As a reminder, I'm uploading hundreds (yes) of Flash games unavailable until now to the internet archive:

https://archive.org/details/@touloutoumou

Analysis of a Flaw in Microsoft's Patch for "copy2pwn" (CVE-2024-38213)
https://blog.0patch.com/2025/02/analysis-of-flaw-in-microsofts-patch.html

@infosecdj Don't brag about being the Chosen One

https://youtu.be/fSxVN4csfTI?si=hzKmtkqJcsBzbmHv&t=21

I'm still looking for that brain activity sensor that someone used to make a propeller hat that spins faster when you think harder.

Re: CVE-2025-0108

Can we agree that "X-Trust-Me-Bro: $boolean" headers set by reverse proxies are an anti-pattern?

If so, what is the best practice?

Microsoft: So you've disabled the advertisements for Microsoft products we put on the lock screen.

Me: Yes

Microsoft: And you've disabled the weather widget in the start bar.

Me: Yes.

Microsoft: So you don't want notices on the start screen OR weather.

Me: Correct

Microsoft: Well good news this is start screen AND weather. You never said you didn't want them TOGETHER.

Me: Can I disable it

Microsoft: Sure, if you can solve this Rubik's cube

[RSS] Hack That Broken Zipper!

https://hackaday.com/2025/02/09/hack-that-broken-zipper/

[RSS] Nginx/Apache Path Confusion to Auth Bypass in PAN-OS (CVE-2025-0108)

https://www.assetnote.io/resources/research/nginx-apache-path-confusion-to-auth-bypass-in-pan-os

Full analysis

Congrats to the IOActive marketing team for moving their blog to a platform with no RSS :P

[RSS] The Key to COMpromise - Downloading a SYSTEM shell, Part 3

https://neodyme.io/en/blog/com_hijacking_3/

I don't understand how Windows 10 is discontinued yet Microsoft still finds ways to add new types of advertisements to it

@cR0w @silverwizard PR has to show their worth, I'm pretty sure this wasn't composed by the offensive team

@silverwizard @cR0w To be fair, they could've pushed a silent patch...

@schrotthaufen That would mean there is an unrelated problem in the signing process that would deserve a separate CVE/advisory.

Happy #PatchTuesday from Google Chrome: Stable Channel Update for Desktop
Chrome 133.0.6943.98/.99 for Windows, Mac and 133.0.6943.98 for Linux has 4 security fixes, all 4 were externally reported:

• CVE-2025-0995 (high) Use after free in V8
• CVE-2025-0996 (high) Inappropriate implementation in Browser UI
• CVE-2025-0997 (high) Use after free in Navigation
• CVE-2025-0998 (high) Out of bounds memory access in V8

No mention of exploitation.

#chrome #google #cve #vulnerability #infosec #cybersecurity

Letting me have image editing software was a mistake

Updates get MitM'd by middleboxes (using shitty certs) all the time. This is why update packages are digitally signed and why many vendors simply use plain HTTP for delivery.

Yet for some reason Crowd Strike marked this as high severity with a CVSS vector indicating MitM -> full system compromise...

CVE-2025-1146

OK I think this (via @cR0w) deserves some more attention ( #CrowdStrike CVE-2025-1146):

https://www.crowdstrike.com/security-advisories/cve-2025-1146/

In short, Crowd Strike agents on Linux can be MitM'd when they connect to their mothership (CS cloud).

My first Q is: what exactly is delivered to Falcon sensors from the CS cloud?

I present my second Q as a meme for higher reach:

Happy #PatchTuesday from Palo Alto Networks (LIKELY ZERO-DAYS):
(Note: PAN likes to downplay by showing the base + threat metrics CVSSv4 score)

1. CVE-2025-0113 (CVSSv4.0: 7.6 high) Cortex XDR Broker VM: Unauthorized Access to Broker VM Docker Containers
2. CVE-2025-0112 (CVSSv4: 6.8 medium) Cortex XDR Agent: Local Windows User Can Disable the Agent
3. CVE-2025-0110 (CVSSv4.0: 8.6 high) PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin
   • Exploit Maturity: POC 🤔
4. PAN-SA-2025-0005 GlobalProtect Clientless VPN: Same-Origin Policy Does Not Apply When Using Clientless VPN
5. PAN-SA-2025-0004 Chromium: Monthly Vulnerability Update (February 2025) (multiple CVEs)
6. CVE-2025-0109 (CVSSv4: 6.9 medium) PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface
   • Exploit Maturity: POC 🤔
7. CVE-2025-0111 (7.1 high) PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface

Palo Alto Networks is not aware of any malicious exploitation of this issue.

My new concern is whether I should say #zeroday for CVE-2025-0110 and 0109. Based on the First criteria for Exploit Maturity:
```Based on threat intelligence sources each of the following must apply:

• Proof-of-concept is publicly available
• No knowledge of reported attempts to exploit this vulnerability
• No knowledge of publicly available solutions used to simplify attempts to exploit the vulnerability```

#paloaltonetworks #infosec #vulnerability #cve #cybersecurity #poc #proofofconcept