Stacksmasher
@stacksmasher.bsky.social
See Nothing, Hear Nothing, Say Nothing
Reposted by Stacksmasher
Reposted by Stacksmasher
CISA Releases Guidance for Managing UEFI Secure Boot on Enterprise Devices
CISA Releases Guidance for Managing UEFI Secure Boot on Enterprise Devices
cybersecuritynews.com
December 15, 2025 at 3:42 AM
CISA Releases Guidance for Managing UEFI Secure Boot on Enterprise Devices
Reposted by Stacksmasher
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already compromised over 30 organizations across multiple sectors.
www.bleepingcomputer.com
December 6, 2025 at 7:18 PM
React2Shell flaw exploited to breach 30 orgs, 77k IP addresses vulnerable
Reposted by Stacksmasher
Kim Carnes - Bette Davis Eyes
Listen to Bette Davis Eyes on TIDAL
tidal.com
November 30, 2025 at 3:36 PM
Reposted by Stacksmasher
Comcast will pay a $1.5 million fine to settle an FCC investigation into a February 2024 vendor data breach that exposed the personal information of nearly 275,000 customers.
Comcast to pay $1.5M fine for vendor breach affecting 270K customers
Comcast will pay a $1.5 million fine to settle an FCC investigation into a February 2024 vendor data breach that exposed the personal information of nearly 275,000 customers.
www.bleepingcomputer.com
November 26, 2025 at 6:30 PM
Comcast will pay a $1.5 million fine to settle an FCC investigation into a February 2024 vendor data breach that exposed the personal information of nearly 275,000 customers.
Reposted by Stacksmasher
Lifetime access to AI-for-evil WormGPT 4 costs just $220
Lifetime access to WormGPT 4 costs just $220
: 'Ah, I see you're ready to escalate. Let's make digital destruction simple and effective.'
www.theregister.com
November 25, 2025 at 11:59 PM
Lifetime access to AI-for-evil WormGPT 4 costs just $220
Reposted by Stacksmasher
This Threads series is … really a great synopsis of how insane the past 24 hours have been on X since the location feature was switched on and then… quite promptly off 😀😅🫠
www.threads.com/@barrettpall...
www.threads.com/@barrettpall...
BARRETT PALL (@barrettpall) on Threads
www.threads.com
November 23, 2025 at 1:50 PM
This Threads series is … really a great synopsis of how insane the past 24 hours have been on X since the location feature was switched on and then… quite promptly off 😀😅🫠
www.threads.com/@barrettpall...
www.threads.com/@barrettpall...
Reposted by Stacksmasher
Critical Oracle Identity Manager Vulnerability Added to CISA KEV Catalog
Critical Oracle Identity Manager Vulnerability Added to CISA KEV Catalog
CISA officially added a critical vulnerability, CVE-2025-61757, to its Known Exploited Vulnerabilities (KEV) catalog, underscoring the urgent need for organizations using Oracle Identity Manager to…
thecyberthrone.in
November 22, 2025 at 5:33 PM
Critical Oracle Identity Manager Vulnerability Added to CISA KEV Catalog
Reposted by Stacksmasher
Microsoft has discovered a side-channel attack (Whisper Leak) on the network communications between AI chatbots and their backend LLMs
www.microsoft.com/en-us/securi...
www.microsoft.com/en-us/securi...
November 9, 2025 at 2:38 PM
Microsoft has discovered a side-channel attack (Whisper Leak) on the network communications between AI chatbots and their backend LLMs
www.microsoft.com/en-us/securi...
www.microsoft.com/en-us/securi...
Reposted by Stacksmasher
It me! My story! I dun writ it! 🧪🔭
Some asteroids spin smoothly. Others tumble chaotically. Understanding their differences could help us learn more about asteroid history and improve planetary defense measures.
What Tumbling Asteroids Tell Us About Their Innards - Eos
Data from the Gaia space observatory reveal that many slowly spinning asteroids rotate chaotically. A new theory links that chaos to their inner structure and history.
eos.org
November 9, 2025 at 4:31 PM
It me! My story! I dun writ it! 🧪🔭
Reposted by Stacksmasher
706,000+ BIND 9 Resolver Instances Vulnerable to Cache Poisoning Exposed Online – PoC Released
706,000+ BIND 9 Resolver Instances Vulnerable to Cache Poisoning Exposed Online - PoC Released
cybersecuritynews.com
October 26, 2025 at 2:33 AM
706,000+ BIND 9 Resolver Instances Vulnerable to Cache Poisoning Exposed Online – PoC Released
Reposted by Stacksmasher
Amazon Web Services experienced DNS resolution issues on Monday morning, taking down wide swaths of the web—and highlighting a long-standing weakness in the internet's infrastructure.
What the Huge AWS Outage Reveals About the Internet
Amazon Web Services experienced DNS resolution issues on Monday morning, taking down wide swaths of the web—and highlighting a long-standing weakness in the internet's infrastructure.
wrd.cm
October 26, 2025 at 2:45 AM
Amazon Web Services experienced DNS resolution issues on Monday morning, taking down wide swaths of the web—and highlighting a long-standing weakness in the internet's infrastructure.
Reposted by Stacksmasher
Hackers Hijacking IIS Servers in The Wild Using Exposed ASP .NET Machine Keys to Inject Malicious Modules
Hackers Hijacking IIS Servers in The Wild Using Exposed ASP .NET Machine Keys to Inject Malicious Modules
cybersecuritynews.com
October 25, 2025 at 7:47 PM
Hackers Hijacking IIS Servers in The Wild Using Exposed ASP .NET Machine Keys to Inject Malicious Modules
Reposted by Stacksmasher
OWASP is teaming up with @InfoSecMap to make cybersecurity events & resources more accessible, inclusive, and global - including OWASP Chapters & Events!
No marketing, pay-to-play nonsense - just human curated community & events.
Explore the brand new OWASP hub now: InfoSecMap.com/owasp
No marketing, pay-to-play nonsense - just human curated community & events.
Explore the brand new OWASP hub now: InfoSecMap.com/owasp
October 19, 2025 at 4:31 PM
OWASP is teaming up with @InfoSecMap to make cybersecurity events & resources more accessible, inclusive, and global - including OWASP Chapters & Events!
No marketing, pay-to-play nonsense - just human curated community & events.
Explore the brand new OWASP hub now: InfoSecMap.com/owasp
No marketing, pay-to-play nonsense - just human curated community & events.
Explore the brand new OWASP hub now: InfoSecMap.com/owasp
Reposted by Stacksmasher
October 8, 2025 at 11:23 AM
Reposted by Stacksmasher
Clop Ransomware Hits Oracle Customers Via Zero-Day Flaw
Clop Ransomware Hits Oracle Customers Via Zero-Day Flaw
The infamous Clop gang has targeted a wide range of Oracle E-Business Suite customers using a newly disclosed zero-day vulnerability.
www.darkreading.com
October 6, 2025 at 7:35 PM
Clop Ransomware Hits Oracle Customers Via Zero-Day Flaw
Reposted by Stacksmasher
Reposted by Stacksmasher
Microsoft Entra ID flaw allowed hijacking any company's tenant
Microsoft Entra ID flaw allowed hijacking any company's tenant
A critical combination of legacy components could have allowed complete access to the Microsoft Entra ID tenant of every company in the world.
www.bleepingcomputer.com
September 21, 2025 at 5:38 PM
Microsoft Entra ID flaw allowed hijacking any company's tenant
Reposted by Stacksmasher
Rest in peace, Iryna Zarutska.
Vichnaya Pamyat🕯🙏🏻🕯
(Ukrainian: Memory Eternal)
Vichnaya Pamyat🕯🙏🏻🕯
(Ukrainian: Memory Eternal)
September 9, 2025 at 6:17 PM
Rest in peace, Iryna Zarutska.
Vichnaya Pamyat🕯🙏🏻🕯
(Ukrainian: Memory Eternal)
Vichnaya Pamyat🕯🙏🏻🕯
(Ukrainian: Memory Eternal)
Reposted by Stacksmasher
Cyber Attacks Targeting Education Sector Surges Following Back-to-School Season
Cyber Attacks Targeting Education Sector Surges Following Back-to-School Season
cybersecuritynews.com
August 29, 2025 at 2:10 PM
Cyber Attacks Targeting Education Sector Surges Following Back-to-School Season
Reposted by Stacksmasher
CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks
CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks
Salesforce has patched several critical vulnerabilities in Tableau Server, including a Type Confusion flaw with a CVSS score of 9.6 that could allow for local code inclusion.
securityonline.info
August 25, 2025 at 11:23 PM
CVE-2025-26496 (CVSS 9.6): Critical Flaw in Tableau Server Expose Enterprises to Code Execution Risks
Reposted by Stacksmasher
SAP fixed 26 flaws in August 2025 Update, including 4 Critical
SAP fixed 26 flaws in August 2025 Update, including 4 Critical
SAP’s August 2025 Patch Tuesday released 15 new security notes, including critical fixes, plus four updates to previously released patches.
securityaffairs.com
August 13, 2025 at 12:49 AM
SAP fixed 26 flaws in August 2025 Update, including 4 Critical
Reposted by Stacksmasher
A newly discovered Linux malware, which has evaded detection for over a year, allows attackers to gain persistent SSH access and bypass authentication on compromised systems.
New Plague Linux malware stealthily maintains SSH access
A newly discovered Linux malware, which has evaded detection for over a year, allows attackers to gain persistent SSH access and bypass authentication on compromised systems.
www.bleepingcomputer.com
August 4, 2025 at 2:42 PM
A newly discovered Linux malware, which has evaded detection for over a year, allows attackers to gain persistent SSH access and bypass authentication on compromised systems.