Overview
Description
Statistics
- 11 Posts
- 2 Interactions
Fediverse
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the flaw as exploited in attacks.
The recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution. https://www.securityweek.com/vmware-aria-operations-vulnerability-exploited-in-the-wild/
Bluesky
Overview
Description
Statistics
- 7 Posts
- 2 Interactions
Fediverse
Google notifying Android user of high-severity vuln CVE-2026-21385 and March 2026 security update might work better if that link the "AI Mode" #slopgenerator did not link to December 2025 bulletin.
The exploitation activity against CVE-2026-21385, a high-severity memory corruption flaw, could be tied to commercial spyware or nation-state threat groups. https://www.darkreading.com/threat-intelligence/qualcomm-zero-day-exploited-targeted-android-attacks
Project Zero’s “0-day in the Wild” spreadsheet just added CVE-2026-21385, an issue in the Qualcomm graphics driver: https://docs.qualcomm.com/securitybulletin/march-2026-bulletin.html#_cve-2026-21385
Bluesky
Overview
- Microsoft
- Windows 11 version 21H2
Description
Statistics
- 3 Posts
- 6 Interactions
Fediverse
Exploiting Reversing (ER) series: article 07 | Exploitation Techniques | CVE-2024-30085 (part 01)
I am excited to release the seventh article in the Exploiting Reversing Series (ERS). Titled “Exploitation Techniques | CVE-2024-30085 (part 01)” this 119-page technical guide offers a comprehensive roadmap for vulnerability exploitation:
https://exploitreversing.com/2026/03/04/exploiting-reversing-er-series-article-07/
Key features of this edition:
[+] Dual Exploit Strategies: Two distinct exploit versions using Token Stealing and I/O Ring techniques.
[+] Exploit ALPC + PreviousMode Flip + Token Stealing: elevation of privilege of a regular user to SYSTEM.
[+] Exploit ALPC + Pipes + I/O Ring: elevation of privilege of a regular user to SYSTEM.
[+] Solid Reliability: Two complete working and stable exploits, including an improved cleanup stage.
[+] Optimized Exploit Logic: Significant refinements to the codebase and technical execution for better stability and predictability.
The article guides you through the two distinct techniques for exploiting the CVE-2024-30085 Heap Buffer Overflow vulnerability.
I hope this serves as a definitive resource for your research. If you find it helpful, please feel free to share it or reach out with your feedback!
Enjoy your reading and have an excellent day.
#exploit #vulnerability #cve #exploitation #infosec #informationsecurity #windows
Bluesky
Overview
- Cisco
- Cisco Secure Firewall Management Center (FMC)
Description
Statistics
- 6 Posts
- 10 Interactions
Fediverse
Second is CVE-2026-20131: remote code execution in the same product by way of, aww yiss, Java deserialization.
💥 Cisco warns of max severity Secure FMC flaws giving root access
「 Both vulnerabilities can be exploited remotely by unauthenticated attackers: the authentication bypass flaw (CVE-2026-20079) allows attackers to gain root access to the underlying operating system, while the remote code execution (RCE) vulnerability (CVE-2026-20131) lets them execute arbitrary Java code as root on unpatched devices 」
#cisco #rce #cybersecurity
https://www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-secure-fmc-flaws-giving-root-access/
yikes.. 50 CVEs for Cisco today incl. two max severity CVE-2026-20131 & CVE-2026-20079 with auth bypass 🫡
🚬
Bluesky
Overview
- Cisco
- Cisco Secure Firewall Management Center (FMC)
Description
Statistics
- 6 Posts
- 10 Interactions
Fediverse
2 perfect 10s from Cisco today! First up, CVE-2026-20079, auth bypass in Cisco Secure Firewall Management, by way of a...rogue process launched at boot?
💥 Cisco warns of max severity Secure FMC flaws giving root access
「 Both vulnerabilities can be exploited remotely by unauthenticated attackers: the authentication bypass flaw (CVE-2026-20079) allows attackers to gain root access to the underlying operating system, while the remote code execution (RCE) vulnerability (CVE-2026-20131) lets them execute arbitrary Java code as root on unpatched devices 」
#cisco #rce #cybersecurity
https://www.bleepingcomputer.com/news/security/cisco-warns-of-max-severity-secure-fmc-flaws-giving-root-access/
yikes.. 50 CVEs for Cisco today incl. two max severity CVE-2026-20131 & CVE-2026-20079 with auth bypass 🫡
🚬
Bluesky
Overview
- IceWarp
- IceWarp
Description
Statistics
- 2 Posts
Bluesky
Overview
Description
Statistics
- 1 Post
- 3 Interactions
Fediverse
Here's a taste of what GreyNoise customers got in this week's At The Edge intelligence brief.
268M sessions. 540K unique IPs. Four findings that matter.
→ Sophos CVE-2022-1040 surged 435% — second consecutive week
→ 9.1M RDP sessions from two IPs, one JA4T fingerprint
→ VPN siege Week 6 — vendors rotating after our published analysis
→ Scanning landscape collapsed. Enterprise campaigns didn't.
Full brief: IOCs, attribution, recommendations.
🔗 https://www.greynoise.io/resources/at-the-edge-clear-030226
greynoise.io/contact
Overview
- Microsoft
- ASP.NET Core 2.3
Description
Statistics
- 1 Post
- 2 Interactions
Fediverse
#OT #Advisory VDE-2026-001
METTLER TOLEDO: ASP.NET core vulnerability in LabX
LabX 21.2.12 (formerly known as LabX Cloud 1.2.12) is affected by the ASP.NET core vulnerability CVE-2025-55315.
#CVE CVE-2025-55315
https://certvde.com/en/advisories/vde-2026-001/
#oCSAF
#CSAF https://mettler-toledo.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-001.json
Overview
- Cisco
- Cisco Catalyst SD-WAN Manager
Description
Statistics
- 1 Post
- 1 Interaction
Overview
- expressjs
- multer
Description
Statistics
- 2 Posts
- 1 Interaction