Posts
2505Following
650Followers
1469
buherator
buherator
https://x41-dsec.de/security/research/job/news/2025/06/11/ruby-on-rails/
0
3
1
repeated
buherator
buheratorhttps://itm4n.github.io/checking-symantec-account-credentials-privesccheck/
0
0
0
buherator
buheratorhttps://blog.ret2.io/2025/06/11/pwn2own-soho-2024-sonos-exploit/
0
1
2
buherator
buheratorhttps://www.404media.co/spam-blogs-ai-slop-domains-wowlazy/
Instant reshare!
0
0
1
repeated
Ivan Ožić Bebek
obivan@infosec.exchange“Localhost tracking” explained. It could cost Meta 32 billion. https://www.zeropartydata.es/p/localhost-tracking-explained-it-could
0
2
0
buherator
buheratorShow content
https://www.youtube.com/watch?v=R07oELe1aUA
0
1
2
repeated
JP Mens
jpmens@mastodon.social"Donald Trump’s director of national intelligence fed the JFK files into an AI program, asking it to see if there was anything that should remain classified, she told a crowd at an Amazon Web Services conference Tuesday"
Is there any way we can convince The Onion to not keep publishing their stuff under different domain names? 🤪
https://www.thedailybeast.com/tulsi-gabbard-admits-to-asking-ai-what-to-classify-in-jfk-files/
1
3
0
repeated
yossarian (1.3.6.1.4.1.55738)
yossarian@infosec.exchangeBypassing GitHub Actions policies in the dumbest way possible
https://blog.yossarian.net/2025/06/11/github-actions-policies-dumb-bypass
1
4
0
repeated
Talos Vulnerability Reports
talosvulnsAdobe Acrobat Reader Font CFF2 PrivateDict vsindex Out-Of-Bounds Read Vulnerability
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2159
CVE-2025-43578
0
1
1
repeated
Talos Vulnerability Reports
talosvulnsAdobe Acrobat Reader Annotation Destroy Use-After-Free Vulnerability
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2170
CVE-2025-43576
0
1
2
buherator
buheratorhttps://blog.redteam-pentesting.de/2025/reflective-kerberos-relay-attack/
0
1
4
buherator
buherator
2
1
5
buherator
buheratorhttps://www.youtube.com/watch?v=pwODwwgE6rA
2
0
2
repeated
Ivan Fratric
ifsecure@infosec.exchangeLast week, I gave a talk on web browser security research at a student-organized conference. I tried to make the talk reasonably beginner-friendly, so the slides (linked here) could hopefully be useful to someone as a learning resource. https://docs.google.com/presentation/d/1rEPiqV0KBHAI0lVym283OHzYRXNCCuGudmDby1Z1qyc/edit?usp=sharing
1
9
0
repeated
Scumbag Google is at it again and introduces delays when loading a video on YouTube with an active ad blocker. With a nice litter banner on the lower left saying "Experiencing interruptions? Here's why!" with a link to a page telling you to disable ad blockers.
Guess what, you pissheads! It's still faster and less annoying to wait for the delay than actually watching the ads.
3
3
0
repeated
~swapgs
swapgs@infosec.exchangeI finally found the perfect bug to play with wrapwrap and get RCE on Monero forums 
After that, very classic exploitation steps. The only twist is that I didn't expect Laravel to unserialize() session cookies when the session driver is set to Redis (at least this version).
3
8
0
repeated
Marco Ivaldi
raptor@infosec.exchangeThis Video Can #Exploit Your #iPhone (CVE-2025-31200)
https://www.youtube.com/watch?v=nTO3TRBW00E
Besides the clickbaity title, this video is actually a simple and fun initial analysis of the #1day in question.
As a side note, I started watching it on a device with no #adblocker and damn, YouTube has become so annoying and utterly unusable 😠
0
2
0
buherator
buherator
1
1
1
repeated
CISA KEV Tracker
cisakevtracker@mastodon.socialCVE ID: CVE-2025-24016
Vendor: Wazuh
Product: Wazuh Server
Date Added: 2025-06-10
Notes: https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh ; https://nvd.nist.gov/vuln/detail/CVE-2025-24016
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-24016
0
2
0