Mastodawn

Le logiciel #espion utilisé par le renseignement russe avait bien été développé pour la #NSA. La semaine passée, on apprenait coup sur coup la condamnation de l’auteur d’un vol de #failles de #sécurité #0days développées pour la NSA et ses partenaires. Puis (...)
https://next.ink/brief_article/le-logiciel-espion-utilise-par-le-renseignement-russe-avait-bien-ete-developpe-pour-la-nsa/
#spyware #zeroday

Le logiciel espion utilisé par le renseignement russe avait bien été développé pour la NSA - Next

raptor

Aug 4, 2025

Embedded device #hacking 101 💚

#Exploiting #0days in abandoned #hardware by @trailofbits

https://blog.trailofbits.com/2025/07/25/exploiting-zero-days-in-abandoned-hardware/

Exploiting zero days in abandoned hardware

We successfully exploited two discontinued network devices at DistrictCon’s inaugural Junkyard competition in February, winning runner-up for Most Innovative Exploitation Technique. Our exploit chains demonstrate why end-of-life hardware poses persistent security risks.

The Trail of Bits Blog

NeuroWinter Jul 28, 2025

Spent the weekend decompiling and messing with a bunch of windows printer drivers. Was lot of fun and learnt a lot ! Found a few #0days and reported them to NCSC NZ formally known as CERT NZ. Hoping I hear back from them, and these get patched!

Rene Robichaud Jul 28, 2025

UNC3886 Hackers Exploiting 0-Days in VMware vCenter/ESXi, Fortinet FortiOS, and Junos OS
https://cybersecuritynews.com/unc3886-hackers-exploiting-0-days/

#Infosec #Security #Cybersecurity #CeptBiro #UNC3886 #0Days #VMware #vCenter #ESXi #Fortinet #FortiOS #JunosOS

UNC3886 Hackers Exploiting 0-Days in VMware vCenter/ESXi, Fortinet FortiOS, and Junos OS

Singapore’s critical infrastructure is under siege from UNC3886, a sophisticated China-linked advanced persistent threat (APT) group. As of July 2025, the group has been actively targeting essential services like energy, water, telecommunications, and government systems, prompting urgent warnings from officials. This isn’t just another hack, it’s a calculated assault exploiting zero-day vulnerabilities in widely used […]

Cyber Security News

GOMOOT

Jul 21, 2025

💡 Microsoft SharePoint sotto attacco: vulnerabilità zero-day e patch d’emergenza

https://gomoot.com/microsoft-sharepoint-sotto-attacco-vulnerabilita-zero-day-e-patch-demergenza

#0days #blog #bug #hacker #microsoft #news #picks #pwn2own #sharepoint #sicurezza #tech #tecnologia #toolshell

Installazioni SharePoint on-premise: vulnerabilità ToolShell

Patch d'emergenza Microsoft per SharePoint on-premise: vulnerabilità ToolShell consente accessi remoti, colpite agenzie governative, università e aziende.

Gomoot : tecnologia e lifestyle Scopri le ultime novità in fatto di hardware, tecnologia IA e altro

Dawisco Jun 26, 2025

TL;DR - Zero days are becoming more difficult. China has a more nimble supply chain and a training system. The US relies on a more rigid acquisition chain.

#cybersecurity #offense #redteam #0days
https://www.atlanticcouncil.org/in-depth-research-reports/report/crash-exploit-and-burn/#analysis

Crash (exploit) and burn: Securing the offensive cyber supply chain to counter China in cyberspace

If the United States wishes to compete in cyberspace, it must compete against China to secure its offensive cyber supply chain.

Atlantic Council

Bob Carver Apr 29, 2025

https://techcrunch.com/2025/04/29/government-hackers-are-leading-the-use-of-attributed-zero-days-google-says/
#cybersecurity #0days #exploits #nationstates #Google

Government hackers are leading the use of attributed zero-days, Google says | TechCrunch

Governments like China and North Korea, along with spyware makers, used the most recorded zero-days in 2024.

TechCrunch

DEFCON 201 Apr 7, 2025

TOMORROW (4/8) at 6:30 PM EST, legendary @defcon speaker @RenderMan will be talking about his #intetnrtofdongs project finding #vuln #0days & #infosec research into smart sex toys for #DESCI NYC!

RSVP Here: https://lu.ma/descinyc32

#fediverse #mastodon #Hacker #sextoys #dildos #sextech