Published inDoublePulsarMicrosoft’s patch for CVE-2025–21204 symlink vulnerability introduces another symlink vulnerabilityHow non-admins can now stop security updates in Windows.3d ago3d ago
Published inDoublePulsarMicrosoft Recall on Copilot+ PC: testing the security and privacy implicationsA look at the risks and tradeoffs with Microsoft Recall.4d ago54d ago5
Published inDoublePulsarOracle attempt to hide serious cybersecurity incident from customers in Oracle SaaS serviceBeing a provider of cloud SaaS (Software-as-a-service) solutions requires certain cybersecurity responsibilities — including being…Mar 316Mar 316
Published inDoublePulsarNo, there isn’t a world ending Apache Camel vulnerabilityPosts have been circulating publicly on the internet for several days about a “critical”, end of the world “zero day” in Apache Camel…Mar 92Mar 92
Published inDoublePulsarUse one Virtual Machine to own them all — active exploitation of ESXicapeA chain of three zero days allow threat actors to escape a Virtual Machine.Mar 52Mar 52
Published inDoublePulsar2022 zero day was used to raid Fortigate firewall configs. Somebody just released them.Back in 2022, Fortinet warned that somebody had a zero day vulnerability and was using it to exploit Fortigate firewalls…Jan 163Jan 163
Published inDoublePulsarHandala attempts a supply chain hack via ReutOneDuring the week, Handala — a group painfully in love with Israel, tried a forward supply chain attack.Dec 27, 2024Dec 27, 2024
Published inDoublePulsarBurning Zero Days: FortiJump FortiManager vulnerability used by nation state in espionage via MSPsYes, I’ve made a logo in crayon and named this FortiJump.Oct 22, 20243Oct 22, 20243
Published inDoublePulsarEIW — ESET Israel Wiper — used in active attacks targeting Israeli orgsA look at wiping of Israeli orgs.Oct 17, 20241Oct 17, 20241
Published inDoublePulsarHacker group Handala Hack Team claim battery explosions linked to Israeli battery company.Tracking Iran linked group claimsSep 19, 20242Sep 19, 20242
