans. Visitez audiomeans.fr/politique-de-confidentialite pour plus d'informations.

In this sponsored interview, Risky Business Media's brand new interviewer Casey Ellis chats with runZero founder and CEO HD Moore about why vuln scanning tech is awful and broken. He also talks about how they're trying to do something better by glueing their own discovery product to the nuclei open source vulnerability scanner. Show notes

Send us a textNEW EPISODES EVERY FRIDAY: Erik Hatterscheidt was a Business Major and took over his parents resort business when he finished school with a great deal of pressure on his shoulders to help revive the ailing numbers and use his knowledge to turn things around. As it happened, what Erik had learned really didn't translate into his parents smaller business, and he suffered in silence as things got worse, eventually turning to Alcohol.Join us this week to hear how Erik arrived at a crossroads, and was able to get out of the darkness, and turn things around!Today, he leads motorcycle-based expeditions that combine real-world service missions and personal transformation. Freshline Website: https://www.freshlineclub.com/Freshline Instagram: https://www.instagram.com/freshlinemotoclub/Club Application Page: https://ride.freshlineclub.com/apply-hereSupport the show

Three Buddy Problem - Episode 47: We unpack a multi-agency report on Russia's APT28/Fancy Bear hacking and spying on Ukraine war supply lines, CISA's sloppy YARA rules riddled with false positives, the ethics of full-disclosure after Akamai dropped Windows Server “BadSuccessor” exploit details, and Sekoia's discovery of thousands of hijacked edge devices repurposed as honeypots. The back half veers into Microsoft's resurrected Windows Recall, Signal's new screenshot-blocking countermeasure, Japan's fresh legal mandate for pre-emptive cyber strikes, and why appliance vendors like Ivanti keep landing in the headlines. Along the way you get hot takes on techno-feudalism, Johnny Ive's rumored AI gadget, and a lively debate over whether publishing exploit code ever helps defenders. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Example of Modular Malware Xavier analyzes modular malware that downloads DLLs from GitHub if specific features are required. In particular, the webcam module is inspected in detail. https://isc.sans.edu/diary/Example%20of%20%22Modular%22%20Malware/31928 Sysaid XXE Vulnerabilities IT Service Management Software Sysaid patched a number of XXE vulnerabilities. Without authentication, an attacker is able to obtain confidential data and completely compromise the system. watchTowr published a detailed analysis of the flaws including exploit code. https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/ Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability Cisco Patched a vulnerability in its wireless controller software that may be used to not only upload files but also execute code as root without authentication. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC Unifi Protect Camera Vulnerability Ubiquity patched a vulnerability in its Protect camera firmware fixing a buffer overflow flaw. https://community.ui.com/releases/Security-Advisory-Bulletin-047-047/cef86c37-7421-44fd-b251-84e76475a5bc

Episode 120: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner welcomes Eugene to talk (aka fanboy) about his new book, 'From Day Zero to Zero Day.' We walk through what to expect in each chapter, including Binary Analysis, Source and Sink Discovery, and Fuzzing everything.Then we give listeners a special deal on the book.Follow us on twitter at: https://x.com/ctbbpodcastGot any ideas and suggestions? Feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!====== Links ======Follow your hosts Rhynorater and Rez0 on Twitter:https://x.com/Rhynoraterhttps://x.com/rez0__====== Ways to Support CTBBPodcast ======Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.You can also find some hacker swag at https://ctbb.show/merch!Today's Sponsor - ThreatLocker User Storehttps://www.criticalthinkingpodcast.io/tl-userstoreToday's guest: https://x.com/spaceraccoonsec====== Resources ======Buy SpaceRaccoon's Book: From Day Zero to Zero Dayhttps://nostarch.com/zero-dayUSE CODE 'ZERODAYDEAL' for 30% OFFPwning Millions of Smart Weighing Machines with API and Hardware Hackinghttps://spaceraccoon.dev/pwning-millions-smart-weighing-machines-api-hardware-hacking/====== Timestamps ======(00:00:00) Introduction(00:04:58) From Day Zero to Zero Day(00:12:06) Mapping Code to Attack Surface(00:17:59) Day Zero and Taint Analysis(00:22:43) Automated Variant Analysis & Binary Taxonomy(00:31:35) Source and Sink Discovery(00:40:22) Hybrid Binary Analysis & Quick and Dirty Fuzzing(00:56:00) Coverage-Guided Fuzzing, Fuzzing Everything, & Beyond Day Zero(01:02:16) Bug bounty, Vuln research, & Governmental work(01:10:23) Source Code Review & Pwning Millions of Smart Weighing Machines

durée : 00:08:58 - La Question du jour - par : Marguerite Catton - Une coupure électrique qualifiée d'exceptionnelle a touché la péninsule ibérique ces derniers jours : plus de 55 millions de personnes se sont retrouvées sans électricité. Une telle situation pourrait-elle advenir en France ? Notre réseau électrique est-il plus résilient ? - réalisation : Félicie Faugère - invités : Patrice Geoffron Professeur d'économie à l'Université Paris-Dauphine, directeur de l'équipe Energie Climat.

In this live recording from BSidesSF we explore the factors that influence a secure design, talk about how to avoid the bite of UX dragons, and why designs should put classes of vulns into dungeons. But we can't threat model a secure design forever and we can't oversimplify guidance for a design to be "more secure". Kalyani Pawar and Jack Cable join the discussion to provide advice on evaluating secure designs through examples of strong and weak designs we've seen over the years. We highlight the importance of designing systems to serve users and consider what it means to have a secure design with a poor UX. As we talk about the strategy and tactics of secure design, we share why framing this as a challenge in preventing dangerous errors can help devs make practical engineering decisions that improve appsec for everyone. Resources https://owasp.org/Top10/A042021-InsecureDesign/ https://dl.acm.org/doi/10.5555/1251421.1251435 https://www.threatmodelingmanifesto.org https://www.ietf.org/rfc/rfc9700.html https://www.cisa.gov/resources-tools/resources/secure-by-design Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw-328

In this live recording from BSidesSF we explore the factors that influence a secure design, talk about how to avoid the bite of UX dragons, and why designs should put classes of vulns into dungeons. But we can't threat model a secure design forever and we can't oversimplify guidance for a design to be "more secure". Kalyani Pawar and Jack Cable join the discussion to provide advice on evaluating secure designs through examples of strong and weak designs we've seen over the years. We highlight the importance of designing systems to serve users and consider what it means to have a secure design with a poor UX. As we talk about the strategy and tactics of secure design, we share why framing this as a challenge in preventing dangerous errors can help devs make practical engineering decisions that improve appsec for everyone. Resources https://owasp.org/Top10/A042021-InsecureDesign/ https://dl.acm.org/doi/10.5555/1251421.1251435 https://www.threatmodelingmanifesto.org https://www.ietf.org/rfc/rfc9700.html https://www.cisa.gov/resources-tools/resources/secure-by-design Show Notes: https://securityweekly.com/asw-328

Honeypot Iptables Maintenance and DShield-SIEM Logging In this diary, Jesse is talking about some of the tasks to maintain a honeypot, like keeping filebeats up to date and adjusting configurations in case your dynamic IP address changes https://isc.sans.edu/diary/Honeypot%20Iptables%20Maintenance%20and%20DShield-SIEM%20Logging/31876 XRPL.js Compromised An unknown actor was able to push malicious updates of the XRPL.js library to NPM. The library is officially recommended for writing Riple (RPL) cryptocurrency code. The malicious library exfiltrated secret keys to the attacker https://www.aikido.dev/blog/xrp-supplychain-attack-official-npm-package-infected-with-crypto-stealing-backdoor https://github.com/XRPLF/xrpl.js/security/advisories/GHSA-33qr-m49q-rxfx Cisco Equipment Affected by Erlang/OTP SSH Vulnerability Cisco published an advisory explaining which of its products are affected by the critical Erlang/OTP SSH library vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZy

It's 2025, so why are malicious advertising URLs still going strong? Phishing attacks continue to take advantage of Google s advertising services. Sadly, this is still the case for obviously malicious links, even after various anti-phishing services flag the URL. https://isc.sans.edu/diary/It%27s%202025...%20so%20why%20are%20obviously%20malicious%20advertising%20URLs%20still%20going%20strong%3F/31880 ChatGPT Fingerprinting Documents via Unicode ChatGPT apparently started leaving fingerprints in texts, which it creates by adding invisible Unicode characters like non-breaking spaces. https://www.rumidocs.com/newsroom/new-chatgpt-models-seem-to-leave-watermarks-on-text Asus AI Cloud Security Advisory Asus warns of a remote code execution vulnerability in its routers. The vulnerability is related to the AI Cloud feature. If your router is EoL, disabling the feature will mitigate the vulnerability https://www.asus.com/content/asus-product-security-advisory/ PyTorch Vulnerability PyTorch fixed a remote code execution vulnerability exploitable if a malicious model was loaded. This issue was exploitable even with the weight_only=True" setting selected https://github.com/pytorch/pytorch/security/advisories/GHSA-53q9-r3pm-6pq6

RedTail: Remnux and Malware Management A description showing how to set up a malware analysis in the cloud with Remnux and Kasm. RedTail is a sample to illustrate how the environment can be used. https://isc.sans.edu/diary/RedTail%2C%20Remnux%20and%20Malware%20Management%20%5BGuest%20Diary%5D/31868 Critical Erlang/OTP SSH Vulnerability Researchers identified a critical vulnerability in the Erlang/OTP SSH library. Due to this vulnerability, SSH servers written in Erlang/OTP allow arbitrary remote code execution without prior authentication https://www.openwall.com/lists/oss-security/2025/04/16/2 Brickstorm Analysis An analysis of a recent instance of the Brickstorm backdoor. This backdoor used to be more known for infecting Linux systems, but now it also infects Windows. https://www.nviso.eu/blog/nviso-analyzes-brickstorm-espionage-backdoor https://blog.nviso.eu/wp-content/uploads/2025/04/NVISO-BRICKSTORM-Report.pdf OpenAI GPT 4.1 Controversy OpenAI released its latest model, GPT 4.1, without a safety report and guardrails to prevent malware creation. https://opentools.ai/news/openai-stirs-controversy-with-gpt-41-release-lacking-safety-report

Online Services Again Abused to Exfiltrate Data Attackers like to abuse free online services that can be used to exfiltrate data. From the originals , like pastebin, to past favorites like anonfiles.com. The latest example is gofile.io. As a defender, it is important to track these services to detect exfiltration early https://isc.sans.edu/diary/Online%20Services%20Again%20Abused%20to%20Exfiltrate%20Data/31862 OpenSSH 10.0 Released OpenSSH 10.0 was released. This release adds quantum-safe ciphers and the separation of authentication services into a separate binary to reduce the authentication attack surface. https://www.openssh.com/releasenotes.html#10.0p1 Apache Roller Vulnerability Apache Roller addressed a vulnerability. Its CVSS score of 10.0 appears inflated, but it is still a vulnerability you probably want to address. https://lists.apache.org/thread/4j906k16v21kdx8hk87gl7663sw7lg7f CVE Funding Changes Mitre s government contract to operate the CVE system may run out tomorrow. This could lead to a temporary disruption of services, but the system is backed by a diverse board of directors representing many large companies. It is possible that non-government funding sources may keep the system afloat for now. https://www.cve.org/

Exploring Statistical Measures to Predict URLs as Legitimate or Intrusive Using frequency analysis, and training the model with honeypot data as well as log data from legitimate websites allows for a fairly simple and reliable triage of web server logs to identify possible malicious activity. https://isc.sans.edu/diary/Exploring%20Statistical%20Measures%20to%20Predict%20URLs%20as%20Legitimate%20or%20Intrusive%20%5BGuest%20Diary%5D/31822 Critical Unexploitable Ivanti Vulnerability Exploited CVE-2025-22457 In February, Ivanti patched CVE-2025-22457. At the time, the vulnerability was not considered to be exploitable. Mandiant now published a blog disclosing that the vulnerability was exploited as soon as mid-march https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-exploiting-critical-ivanti-vulnerability/ WinRAR MotW Vulnerability CVE-2025-31334 WinRAR patched a vulnerability that would not apply the Mark of the Web correctly if a compressed file included symlinks. This may make it easier to trick a victim into executing code downloaded from a website. https://nvd.nist.gov/vuln/detail/CVE-2025-31334 Microsoft Warns of Tax-Related Scam With the US personal income tax filing deadline only about a week out, Microsoft warns of commonly deployed scams that they are observing related to income tax filings https://www.microsoft.com/en-us/security/blog/2025/04/03/threat-actors-leverage-tax-season-to-deploy-tax-themed-phishing-campaigns/ Oracle Breach Update https://www.bloomberg.com/news/articles/2025-04-02/oracle-tells-clients-of-second-recent-hack-log-in-data-stolen

Static Analysis of GUID Encoded Shellcode Didier explains how to decode shell code embeded as GUIDs in malware, and how to feed the result to his tool 1768.py which will extract Cobal Strike configuration information from the code. https://isc.sans.edu/diary/Static%20Analysis%20of%20GUID%20Encoded%20Shellcode/31774 SAMLStorm: Critical Authentication Bypass in xml-crypto and Node.js libraries xml-crypto, a library use in Node.js applications to decode XML and support SAML, has found to parse comments incorrectly leading to several SAML vulnerabilities. https://workos.com/blog/samlstorm One PUT Request to Own Tomcat: CVE-2025-24813 RCE is in the Wild A just made public deserialization vulnerablity in Tomcat is already being exploited. Contributing to the rapid exploit release is the similarity of this vulnerability to other Java deserializtion vulnerabilities. https://lab.wallarm.com/one-put-request-to-own-tomcat-cve-2025-24813-rce-is-in-the-wild/ CVE-2025-24813 CSS Abuse for Evasion and Tracking Attackers are using cascading stylesheets to evade detection and enable more stealthy tracking of users https://blog.talosintelligence.com/css-abuse-for-evasion-and-tracking/

File Hashes Analysis with Power BI Guy explains in this diary how to analyze Cowrie honeypot file hashes using Microsoft's BI tool and what you may be able to discover using this tool. https://isc.sans.edu/diary/File%20Hashes%20Analysis%20with%20Power%20BI%20from%20Data%20Stored%20in%20DShield%20SIEM/31764 Apache Camel Vulnerability Apache released two patches for Camel in close succession. Initially, the vulnerability was only addressed for headers, but as Akamai discovered, it can also be exploited via query parameters. This vulnerability is trivial to exploit and leads to arbitrary code execution. https://www.akamai.com/blog/security-research/march-apache-camel-vulnerability-detections-and-mitigations Juniper Patches Junos Vulnerability Juniper patches an already exploited vulnerability in JunOS. However, to exploit the vulnerability, and attacker already needs privileged access. By exploiting the vulnerability, an attacker may completely compromised the device. https://supportportal.juniper.net/s/article/2025-03-Out-of-Cycle-Security-Bulletin-Junos-OS-A-local-attacker-with-shell-access-can-execute-arbitrary-code-CVE-2025-21590?language=en_US AMI Security Advisory AMI patched three vulnerabilities. One of the, an authentication bypass in Redfish, allows for a complete system compromise without authentication and is rated with a CVSS score of 10.0. https://go.ami.com/hubfs/Security%20Advisories/2025/AMI-SA-2025003.pdf

Shellcode Encoded in UUIDs Attackers are using UUIDs to encode Shellcode. The 128 Bit (or 16 Bytes) encoded in each UUID are converted to shell code to implement a cobalt strike beacon https://isc.sans.edu/diary/Shellcode%20Encoded%20in%20UUIDs/31752 Moxa CVE-2024-12297 Expanded to PT Switches Moxa in January first releast an update to address a fronted authorizaation logic disclosure vulnerability. It now updated the advisory and included the PT series switches as vulenrable. https://www.moxa.com/en/support/product-support/security-advisory/mpsa-241408-cve-2024-12297-frontend-authorization-logic-disclosure-vulnerability-identified-in-pt-switches Opentext Insufficently Protected Credentials https://portal.microfocus.com/s/article/KM000037455?language=en_US Livewire Volt API vulnerability https://github.com/livewire/volt/security/advisories/GHSA-v69f-5jxm-hwvv

Common Crawl includes Common Leaks The "Common Crawl" dataset, a large dataset created by spidering website, contains as expected many API keys and other secrets. This data is often used to train large language models https://trufflesecurity.com/blog/research-finds-12-000-live-api-keys-and-passwords-in-deepseek-s-training-data Github Repositories Exposed by Copilot As it is well known, Github's Copilot is using data from public GitHub repositories to train it's model. However, it appears that repositories who were briefly left open and later made private have been included as well, allowing Copilot users to retrieve files from these repositories. https://www.lasso.security/blog/lasso-major-vulnerability-in-microsoft-copilot MITRE Caldera Framework Allows Unauthenticated Code Execution The MITRE Caldera adversary emulation framework allows for unauthenticted code execution by allowing attackers to specify compiler options https://medium.com/@mitrecaldera/mitre-caldera-security-advisory-remote-code-execution-cve-2025-27364-5f679e2e2a0e modsecurity Rule Bypass Attackers may bypass the modsecurity web application firewall by prepending encoded characters with 0. https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-42w7-rmv5-4x2j

Attacker of of Ephemeral Ports Attackers often use ephermeral ports to reach out to download additional resources or exfiltrate data. This can be used, with care, to detect possible compromises. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Malware%20Source%20Servers%3A%20The%20Threat%20of%20Attackers%20Using%20Ephemeral%20Ports%20as%20Service%20Ports%20to%20Upload%20Data/31710 Compromised Visal Studio Code Extension downloaded by Millions Amit Assaraf identified a likely compromised Visual Studio Code theme that was installed by millions of potential victims. Amit did not disclose the exact malicious behaviour, but is asking for victims to contact them for details. https://medium.com/@amitassaraf/a-wolf-in-dark-mode-the-malicious-vs-code-theme-that-fooled-millions-85ed92b4bd26 ByBit Theft Due to Compromised Developer Workstation ByBit and Safe{Wallet} disclosed that the record breaking ethereum theft was due to a compromised Safe{Wallet} developer workstation. A replaced JavaScript file targeted ByBit and altered a transaction signed by ByBit. https://x.com/benbybit/status/1894768736084885929 https://x.com/safe/status/1894768522720350673 PoC for NAKIVO Backup Replication Vulnerability This vulnerability allows the compromise of NAKIVO backup systems. The vulnerability was patched silently in November, and never disclosed by NAKIVO. Instead, WatchTowr now disloses details including a proof of concept exploit. https://labs.watchtowr.com/the-best-security-is-when-we-all-agree-to-keep-everything-secret-except-the-secrets-nakivo-backup-replication-cve-2024-48248/ OpenH264 Vulnerability https://github.com/cisco/openh264/security/advisories/GHSA-m99q-5j7x-7m9x rsync vulnerability exploited https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Unfurl Update Released Unfurl released an Update fixing a few bugs and adding support to decode BlueSky URLs. https://isc.sans.edu/diary/Unfurl%20v2025.02%20released/31716 Google Confirms GMail To Ditch SMS Code Authentication Google no longer considers SMS authentication save enough for GMail. Instead, it pushes users to use Passkeys, or QR code based app authentication https://www.forbes.com/sites/daveywinder/2025/02/23/google-confirms-gmail-to-ditch-sms-code-authentication/ Beware of Paypal New Address Feature Abuse Attackers are using "address change" e-mails to send links to phishing sites or trick users into calling fake tech support phone numbers. Attackers are just adding the malicious content as part of the address. The e-mail themselves are legitimate PayPal emails and will pass various spam and phishing filters. https://www.bleepingcomputer.com/news/security/beware-paypal-new-address-feature-abused-to-send-phishing-emails/ Exim SQL Injection Vulnerability Exim, with sqlite support and ETRN enabled, is vulnerable to a simple SQL injection exploit. A PoC has been released https://www.exim.org/static/doc/security/CVE-2025-26794.txt https://github.com/OscarBataille/CVE-2025-26794? XMLlib patches https://gitlab.gnome.org/GNOME/libxml2/-/issues/847 https://gitlab.gnome.org/GNOME/libxml2/-/issues/828 0-Day in Parallels https://jhftss.github.io/Parallels-0-day/