🔓⏫ After compromising every endpoint within an organization, our “Caught in the FortiNet” blog series comes to an end with one more thing.
Read more about FortiClient's XPC mistake that allows local privilege escalation to root on macOS:

https://www.sonarsource.com/blog/caught-in-the-fortinet-how-attackers-can-exploit-forticlient-to-compromise-organizations-3-3?utm_medium=social&utm_source=mastodon&utm_campaign=research&utm_content=blog-caught-in-the-fortinet-080725-&utm_term=&s_category=Organic&s_source=Social%20Media&s_origin=social

#appsec #security #vulnerability

[RSS] Privilege Escalation Using TPQMAssistant.exe on Lenovo

https://trustedsec.com/blog/cve-2025-1729-privilege-escalation-using-tpqmassistant-exe

The #Adobe patches may be late, but 130 new CVEs from #Microsoft, there's still plenty to talk about. Join @TheDustinChilds as he covers the release and point out why it's a bad month to be a SQL Server admin. https://www.zerodayinitiative.com/blog/2025/7/8/the-july-2025-security-update-review

#Adobe has (finally!) released their updates for July. 13 bulletins addressing 60 CVEs in various products. Nothing is listed as under active attack. The patch blog has bee updated with all the details. https://www.zerodayinitiative.com/blog/2025/7/8/the-july-2025-security-update-review

This is exactly what the internet is for.

Give lengthy and incomprehensible explanations when questioned.

Operating a Certificate Transparency log is now within reach of many organizations.

I wrote up the requirements: essentially one small server process, a couple people, and the capacity to host 3-5 TB of static files. https://words.filippo.io/run-sunlight/

I'd love to chat with anyone who's considering running one!

@lcamtuf websites are boomer, what we need are anime style videos: https://m.youtube.com/watch?v=u0aoByec99Q

[RSS] Dubious security vulnerability: If I perform this complex series of manual steps, I can crash a program I am running

https://devblogs.microsoft.com/oldnewthing/20250707-00/?p=111351

@cR0w Oh, that's s surprising, thanks for clarifying for me! Still, my concern is given their track record I'm not sure the priorities are right.

@cR0w CWE-613 -> someone thought it's a good idea to run a 3-day pentest on a commercially available product, then demanded support to fix all Low's

@tychotithonus I guess it's about requiring signing for the SMB client?

[RSS] Linux kernel double-free to LPE

https://ssd-disclosure.com/ssd-advisory-linux-kernel-pipapo-set-double-free-lpe/

@gsuberland 0xbadc0ffee0ddf00d #IBMi

[RSS] [CVE-2025-32461] Tiki Wiki CMS Groupware <= 28.3 Two SSTI Vulnerabilities

https://karmainsecurity.com/KIS-2025-03

[RSS] How I Discovered a Libpng Vulnerability 11 Years After It Was Patched

https://blog.himanshuanand.com/posts/discovered-a-libpng-vulnerability-11-years-after-it-was-patched/

[RSS] Set Sail: Remote Code Execution in SailPoint IQService via Default Encryption Key

https://www.netspi.com/blog/technical-blog/network-pentesting/remote-code-execution-sailpoint-iqservice/

[RSS] Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke)

https://slcyber.io/assetnote-security-research-center/abusing-windows-net-quirks-and-unicode-normalization-to-exploit-dnn-dotnetnuke/

Computer engineer interested on #cybersecurity and #reverseengineering looking for job.
Maybe I do not have the skills, but one thing i can say is that I’m pretty good on getting my shit done, even if is something new to me.
#jobsearch

In our last blog post, our colleague Gianluca shares the story of a lucky discovery: a bug initially spotted during a routine assessment turned out to be a high impact vulnerability in Microsoft Graph API — earning a $3,000 bounty.

https://security.humanativaspa.it/export-to-pdf-allows-local-file-inclusion-path-traversal-in-microsoft-365/