[RSS] RedirectionGuard: Mitigating unsafe junction traversal in Windows

https://msrc.microsoft.com/blog/2025/06/redirectionguard-mitigating-unsafe-junction-traversal-in-windows/

Cyberattack caused the first confirmed patient death due to a Russian cybercriminal group ransomware tool written in Rust. It disrupted Synnovis pathology services in 2024, delaying critical blood test results. Investigation found 170 patients harmed total: 2 major harm cases, 11 moderate harm, 120 minor harm incidents from the breach. https://news.sky.com/story/patient-death-linked-to-cyber-attack-on-nhs-hospital-trust-says-13388485

if you run a child abuse helpline, perhaps don’t install Meta and Snap pixels. Recent fine announced earlier this month from the Norwegian DPA https://gdprhub.eu/index.php?title=Datatilsynet_(Norway)_-_NO_-_DPA_-_24/01055-10&mtc=today

Critical Meshtastic Vulnerability:

CVE-2025-52464: Meshtastic 2.5.0–2.6.10 shipped cloned or low-entropy X25519 keys via vendor pre-flash + weak RNG.

Collisions let attackers decrypt LoRa direct-msgs, replay/forge admin RPCs, hijack nodes; no forward secrecy, so old captures stay cleartext.

Firmware 2.6.11 defers key-gen, hardens entropy, flags compromised pairs.

https://mander.xyz/post/32783704

I learned something today: Google's Gemini "AI" on phones accesses your data from "Phones, Messages, WhatsApp" and other stuff whether you have Gemini turned on or not. It just keeps the data longer if you turn it on. Oh, and lets it be reviewed by humans (!) for Google's advantage in training "AI" etc.

But this only came to my attention because of an upcoming change: it's going to start keeping your data long-term even if you turn it "off": "#Gemini will soon be able to help you use Phone, #Messages, #WhatsApp, and Utilities on your phone, whether your Gemini Apps Activity is on or off."

This is, of course, a #privacy and #security #nightmare.

If this is baked into Android, and therefore not removable, I'd have to say I'd recommend against using Android at all starting July 7th.

https://www.extremetech.com/mobile/gemini-ai-will-soon-access-calls-and-messages-on-your-android-even-if-you

#spyware #AI #LLM #Google #spying #phone #Android #private #data

lmao @ the LLM experience

At @WEareTROOPERS I dropped new research on #nOAuth, an abuse of #EntraID that allows you to spoof users in vulnerable SaaS applications.

The attack is still alive and well.

You can read all about it here:

#Entra #M365 #infosec

https://www.semperis.com/blog/noauth-abuse-alert-full-account-takeover

New Project Zero issue:

MacOS Sandbox Escape via Double Free in coreaudiod/CoreAudio Framework

https://project-zero.issues.chromium.org/issues/406271181

CVE-2025-31235

New Project Zero issue:

Linux >=6.13: io_uring: SQE/CQE UAF/OOB read in race between IORING_REGISTER_RESIZE_RINGS and io_uring_show_fdinfo

https://project-zero.issues.chromium.org/issues/417522668

CVE-2025-38002

[RSS] Sandbox Security Escapes in ColdFusion and Lucee (CVE-2025-30288 and CVE-2024-55354)

https://www.hoyahaxa.com/2025/06/sandbox-security-escapes-in-coldfusion.html

Security Benchmarking Authorization Policy Engines https://goteleport.com/blog/benchmarking-policy-languages/

Hungarian astronaut Tibor Kapu is on his way to space on Ax-4 \o/

https://www.youtube.com/watch?v=YAue1QljRg4

👉🏽 Check out this in-depth video of @nmatt0 reversing the firmware decryption mechanism used in a Hanwha security camera with IDA Pro. Bonus: He's also written an accompanying blog post packed with code samples, screenshots, and more!

https://hex-rays.com/blog/reversing-hanwha-security-cameras-a-deep-dive-by-matt-brown

This is very aggressively (perhaps too aggressively) stated, but he's absolutely right. People are all worried their ideas are gonna be "stolen", and my friends, I can assure you that won't be the problem.

FileFix - A ClickFix Alternative

https://mrd0x.com/filefix-clickfix-alternative/

i love css 💖

also shoutout to Fastmail for rolling out fixes for both reports in <48h
https://www.fastmail.com/bug-bounty/

#IBMi is affected by a user gaining elevated privileges due to an unqualified library call vulnerability in IBM Facsimile Support for i [CVE-2025-36004]

https://www.ibm.com/support/pages/node/7237732

Another one by @silentsignal !

[RSS] Keiro Control authentication bypass (0-day?) #NoCVE

https://ssd-disclosure.com/ssd-advisory-kerio-control-authentication-bypass-and-rce/

[RSS] Finding a 27-year-old easter egg in the Power Mac G3 ROM

https://www.downtowndougbrown.com/2025/06/finding-a-27-year-old-easter-egg-in-the-power-mac-g3-rom/

[RSS] CFCamp 2025 Slides - Understanding CFML Vulnerabilities, Exploits, and Attack Paths

https://www.hoyahaxa.com/2025/06/cfcamp-2025-slides-understanding-cfml.html

#coldfusion