Palo Alto VPN Bug Sees Active Exploitation

Security experts at Rapid7 have confirmed that hackers are actively exploiting a critical authentication bypass flaw in Palo Alto Networks' VPN, putting PAN-OS users at risk of targeted attacks. This urgent development means users must patch their systems ASAP to prevent exploitation.

https://osintsights.com/palo-alto-vpn-bug-sees-active-exploitation?utm_source=mastodon&utm_medium=social

#PaloAlto #Vpn #AuthenticationBypass #Panos #Rapid7

Patch Tuesday, May 2026 Edition

https://krebsonsecurity.com/2026/05/patch-tuesday-may-2026-edition/

#sansinternetstormcenter #ProjectGlasswing #LatestWarnings #TheComingStorm #TimetoPatch #ChrisGoettl #Firefox150 #Anthropic #microsoft #Mozilla #google #Ivanti #Oracle #Rapid7 #apple

#Rapid7 published some analysis of #malware likely dropped through the Notepad++ issue.
One of the loaders used by the malware is built with #Microsoft Warbird, a kernel-level code protection framework used by Windows. @cirosec blogged about how this framework could be abused a while back and also published a PoC on GitHub.
I'm one of the authors of that research. We included some thoughts on detection in the article but if there's any further questions about the technique or anything, ask away :)

#notepad #chrysalis #ioc #apt #warbird

Patch Tuesday, January 2026 Edition

https://krebsonsecurity.com/2026/01/patch-tuesday-january-2026-edition/

#MicrosoftPatchTuesdayJanuary2026 #DesktopWindowManager #MicrosoftOffice #LatestWarnings #TheComingStorm #CVE-2023-31096 #CVE-2026-20805 #CVE-2026-20952 #CVE-2026-20953 #CVE-2026-21265 #CVE-2026-0628 #CVE-2026-0891 #CVE-2026-0892 #TimetoPatch #AdamBarnett #ChrisGoettl #Immersive #KevBreen #Ivanti #Rapid7

CVE Alert: CVE-2025-6264 - Rapid7 - Velociraptor - https://www.redpacketsecurity.com/cve-alert-cve-2025-6264-rapid7-velociraptor/

#OSINT #ThreatIntel #CyberSecurity #cve-2025-6264 #rapid7 #velociraptor

🚨 Crimson Collective hackers exploit AWS IAM keys to steal data, modify RDS passwords, and exfiltrate S3 snapshots.

The same group claims the Red Hat breach (570GB data theft) — partnering with Scattered Lapsus$ Hunters to raise extortion stakes.

🧩 Tool used: TruffleHog
🧠 TTPs: Long-term IAM compromise → privilege escalation → API-based exfiltration
💬 What detection logic would you apply to flag these IAM anomalies?

Follow @technadu for continuous threat intelligence and AWS security insights.

#AWS #InfoSec #CyberSecurity #CrimsonCollective #CloudSecurity #ThreatIntel #RedHat #Rapid7 #DataBreach #CyberThreats #TechNadu #AWSBreach

«Швейцарский нож» хакера: как появился и устарел (?) Metasploit Framework

В прошлой статье мы рассказывали о HD Moore — хакере, который подарил миру фреймворк, навсегда изменивший практику пентестов. Теперь на очереди сам Metasploit: в прошлом — настоящий «швейцарский нож» пентестера, ныне — скорее вспомогательный инструмент с отдельными рабочими лезвиями. Чем был Metasploit для индустрии в нулевые, что представляет из себя сейчас, и почему пентестеры продолжают использовать его даже спустя двадцать лет? Разбираем историю эволюции легендарного фреймворка, которому в этом июле исполняется 22 года.

https://habr.com/ru/companies/bastion/articles/930906/

#metasploit_framework #история_Metasploit #инструменты_пентестера #пентест #redteam #rapid7 #hd_moore #джеймс_мур #история_ибиндустрии #как_появился_Metasploit

Patch Tuesday, June 2025 Edition

https://krebsonsecurity.com/2025/06/patch-tuesday-june-2025-edition/

#WindowsServerMessageBlock #sansinternetstormcenter #PatchTuesdayJune2025 #ExperienceManager #CVE-2025-33053 #CVE-2025-33073 #mozillafirefox #SecurityTools #AcrobatReader #BadSuccessor #GoogleChrome #TimetoPatch #AdamBarnett #AlexVovk #SethHoyt #Action1 #Automox #Akamai #Rapid7 #WebDAV