"Overall, browser attacks are shifting away from direct exploitation[...]". Great analysis by dark reading.
#exploits
1 post1 participant1 post today
Actively exploited vulnerability gives extraordinary control over server fleets - Hackers are exploiting a maximum-severity vulnerability that... - https://arstechnica.com/security/2025/06/active-exploitation-of-ami-management-tool-imperils-thousands-of-servers/ #baseboardmanagementcontrollers #amimegarac #security #exploits #biz #bmcs
Ars Technica · Actively exploited vulnerability gives extraordinary control over server fleets
Citrix Netscaler schon wieder sehr hohes Risiko
Die Produktlinie NetScaler begann als Marke der US-Firma Citrix. Inzwischen sind beides getrennte Marken unter dem Dach einer Firma mit Namen Cloud Software Group (CSG). - Aktuell gibt es Warnungen vor drei Sicherheitslücken in mehreren NetScaler Produkten. Die schlimmste der Sicherheitslücken, CVE 2025-5777, wird mit einem Risiko von 9,3 (von 10) eingestuft. Oder sollte man sagen Hintertür? Die Sicherheitslücke beruht nämlich darauf, dass Eingaben nicht ausreichend geprüft werden ("insufficient input validation"). Ah, ja.
https://www.pc-fluesterer.info/wordpress/2025/06/25/citrix-netscaler-schon-wieder-sehr-hohes-risiko/
Meloni bespitzelt Andersdenkende mit Pegasus Graphite
Heimlich, still und leise hat sich der Riege der Spionage-Apps aus Israel ein weiteres Schätzchen hinzu gesellt: Graphite von der Firma Pegasus Solutions. Die Firma steckt inzwischen unter einem amerikanischen Dach. Die Firma rühmt sich, nur ethisch/moralisch einwandfreie Einsätze ihres gefährlichen Werkzeugs zuzulassen. Spätestens seit Anfang diesen Jahres wissen wir, dass das nichts als hohles Wortgeklingel ist, wie immer in dieser Branche.
www.pc-fluesterer.infoMeloni bespitzelt Andersdenkende mit Pegasus Graphite | pc-flüsterer bremen
Replied in thread
@GrapheneOS @thpar @chris @fairphone@lemmy.ml @fairphone@mas.to I don't have an #eOS device to run a tool like #SnoopSnitch that has a #Android #PatchLevel tester to check against common #exploits and #Security|Issues.
f-droid.orgSnoopSnitch | F-Droid - Free and Open Source Android App RepositoryCheck mobile network security
This month Spamhaus' Exploits Blocklist reached 5 million IPs listed for use in third-party exploits! 
For optimum filtering, apply at:
Initial connection – against the connecting IP Once email data accepted – check IPs in received chain mail headers and IPs hosting resources in the body (e.g. URLs)
Learn more about this data set:
https://www.spamhaus.org/blocklists/exploits-blocklist/
Exploit-Alarm bei Switch 2: Hacker berichten von Systemblockade
#Gaming #AntiPiracy #Exploits #Hacker #Jailbreak #Nintendo #Switch2 https://sc.tarnkappe.info/c92b38
TARNKAPPE.INFO · Exploit-Alarm bei Switch 2: Hacker berichten von SystemblockadeSwitch 2: Exploit-Alarm! Erste Hacker berichten von massiven Sicherheitsbarrieren. Ein Game Over für Hacker und Cracker?
Time to go update yo shit again!
Microsoft Urges Immediate Action to Address Five Actively Exploited Windows Zero-Days
Particle News · Microsoft Urges Immediate Action to Address Five Actively Exploited Windows Zero-DaysMay 2025 Patch Tuesday fixes critical vulnerabilities affecting Windows 10, Windows 11, and Windows Server systems, with attackers already exploiting them in the wild.
With a +61% 
increase, 
US-based "charter.com" is #1 for hosting IPs associated with exploited devices: 193, 782 detections over the last 30 days....
....as well as 167 Spamhaus Blocklist (SBL) listings.
Spamhaus reputation statistics:
https://www.spamhaus.org/reputation-statistics/networks/exploit/
SBL listings: https://check.spamhaus.org/sbl/listings/charter.com/
Jury orders NSO to pay $167 million for hacking WhatsApp users - A jury has awarded WhatsApp $167 million in punitive damages in a case the... - https://arstechnica.com/security/2025/05/jury-orders-nso-to-pay-167-million-for-hacking-whatsapp-users/ #security #exploits #nsogroup #whatsapp #pegasus #biz #policy
Ars Technica · Jury orders NSO to pay $167 million for hacking WhatsApp users
Wahnsinn. #opensource #linux #log4j #itsec #exploits
"I am no hero" Unfassbar gut, lieber @br_data ! #br #bayerischerrundfunk
Linkempfehlung ARD Audiothek
Please make sure to update your devices!
Update Now: iOS 18.4.1 and macOS Sequoia 15.4.1 Address Actively Exploited Vulnerabilities
https://www.macrumors.com/2025/04/16/ios-18-4-1-security-fixes/
“The girl should be calling men.” Leak exposes Black Basta’s influence tactics. - A leak of 190,000 chat messages traded among members of the Black Basta ra... - https://arstechnica.com/security/2025/04/leaked-messages-expose-trade-secrets-of-prolific-black-basta-ransomware-group/ #socialengineering #ransomware #security #exploits #biz&it
Ars Technica · Leaked messages expose trade secrets of prolific Black Basta ransomware group
Replied in thread
@JessTheUnstill @Pibble
And yes, I treat all devices as insecure and would rather invest the time and effort needed get #TechIlliterates up to speed on the #OfflinePGP method!
- Sounds cumbersome, but when your threat model literally goes against the #1 #Hacking #Regime (#USA) with more #Exploits stockpiled than any hacking forum (cuz #NOBUS doctrine), you gotta have to upgrade.
Given the cheapness of storage (legitimate 1TB microSD cards exist and they ain't 4-digit items!) I'd legitimately look into #OTP #encryption and (IF I had the €€€€€€ to do so!) would even sponsor implementing it in #OpenVPN, #WireGuard and #OpenSSH (for #SSH-Tunmeling).
- The #US is a #RogueNation with a Rogue Government! The sooner we accept this reality the sooner we can not only adjust to it but act accordingly…
I sincerely wish y'all could legitimately call me a tinfoilhat but so far I've been proven right all the time...
Despite a -20% 
decrease, US-based "charter.com" is #1 for hosting IPs associated with exploited devices: 139, 714 detections over the last 30 days....
....as well as 166 Spamhaus Blocklist (SBL) listings.
Spamhaus reputation statistics: https://www.spamhaus.org/reputation-statistics/networks/exploit/
https://charter.com
SBL listings: https://check.spamhaus.org/sbl/listings/charter.com/
Critical WordPress plugin vulnerability under active exploit threatens thousands - Thousands of sites running WordPress remain unpatched against a critical s... - https://arstechnica.com/security/2024/12/thousands-of-sites-remain-unpatched-against-actively-exploited-wordpress-plugin-bug/ #vulnerabilities #wordpress #security #exploits #plugins #biz #cms
Ars Technica · Thousands of sites remain unpatched against actively exploited WordPress plugin bug
Chinese network chinanet-zj ranks #1 for hosting IPs associated with exploited devices after a +352% increase in detections. That’s 197,138 detections over the last 30 days...
...as well as 1510 Spamhaus Blocklist (SBL) listings!!!
SBL listings: https://check.spamhaus.org/sbl/listings/chinanet-zj/
Indian telecoms provider BSNL, or Bharat Sanchar Nigam Limited ranks #5 for hosting IPs associated with exploited devices after a +298% increase in detections. That's 49,195 detections over the last 30 days...
...as well as 644 Spamhaus Blocklist (SBL) listings!!
Spamhaus reputation statistics 
https://www.spamhaus.org/reputation-statistics/networks/exploit/
bsnl.in SBL listings
https://check.spamhaus.org/sbl/listings/bsnl.in