What to know about ToolShell, the SharePoint threat under mass exploitation - Government agencies and private industry have been under sie... - https://arstechnica.com/security/2025/07/what-to-know-about-toolshell-the-sharepoint-threat-under-mass-exploitation/ #vulnerabilities #sharepoint #toolshell #security #exploits #biz&it
"Overall, browser attacks are shifting away from direct exploitation[...]". Great analysis by dark reading.
Actively exploited vulnerability gives extraordinary control over server fleets - Hackers are exploiting a maximum-severity vulnerability that... - https://arstechnica.com/security/2025/06/active-exploitation-of-ami-management-tool-imperils-thousands-of-servers/ #baseboardmanagementcontrollers #amimegarac #security #exploits #biz #bmcs
Citrix Netscaler schon wieder sehr hohes Risiko
Die Produktlinie NetScaler begann als Marke der US-Firma Citrix. Inzwischen sind beides getrennte Marken unter dem Dach einer Firma mit Namen Cloud Software Group (CSG). - Aktuell gibt es Warnungen vor drei Sicherheitslücken in mehreren NetScaler Produkten. Die schlimmste der Sicherheitslücken, CVE 2025-5777, wird mit einem Risiko von 9,3 (von 10) eingestuft. Oder sollte man sagen Hintertür? Die Sicherheitslücke beruht nämlich darauf, dass Eingaben nicht ausreichend geprüft werden ("insufficient input validation"). Ah, ja.
https://www.pc-fluesterer.info/wordpress/2025/06/25/citrix-netscaler-schon-wieder-sehr-hohes-risiko/
Meloni bespitzelt Andersdenkende mit Pegasus Graphite
Heimlich, still und leise hat sich der Riege der Spionage-Apps aus Israel ein weiteres Schätzchen hinzu gesellt: Graphite von der Firma Pegasus Solutions. Die Firma steckt inzwischen unter einem amerikanischen Dach. Die Firma rühmt sich, nur ethisch/moralisch einwandfreie Einsätze ihres gefährlichen Werkzeugs zuzulassen. Spätestens seit Anfang diesen Jahres wissen wir, dass das nichts als hohles Wortgeklingel ist, wie immer in dieser Branche.
@GrapheneOS @thpar @chris @fairphone@lemmy.ml @fairphone@mas.to I don't have an #eOS device to run a tool like #SnoopSnitch that has a #Android #PatchLevel tester to check against common #exploits and #Security|Issues.
This month Spamhaus' Exploits Blocklist reached 5 million IPs listed for use in third-party exploits! 
For optimum filtering, apply at:
Initial connection – against the connecting IP Once email data accepted – check IPs in received chain mail headers and IPs hosting resources in the body (e.g. URLs)
Learn more about this data set:
https://www.spamhaus.org/blocklists/exploits-blocklist/
Exploit-Alarm bei Switch 2: Hacker berichten von Systemblockade
#Gaming #AntiPiracy #Exploits #Hacker #Jailbreak #Nintendo #Switch2 https://sc.tarnkappe.info/c92b38
Time to go update yo shit again!
Microsoft Urges Immediate Action to Address Five Actively Exploited Windows Zero-Days
With a +61% 
increase, 
US-based "charter.com" is #1 for hosting IPs associated with exploited devices: 193, 782 detections over the last 30 days....
....as well as 167 Spamhaus Blocklist (SBL) listings.
Spamhaus reputation statistics:
https://www.spamhaus.org/reputation-statistics/networks/exploit/
SBL listings: https://check.spamhaus.org/sbl/listings/charter.com/
Jury orders NSO to pay $167 million for hacking WhatsApp users - A jury has awarded WhatsApp $167 million in punitive damages in a case the... - https://arstechnica.com/security/2025/05/jury-orders-nso-to-pay-167-million-for-hacking-whatsapp-users/ #security #exploits #nsogroup #whatsapp #pegasus #biz #policy
Wahnsinn. #opensource #linux #log4j #itsec #exploits
"I am no hero" Unfassbar gut, lieber @br_data ! #br #bayerischerrundfunk
Linkempfehlung ARD Audiothek
Please make sure to update your devices!
Update Now: iOS 18.4.1 and macOS Sequoia 15.4.1 Address Actively Exploited Vulnerabilities
https://www.macrumors.com/2025/04/16/ios-18-4-1-security-fixes/
“The girl should be calling men.” Leak exposes Black Basta’s influence tactics. - A leak of 190,000 chat messages traded among members of the Black Basta ra... - https://arstechnica.com/security/2025/04/leaked-messages-expose-trade-secrets-of-prolific-black-basta-ransomware-group/ #socialengineering #ransomware #security #exploits #biz&it
@JessTheUnstill @Pibble
And yes, I treat all devices as insecure and would rather invest the time and effort needed get #TechIlliterates up to speed on the #OfflinePGP method!
Given the cheapness of storage (legitimate 1TB microSD cards exist and they ain't 4-digit items!) I'd legitimately look into #OTP #encryption and (IF I had the €€€€€€ to do so!) would even sponsor implementing it in #OpenVPN, #WireGuard and #OpenSSH (for #SSH-Tunmeling).
I sincerely wish y'all could legitimately call me a tinfoilhat but so far I've been proven right all the time...
Despite a -20% 
decrease, US-based "charter.com" is #1 for hosting IPs associated with exploited devices: 139, 714 detections over the last 30 days....
....as well as 166 Spamhaus Blocklist (SBL) listings.
Spamhaus reputation statistics: https://www.spamhaus.org/reputation-statistics/networks/exploit/
https://charter.com
SBL listings: https://check.spamhaus.org/sbl/listings/charter.com/
Critical WordPress plugin vulnerability under active exploit threatens thousands - Thousands of sites running WordPress remain unpatched against a critical s... - https://arstechnica.com/security/2024/12/thousands-of-sites-remain-unpatched-against-actively-exploited-wordpress-plugin-bug/ #vulnerabilities #wordpress #security #exploits #plugins #biz #cms
Chinese network chinanet-zj ranks #1 for hosting IPs associated with exploited devices after a +352% increase in detections. That’s 197,138 detections over the last 30 days...
...as well as 1510 Spamhaus Blocklist (SBL) listings!!!
SBL listings: https://check.spamhaus.org/sbl/listings/chinanet-zj/
