DMV.Community

BillSplunk patched the CSRF bug (and a gazillion others I didn't find)! I guess I get to stop adding it to reports ...<a href="https://advisory.splunk.com/advisories" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://advisory.splunk.com/advisories</a><a href="https://infosec.exchange/tags/splunk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#splunk</a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cve</a>

CatSalad🐈🥗 (D.Burch) :blobcatrainbow:Firefox 0-day security vulnerability (CVE-2025-2857) patchedMozilla patches a sandbox escape vulnerability that is already being exploited (in Chrome):firefox:⁠<a href="https://www.mozilla.org/en-US/security/advisories/mfsa2025-19/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.mozilla.org/en-US/security/advisories/mfsa2025-19/</a>Announced: 2025-03-27 Impact: ⚠️ critical Products: Firefox, Firefox ESR (Firefox on Windows only) Fixed in: • Firefox 136.0.4 :windows: • Firefox ESR 115.21.1 :windows: • Firefox ESR 128.8.1 :windows:<a href="https://infosec.exchange/tags/Firefox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Firefox</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a> <a href="https://infosec.exchange/tags/CVE_2025_2857" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE_2025_2857</a>

Rob PomeroyDrayTek routers in the UK (and to a lesser extent elsewhere) are having A Bad Weekend. Lots of "spontaneous" reboots.Also, DrayTek's UK website is unreachable. So this looks like a concerted attack.Details are patchy, but ISP Review is tracking the problem: <a href="https://www.ispreview.co.uk/index.php/2025/03/broadband-isps-report-uk-connectivity-problems-with-vulnerable-draytek-routers.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.ispreview.co.uk/index.php/2025/03/broadband-isps-report-uk-connectivity-problems-with-vulnerable-draytek-routers.html</a>Applying firmware upgrades and disabling VPN services will help. Search your networks for indicators of compromise.<a href="https://infosec.exchange/tags/DrayTek" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DrayTek</a> <a href="https://infosec.exchange/tags/Outage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Outage</a> <a href="https://infosec.exchange/tags/DDoS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DDoS</a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a>

Red-Team News🚨 Critical patch alert! CVE-2025-23120 in Veeam Backup & Replication allows domain users to execute arbitrary code. High impact, medium probability. Update now to secure your systems! <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a>-2025-23120 <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://redteamnews.com/blue-team/critical-vulnerability-patched-in-veeam-backup-replication-cve-2025-23120" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://redteamnews.com/blue-team/critical-vulnerability-patched-in-veeam-backup-replication-cve-2025-23120</a>

Red-Team NewsThe NCSC warns of Cl0p ransomware targeting Cleo file transfer systems via zero-day vulnerabilities. Patch now, monitor traffic, and restrict internet access to critical systems. Stay vigilant! <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/Cl0p" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cl0p</a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a>-2024-XXXX <a href="https://redteamnews.com/exploit/ncsc-warns-of-cl0p-ransomware-campaigns-targeting-file-transfer-systems" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://redteamnews.com/exploit/ncsc-warns-of-cl0p-ransomware-campaigns-targeting-file-transfer-systems</a>

Konstantin :C_H:With <a href="https://infosec.exchange/tags/CVE_2025_29927" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE_2025_29927</a>, Next.js has now suffered its second major vulnerability in just three months, following <a href="https://infosec.exchange/tags/CVE_2024_51479" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE_2024_51479</a>.I originally built CVE Crowd with <a href="https://infosec.exchange/tags/NextJS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NextJS</a>.However, as the application became more complex (especially with authentication), I decided to switch to a framework I was more familiar with.Honestly, I’m feeling a bit relieved about that right now...<a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Pentesting</a> <a href="https://infosec.exchange/tags/AppSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AppSec</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://infosec.exchange/tags/BugBounty" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BugBounty</a> <a href="https://infosec.exchange/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hacking</a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a> <a href="https://infosec.exchange/tags/CVECrowd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVECrowd</a>

n0n_zer0After quite some trying, I finally was able to get Spring-boot to be vulnerable to CVE-2025-24813, see <a href="https://github.com/n0n-zer0/Spring-Boot-Tomcat-CVE-2025-24813" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/n0n-zer0/Spring-Boot-Tomcat-CVE-2025-24813</a> Prerequisites are: File-based session persistence using PersistentManager and FileStore Re-enable the defaultServlet(server.servlet.register-default-servlet=true) Read-only mode disabled for the default servlet (readonly=false)Unlikely, Probably :) Possible definitely! <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a>-2025-24813

F-DroidThis week in <a href="https://floss.social/tags/FDroid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FDroid</a> (TWIF) is live:- Client 1.22.0 is now suggested for all - <a href="https://floss.social/tags/Element" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Element</a> fixes a <a href="https://floss.social/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a> - <a href="https://floss.social/tags/SessionMessenger" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SessionMessenger</a> enables Groups v2 - <a href="https://floss.social/tags/SimpleX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SimpleX</a> improves group management - 10 new apps - 110 updatesall right here <a href="https://f-droid.org/2025/03/20/twif.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://f-droid.org/2025/03/20/twif.html</a>

GreyNoise🚨 Resurgence of in-the-wild activity targeting critical ServiceNow vulns. Overwhelming majority of traffic hitting Israel. Full analysis ⬇️ <a href="https://www.greynoise.io/blog/in-the-wild-activity-targeting-critical-servicenow-vulnerabilities" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.greynoise.io/blog/in-the-wild-activity-targeting-critical-servicenow-vulnerabilities</a> <a href="https://infosec.exchange/tags/ServiceNow" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ServiceNow</a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a> <a href="https://infosec.exchange/tags/ThreatIntel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ThreatIntel</a>

Christoffer S.ReliaQuest (ex. Digital Shadows): <a href="https://www.reliaquest.com/blog/credential-theft-vs-admin-control-threat-spotlight/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.reliaquest.com/blog/credential-theft-vs-admin-control-threat-spotlight/</a>This report examines how VPN vulnerabilities, particularly CVE-2018-13379 and CVE-2022-40684 affecting Fortinet products, remain highly exploited years after disclosure. The analysis reveals a 4,223% increase in cybercriminal forum discussions about Fortinet VPNs since 2018, highlighting their continued relevance in attack campaigns. Threat actors exploit these vulnerabilities primarily through credential theft and gaining administrative control. The report details how cybercriminals and state-sponsored APT groups leverage these vulnerabilities, with 64% of VPN vulnerabilities directly linked to ransomware campaigns. The report also examines a 2025 breach by 'Belsen_Group' that compromised over 15,000 FortiGate devices using CVE-2022-40684. The authors provide detection rules, threat hunting recommendations, and defensive strategies to mitigate these threats, while predicting increased hybrid threats targeting VPN infrastructure and the growing impact of AI on VPN exploitation.<a href="https://swecyb.com/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://swecyb.com/tags/FortinetNot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FortinetNot</a> <a href="https://swecyb.com/tags/Fortinet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Fortinet</a> <a href="https://swecyb.com/tags/Fortigate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Fortigate</a> <a href="https://swecyb.com/tags/VPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VPN</a> <a href="https://swecyb.com/tags/Vulnerabilities" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnerabilities</a> <a href="https://swecyb.com/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a> <a href="https://swecyb.com/tags/BelsenGroup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BelsenGroup</a>

Bmixed<a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.social/tags/cybernews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybernews</a> <a href="https://mastodon.social/tags/cyberattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cyberattack</a> <a href="https://mastodon.social/tags/vuln" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vuln</a> <a href="https://mastodon.social/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a> <a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cve</a> <a href="https://mastodon.social/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.social/tags/technews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#technews</a> Supply chain attack on popular GitHub Action exposes CI/CD secrets <a href="https://www.bleepingcomputer.com/news/security/supply-chain-attack-on-popular-github-action-exposes-ci-cd-secrets/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/supply-chain-attack-on-popular-github-action-exposes-ci-cd-secrets/</a>

Avoid the Hack! :donor:Week 11 of the <a href="https://infosec.exchange/tags/Privacy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Privacy</a> Roundup is out. Featuring:- Data broker bragging about having personal information of billions of people - How the ESP32 <a href="https://infosec.exchange/tags/Bluetooth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Bluetooth</a> backdoor isn't a backdoor - North Korean government APTs spreading <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> on <a href="https://infosec.exchange/tags/Google" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Google</a> play, <a href="https://infosec.exchange/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npm</a> - An ICE OSINT Tool that can monitor 200+ websites of a target - <a href="https://infosec.exchange/tags/Apple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Apple</a> patching an exploited zero-day in WebKit - <a href="https://infosec.exchange/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> Patch Tuesday, 6 exploited zero-days... and more, of course.<a href="https://infosec.exchange/tags/privacymatters" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#privacymatters</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cve</a> <a href="https://avoidthehack.com/privacy-week11-2025" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://avoidthehack.com/privacy-week11-2025</a>

sekurak NewsGitLab naprawia podatności związane z biblioteką ruby-samlGitLab ogłosił wydanie nowych wersji oprogramowania. Aktualizacja dotyczy zarówno Community Edition, jak i Enterprise Edition. Poprawione wersje to  17.9.2, 17.8.5 oraz 17.7.7. Najważniejsza poprawka dotyczy dwóch podatności (CVE-2025-25291, CVE-2025-25292), zgłoszonych w bibliotece ruby-saml, która jest wykorzystywana przez GitLab do SAML SSO (security assertion markup language; single sign-on). W pewnych okolicznościach...<a href="https://mastodon.com.pl/tags/WBiegu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WBiegu</a> <a href="https://mastodon.com.pl/tags/Cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cve</a> <a href="https://mastodon.com.pl/tags/Gitlab" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Gitlab</a> <a href="https://mastodon.com.pl/tags/Graphql" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Graphql</a> <a href="https://mastodon.com.pl/tags/Podatno%C5%9Bci" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Podatności</a> <a href="https://mastodon.com.pl/tags/Rce" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Rce</a> <a href="https://mastodon.com.pl/tags/Ruby" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Ruby</a> <a href="https://mastodon.com.pl/tags/Saml" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Saml</a><a href="https://sekurak.pl/gitlab-naprawia-podatnosci-zwiazane-z-biblioteka-ruby-saml/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://sekurak.pl/gitlab-naprawia-podatnosci-zwiazane-z-biblioteka-ruby-saml/</a>

Tod Beardsley 🤘If you have opinions on <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a>, now you have a place to stick 'em.<a href="https://forms.office.com/pages/responsepage.aspx?id=SNwgxlAdUkmLOd9NVNdNghPtztd-zHZOqcwV0JuOA5FUNkZDNTJFTExXOEpYNVJLRERLT1g4QjRZNy4u&route=shorturl" rel="nofollow noopener noreferrer" target="_blank">CVE Usage Survey</a>

CVE ProgramWe value your opinion! Please respond to our: “CVE Data Usage and Satisfaction Survey” <a href="https://forms.office.com/g/hx168RPctg" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://forms.office.com/g/hx168RPctg</a> The CVE Program is requesting feedback from: * CVE consumers * Defenders <a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cve</a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerabilitymanagement</a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

ESET Research<a href="https://infosec.exchange/tags/ESETresearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ESETresearch</a> has discovered a zero day exploit abusing <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a>-2025-24983 vulnerability in the Windows kernel 🪟 to elevate privileges (<a href="https://infosec.exchange/tags/LPE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LPE</a>). First seen in the wild in March 2023, the exploit was deployed through <a href="https://infosec.exchange/tags/PipeMagic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PipeMagic</a> backdoor on the compromised machines.The exploit targets Windows 8.1 and Server 2012 R2. The vulnerability affects OSes released before Windows 10 build 1809, including still supported Windows Server 2016. It does not affect more recent Windows OSes such as Windows 11.The vulnerability is a use after free in Win32k driver. In a certain scenario achieved using the <a href="https://infosec.exchange/tags/WaitForInputIdle" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WaitForInputIdle</a> API, the <a href="https://infosec.exchange/tags/W32PROCESS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#W32PROCESS</a> structure gets dereferenced one more time than it should, causing UAF. To reach the vulnerability, a race condition must be won.The patches were released today. Microsoft advisory with security update details is available here: <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24983" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-24983</a>

Brandon H :csharp: :verified:via <a href="https://dotnet.social/@dotnet" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@dotnet</a> : .NET and .NET Framework March 2025 servicing releases updates<a href="https://ift.tt/rLuXd7N" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ift.tt/rLuXd7N</a> <a href="https://hachyderm.io/tags/DotNet" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DotNet</a> <a href="https://hachyderm.io/tags/DotNetFramework" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DotNetFramework</a> <a href="https://hachyderm.io/tags/March2025" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#March2025</a> <a href="https://hachyderm.io/tags/ServicingUpdates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ServicingUpdates</a> <a href="https://hachyderm.io/tags/SecurityImprovements" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityImprovements</a> <a href="https://hachyderm.io/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a> <a href="https://hachyderm.io/tags/ReleaseNotes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ReleaseNotes</a> <a href="https://hachyderm.io/tags/ASPNetCore" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ASPNetCore</a> <a href="https://hachyderm.io/tags/EntityFramework" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EntityFramework</a> <a href="https://hachyderm.io/tags/SoftwareUpdates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SoftwareUpdates</a> <a href="https://hachyderm.io/tags/TechNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechNews</a> <a href="https://hachyderm.io/tags/DeveloperCo" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DeveloperCo</a>…

CVE ProgramT-Mobile US is now a CVE Numbering Authority (CNA) assigning CVE IDs for all T-Mobile US products (including end-of-life/end-of-service products) + vulnerabilities in third-party software/hardware discovered by T-Mobile US that are not in another CNA’s scope <a href="https://cve.org/Media/News/item/news/2025/03/11/TMobile-US-Added-as-CNA" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://cve.org/Media/News/item/news/2025/03/11/TMobile-US-Added-as-CNA</a> <a href="https://mastodon.social/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cve</a> <a href="https://mastodon.social/tags/cna" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cna</a> <a href="https://mastodon.social/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> <a href="https://mastodon.social/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerabilitymanagement</a> <a href="https://mastodon.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mastodon.social/tags/telecommunications" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#telecommunications</a>

FIRST.org🥁The moment we've all been waiting for is here! <a href="https://infosec.exchange/tags/VulnCon25" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VulnCon25</a> agenda is out now 🔗<a href="https://go.first.org/r91zE" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://go.first.org/r91zE</a> <a href="https://infosec.exchange/tags/vulnerabilitymanagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerabilitymanagement</a> <a href="https://infosec.exchange/tags/CVE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVE</a> <a href="https://infosec.exchange/tags/CVSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CVSS</a> <a href="https://infosec.exchange/tags/EPSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EPSS</a> <a href="https://infosec.exchange/tags/CISA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CISA</a> <a href="https://infosec.exchange/tags/MITRE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MITRE</a> <a href="https://infosec.exchange/tags/VEX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#VEX</a>

Blue DeviL // SCTA very detailed writeup on CVE-2025–21333 Windows heap-based buffer overflow analysiscc: <a href="https://infosec.exchange/@ale98" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@ale98</a> <a href="https://medium.com/@ale18109800/cve-2025-21333-windows-heap-based-buffer-overflow-analysis-d1b597ae4bae" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://medium.com/@ale18109800/cve-2025-21333-windows-heap-based-buffer-overflow-analysis-d1b597ae4bae</a><a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> <a href="https://infosec.exchange/tags/vulnerabilityresearch" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerabilityresearch</a> <a href="https://infosec.exchange/tags/cve" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cve</a> <a href="https://infosec.exchange/tags/writeup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#writeup</a> <a href="https://infosec.exchange/tags/reverseengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#reverseengineering</a> <a href="https://infosec.exchange/tags/exploit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploit</a> <a href="https://infosec.exchange/tags/exploitation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#exploitation</a>

Recent searches

Search options

Administered by:

Server stats:

#cve