Dave Troy @davetroy

16 posts12 participants0 posts today

heise online EnglishSecond day of Pwn2Own Berlin: sandbox breakouts and AI exploitsAt the first Pwn2Own competition in Germany, international participants collected six-figure prize money. Particularly popular: Nvidia's AI server Triton.<a href="https://www.heise.de/en/news/Second-day-of-Pwn2Own-Berlin-sandbox-breakouts-and-AI-exploits-10386942.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/en/news/Second-day-of-Pwn2Own-Berlin-sandbox-breakouts-and-AI-exploits-10386942.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/Exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Exploit</a> <a href="https://social.heise.de/tags/Firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Firefox</a> <a href="https://social.heise.de/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacking</a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IT</a> <a href="https://social.heise.de/tags/Pwnown" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pwnown</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.heise.de/tags/VMware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VMware</a> <a href="https://social.heise.de/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

heise SecurityZweiter Tag der Pwn2Own Berlin: Sandkistenausbrüche und KI-ExploitsBeim ersten Pwn2Own-Wettbewerb in Deutschland sammelten internationale Teilnehmer sechsstellige Preisgelder ein. Besonders beliebt: NVIDIAs KI-Server Triton.<a href="https://www.heise.de/news/Zweiter-Tag-der-Pwn2Own-Berlin-Sandkistenausbrueche-und-KI-Exploits-10386551.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/news/Zweiter-Tag-der-Pwn2Own-Berlin-Sandkistenausbrueche-und-KI-Exploits-10386551.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/Exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Exploit</a> <a href="https://social.heise.de/tags/Firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Firefox</a> <a href="https://social.heise.de/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacking</a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IT</a> <a href="https://social.heise.de/tags/Pwnown" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pwnown</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.heise.de/tags/VMware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VMware</a> <a href="https://social.heise.de/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

heise online EnglishWarning of attacks on new SAP Netweaver vulnerability, Chrome and Draytek routerThe US IT security authority CISA warns of attacks on a new SAP Netweaver vulnerability as well as on Chrome and Draytek routers.<a href="https://www.heise.de/en/news/Warning-of-attacks-on-new-SAP-Netweaver-vulnerability-Chrome-and-Draytek-router-10385656.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/en/news/Warning-of-attacks-on-new-SAP-Netweaver-vulnerability-Chrome-and-Draytek-router-10385656.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/Cyberangriff" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cyberangriff</a> <a href="https://social.heise.de/tags/Chrome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Chrome</a> <a href="https://social.heise.de/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybercrime</a> <a href="https://social.heise.de/tags/Exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Exploit</a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IT</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sicherheitslücken</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

heise SecurityWarnung vor Angriffen auf neue SAP-Netweaver-Lücke, Chrome und Draytek-RouterDie US-amerikanische IT-Sicherheitsbehörde CISA warnt vor Angriffen auf eine neue SAP-Netweaver-Lücke sowie auf Chrome und Draytek-Router.<a href="https://www.heise.de/news/Warnung-vor-Angriffen-auf-neue-SAP-Netweaver-Luecke-Chrome-und-Draytek-Router-10385563.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/news/Warnung-vor-Angriffen-auf-neue-SAP-Netweaver-Luecke-Chrome-und-Draytek-Router-10385563.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/Cyberangriff" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cyberangriff</a> <a href="https://social.heise.de/tags/Chrome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Chrome</a> <a href="https://social.heise.de/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybercrime</a> <a href="https://social.heise.de/tags/Exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Exploit</a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IT</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sicherheitslücken</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

Benjamin Carr, Ph.D. 👨🏻‍💻🧬Jury orders <a href="https://hachyderm.io/tags/NSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NSO</a> to pay $167 million for hacking <a href="https://hachyderm.io/tags/WhatsApp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WhatsApp</a> users The verdict is a major victory for opponents of <a href="https://hachyderm.io/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a> sellers.A jury has awarded WhatsApp $167 million in punitive damages in a case the company brought against Israel-based <a href="https://hachyderm.io/tags/NSOGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NSOGroup</a> for <a href="https://hachyderm.io/tags/exploiting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploiting</a> a software <a href="https://hachyderm.io/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> that hijacked the <a href="https://hachyderm.io/tags/phones" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#phones</a> of thousands of users. <a href="https://arstechnica.com/security/2025/05/jury-orders-nso-to-pay-167-million-for-hacking-whatsapp-users/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2025/05/jury-orders-nso-to-pay-167-million-for-hacking-whatsapp-users/</a>

PrivacyDigest<a href="https://mas.to/tags/Spies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Spies</a> hack high-value mail servers using an <a href="https://mas.to/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a> from yesteryear <a href="https://mas.to/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://arstechnica.com/security/2025/05/spies-hack-high-value-mail-servers-using-an-exploit-from-yesteryear/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2025/05/spies-hack-high-value-mail-servers-using-an-exploit-from-yesteryear/</a>

heise online EnglishChrome vulnerability with exploit in the wildGoogle is updating Chrome and plugging security leaks in the process. There is already an exploit for one of them, the company explains.<a href="https://www.heise.de/en/news/Chrome-vulnerability-with-exploit-in-the-wild-10384348.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/en/news/Chrome-vulnerability-with-exploit-in-the-wild-10384348.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/Chrome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Chrome</a> <a href="https://social.heise.de/tags/Exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Exploit</a> <a href="https://social.heise.de/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Google</a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IT</a> <a href="https://social.heise.de/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sicherheitslücken</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

Radio Azureus<a href="https://infosec.exchange/@paco" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@paco</a> Amazing, so this is pure malware behaviour authorized and sanctionized by a global company. Abhorred am I to read thisThe article is paywalled BTW<a href="https://mastodon.social/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://mastodon.social/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> <a href="https://mastodon.social/tags/copilot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#copilot</a> <a href="https://mastodon.social/tags/microSoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microSoft</a> <a href="https://mastodon.social/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> <a href="https://mastodon.social/tags/Bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Bot</a> <a href="https://mastodon.social/tags/Botnet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Botnet</a> <a href="https://mastodon.social/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#programming</a> <a href="https://mastodon.social/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a>

heise SecurityChrome-Sicherheitslücke mit Exploit in freier WildbahnGoogle aktualisiert Chrome und stopft dabei Sicherheitslecks. Für eines gibt es bereits einen Exploit, erklärt das Unternehmen.<a href="https://www.heise.de/news/Chrome-Sicherheitsluecke-mit-Exploit-in-freier-Wildbahn-10384249.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/news/Chrome-Sicherheitsluecke-mit-Exploit-in-freier-Wildbahn-10384249.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/Chrome" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Chrome</a> <a href="https://social.heise.de/tags/Exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Exploit</a> <a href="https://social.heise.de/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Google</a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IT</a> <a href="https://social.heise.de/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sicherheitslücken</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

Script Kiddie<a href="https://anonsys.net/search?tag=europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#europe</a> <a href="https://anonsys.net/search?tag=eu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#eu</a> <a href="https://anonsys.net/search?tag=software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#software</a> <a href="https://anonsys.net/search?tag=bug" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bug</a> <a href="https://anonsys.net/search?tag=news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://anonsys.net/search?tag=exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a> <a href="https://anonsys.net/search?tag=cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://despora.de/posts/053385701362013e5e0a543d7eeced27" rel="nofollow noopener noreferrer" target="_blank">♲</a> @<a href="https://despora.de/u/anonymiss" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">anonymiss@despora.de</a>:<blockquote>Consult the European <a href="https://anonsys.net/search?tag=Vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerability</a> <a href="https://anonsys.net/search?tag=Database" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Database</a> to enhance your <a href="https://anonsys.net/search?tag=digital" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#digital</a> <a href="https://anonsys.net/search?tag=security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a>! source: <a href="https://www.enisa.europa.eu/news/consult-the-european-vulnerability-database-to-enhance-your-digital-security" rel="nofollow noopener noreferrer" target="_blank">enisa.europa.eu/news/consult-t…</a> database: <a href="https://euvd.enisa.europa.eu" rel="nofollow noopener noreferrer" target="_blank">euvd.enisa.europa.eu</a> <blockquote>The database provides aggregated, reliable, and actionable information such as mitigation measures and <a href="https://anonsys.net/search?tag=exploitation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploitation</a> status on <a href="https://anonsys.net/search?tag=cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> vulnerabilities affecting Information and Communication <a href="https://anonsys.net/search?tag=Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Technology</a> (ICT) products and services.</blockquote> <a href="https://anonsys.net/search?tag=europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#europe</a> <a href="https://anonsys.net/search?tag=eu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#eu</a> <a href="https://anonsys.net/search?tag=software" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#software</a> <a href="https://anonsys.net/search?tag=bug" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bug</a> <a href="https://anonsys.net/search?tag=news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://anonsys.net/search?tag=exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a></blockquote>

heise online EnglishFortinet seals several flaws, attacks on FortiVoice observedFortinet reported an actively attacked vulnerability in FortiVoice. Updates also seal numerous other gaps.<a href="https://www.heise.de/en/news/Fortinet-seals-several-flaws-attacks-on-FortiVoice-observed-10383603.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/en/news/Fortinet-seals-several-flaws-attacks-on-FortiVoice-observed-10383603.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/Cyberangriff" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cyberangriff</a> <a href="https://social.heise.de/tags/Exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Exploit</a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IT</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sicherheitslücken</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

heise SecurityFortinet dichtet mehrere Lücken ab, Angriffe auf FortiVoice beobachtetFortinet melde eine aktiv angegriffene Schwachstelle in FortiVoice. Zudem dichten Updates zahlreiche weitere Lücken ab.<a href="https://www.heise.de/news/Fortinet-dichtet-mehrere-Luecken-ab-Angriffe-auf-FortiVoice-beobachtet-10383506.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.heise.de/news/Fortinet-dichtet-mehrere-Luecken-ab-Angriffe-auf-FortiVoice-beobachtet-10383506.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon</a><a href="https://social.heise.de/tags/Cyberangriff" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cyberangriff</a> <a href="https://social.heise.de/tags/Exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Exploit</a> <a href="https://social.heise.de/tags/IT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IT</a> <a href="https://social.heise.de/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.heise.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Sicherheitslücken</a> <a href="https://social.heise.de/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a>

**heise online English** @heiseonlineenglish@social.heise.de · 3d

heise online English @heiseonlineenglish@social.heise.de

Patchday: Attackers attack Windows via five vulnerabilities

Microsoft has released important security updates for Azure, Office and Windows, among others. Attackers are already exploiting vulnerabilities.

https://www.heise.de/en/news/Patchday-Attackers-attack-Windows-via-five-vulnerabilities-10382816.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

heise online · 3dPatchday: Attackers attack Windows via five vulnerabilitiesBy Dennis Schirrmacher

#Cyberangriff #Exploit #IT

**heise Security** @heisec@social.heise.de · 3d

heise Security @heisec@social.heise.de

Patchday: Angreifer attackieren Windows über fünf Sicherheitslücken

Microsoft hat wichtige Sicherheitsupdates für unter anderem Azure, Office und Windows veröffentlicht. Angreifer nutzen bereits Schwachstellen aus.

https://www.heise.de/news/Patchday-Angreifer-attackieren-Windows-ueber-fuenf-Sicherheitsluecken-10382712.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

heise online · 3dPatchday: Angreifer attackieren Windows über fünf SicherheitslückenBy Dennis Schirrmacher

#Cyberangriff #Exploit #IT

**Helma** @helma@mastodon.social · 4d

Helma @helma@mastodon.social

@malwaretech in The Darknet Diaries about #EternalBlue / #WannaCry:

"... it absolutely flabbergasts me that NSA discovers vulnerabilities in US companies and then not tell those companies that their product is vulnerable to attack. But it gets worse. Then the NSA somehow lost control of this exploit"

#Security #Exploit

https://darknetdiaries.com/transcript/158/

darknetdiaries.comMalwareTech – Darknet DiariesMalwareTech was an anonymous security researcher, until he accidentally stopped WannaCry, one of the largest ransomware attacks in history. That single act of heroism shattered his anonymity and pulled him into a world he never expected.

**𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕** @kubikpixel@chaos.social · 5d

𝕂𝚞𝚋𝚒𝚔ℙ𝚒𝚡𝚎𝚕 @kubikpixel@chaos.social

»New Exploit Method Extracts Microsoft Entra Tokens Through Beacon«

How secure are the Microsoft products and do they serve, among other things, the CIA? How safe are companies that "inevitably" use it?! (rhetorical question)

https://gbhackers.com/new-exploit-method-extracts-microsoft-entra-tokens/

#microsoft #exploit #entry

**PrivacyDigest** @PrivacyDigest@mas.to · 5d

PrivacyDigest @PrivacyDigest@mas.to

Chinese #Hackers #Exploit SAP #RCE Flaw CVE-2025-31324, Deploy Golang-Based #SuperShell

CVE-2025-31324 refers to a critical #SAP #NetWeaver flaw that allows attackers to achieve remote code execution (RCE) by uploading web shells through a susceptible "/developmentserver/metadatauploader" endpoint
#security

https://thehackernews.com/2025/05/chinese-hackers-exploit-sap-rce-flaw.html

The Hacker NewsChinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShellChina-based hackers exploited SAP flaw CVE-2025-31324 since April 29, impacting global industries via web shells.

**heise online English** @heiseonlineenglish@social.heise.de · May 8

May 8

heise online English @heiseonlineenglish@social.heise.de

Ransomware: Unknown attackers leak LockBit database – thanks to PHP exploit?

Bitcoin addresses, chat messages and other explosive details of the ransomware provider are circulating the web. LockBit support puts things into perspective.

https://www.heise.de/en/news/Ransomware-Unknown-attackers-leak-LockBit-database-thanks-to-PHP-exploit-10376010.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

heise online · May 8Ransomware: Unknown attackers leak LockBit database – thanks to PHP exploit?By Dr. Christopher Kunz

#Cybercrime #Datenleck #Exploit

**heise Security** @heisec@social.heise.de · May 8

May 8

heise Security @heisec@social.heise.de

Ransomware: Unbekannte Angreifer leaken LockBit-Datenbank – dank PHP-Exploit?

Tausende Bitcoin-Adressen, Chatnachrichten und weitere brisante Details des Ransomware-Anbieters kursieren nun im Web. Der LockBit-Support relativiert.

https://www.heise.de/news/Ransomware-Unbekannte-Angreifer-leaken-LockBit-Datenbank-dank-PHP-Exploit-10375825.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

heise online · May 8Ransomware: Unbekannte Angreifer leaken LockBit-Datenbank – dank PHP-Exploit?By Dr. Christopher Kunz

#Cybercrime #Datenleck #Exploit