ar
Feedback
cKure Red

cKure Red

الذهاب إلى القناة على Telegram

The director's cut on critical feeds from InfoSec world 🌎 Main Channel: @cKure ☕️ or queries email us 📨 i@ckure.org

إظهار المزيد
2 637
المشتركون
+124 ساعات
+187 أيام
+8030 أيام

جاري تحميل البيانات...

جذب المشتركين
يوليو '26
يوليو '26
+40
في 2 قنوات
يونيو '26
+106
في 2 قنوات
Get PRO
مايو '26
+82
في 1 قنوات
Get PRO
أبريل '26
+81
في 2 قنوات
Get PRO
مارس '26
+69
في 2 قنوات
Get PRO
فبراير '26
+51
في 2 قنوات
Get PRO
يناير '26
+119
في 2 قنوات
Get PRO
ديسمبر '25
+81
في 2 قنوات
Get PRO
نوفمبر '25
+86
في 1 قنوات
Get PRO
أكتوبر '25
+54
في 3 قنوات
Get PRO
سبتمبر '25
+56
في 3 قنوات
Get PRO
أغسطس '25
+34
في 2 قنوات
Get PRO
يوليو '25
+39
في 3 قنوات
Get PRO
يونيو '25
+41
في 2 قنوات
Get PRO
مايو '25
+71
في 3 قنوات
Get PRO
أبريل '25
+36
في 1 قنوات
Get PRO
مارس '25
+37
في 2 قنوات
Get PRO
فبراير '25
+50
في 1 قنوات
Get PRO
يناير '25
+29
في 1 قنوات
Get PRO
ديسمبر '24
+75
في 3 قنوات
Get PRO
نوفمبر '24
+112
في 3 قنوات
Get PRO
أكتوبر '24
+65
في 1 قنوات
Get PRO
سبتمبر '24
+110
في 1 قنوات
Get PRO
أغسطس '24
+114
في 1 قنوات
Get PRO
يوليو '24
+127
في 6 قنوات
Get PRO
يونيو '24
+53
في 2 قنوات
Get PRO
مايو '24
+70
في 2 قنوات
Get PRO
أبريل '24
+158
في 26 قنوات
Get PRO
مارس '24
+95
في 2 قنوات
Get PRO
فبراير '24
+153
في 24 قنوات
Get PRO
يناير '24
+114
في 2 قنوات
Get PRO
ديسمبر '23
+96
في 1 قنوات
Get PRO
نوفمبر '23
+28
في 1 قنوات
Get PRO
أكتوبر '23
+34
في 1 قنوات
Get PRO
سبتمبر '23
+22
في 0 قنوات
Get PRO
أغسطس '23
+32
في 0 قنوات
Get PRO
يوليو '23
+31
في 0 قنوات
Get PRO
يونيو '23
+32
في 0 قنوات
Get PRO
مايو '23
+16
في 0 قنوات
Get PRO
أبريل '23
+29
في 0 قنوات
Get PRO
مارس '23
+22
في 0 قنوات
Get PRO
فبراير '23
+18
في 0 قنوات
Get PRO
يناير '23
+28
في 0 قنوات
Get PRO
ديسمبر '22
+33
في 0 قنوات
Get PRO
نوفمبر '22
+33
في 0 قنوات
Get PRO
أكتوبر '22
+12
في 0 قنوات
Get PRO
سبتمبر '22
+14
في 0 قنوات
Get PRO
أغسطس '22
+38
في 0 قنوات
Get PRO
يوليو '22
+34
في 0 قنوات
Get PRO
يونيو '22
+30
في 0 قنوات
Get PRO
مايو '22
+38
في 0 قنوات
Get PRO
أبريل '22
+40
في 0 قنوات
Get PRO
مارس '22
+51
في 0 قنوات
Get PRO
فبراير '22
+23
في 0 قنوات
Get PRO
يناير '22
+39
في 0 قنوات
Get PRO
ديسمبر '21
+243
في 0 قنوات
التاريخ
نمو المشتركين
الإشارات
القنوات
11 يوليو+2
10 يوليو+3
09 يوليو+3
08 يوليو+3
07 يوليو+5
06 يوليو+5
05 يوليو+3
04 يوليو+3
03 يوليو+3
02 يوليو+5
01 يوليو+5
منشورات القناة
🐧GhostLock (CVE-2026-43499): a 15-year-old Linux kernel vulnerability that affects every distribution. Desktop, server, Android, IoT, embedded. $92,337 Google kernelCTF bounty. A stack-UAF in the rtmutex subsystem. remove_waiter() uses current instead of waiter::task during proxy-lock rollback in futex_requeue(), leaving a dangling pointer to freed kernel stack memory. No special kernel modules needed, only CONFIG_FUTEX_PI which is enabled on every distro. Nebula Security (NebuSec) turned it into a 97% stable privilege escalation and container escape. The exploit chains a dangling pointer into an arbitrary address write, hijacks a function table for control flow, and achieves root in about 5 seconds. Found by VEGA, their AI vulnerability scanner. Part of IonStack, the first browser-to-kernel full-chain RCE on Android 17: CVE-2026-10702 (Firefox IonMonkey JIT 0-day, near 100% success rate) chained with GhostLock for kernel LPE. Present since Linux 2.6.39 (2011). Fixed in Linux 7.1. Full exploit code published on GitHub.
Exploit:
https://github.com/NebuSec/CyberMeowfia/tree/main/IonStack/CVE-2026-43499

2
🎚 The Mosad Playbook: How One Alias Built a Cross-Platform Leak Network. https://stealthmole-intelligence-hub.blogspot.com/2026/07/the-mosad-playbook-how-one-alias-built.html
523
3
Peter Stokes was pulled off a flight in Helsinki, and Scattered Spider’s run of arrests keeps growing as they triste Microsof
Peter Stokes was pulled off a flight in Helsinki, and Scattered Spider’s run of arrests keeps growing as they triste Microsoft Windows for their operational security. This is when a cyber crime group trusted Microsoft. The GDID gives Microsoft access to everyone of your internet history of all applications. And can also initiate remote monitoring through security updates. And if you think that there is some hard drive you used encryption that uses TPM. TPM let's are actually stored with Microsoft for every installation. Never use Microsoft products and any organisation known for complicity and backdoor installations.
541
4
👍Sim Swap Attack https://covertaccessteam.substack.com/p/podcast-with-dmitry-kurbatov+1
👍Sim Swap Attack https://covertaccessteam.substack.com/p/podcast-with-dmitry-kurbatov
1 236
5
🇮🇱 CARS ARE EXPLODING ACROSS ISRAEL Iranian cyber units and agents have penetrated the heart of Israel, and multiple assass
🇮🇱 CARS ARE EXPLODING ACROSS ISRAEL Iranian cyber units and agents have penetrated the heart of Israel, and multiple assassinations are taking place. -Ethan Levins (not verbatim) Source: https://x.com/i/status/2071203804326805937
1 159
6
📱 President of Signal (messenger) on shift in policy.
📱 President of Signal (messenger) on shift in policy.
1 537
7
💀 The Eternal Jew rises with same tricks up the sleeve: ‘Popa’ Botnet Linked to Publicly-Traded Israeli Firm https://x.com/i/status/2067993607597092865
1 295
8
Exploiting CVE-2024-1065 via the Page Cache! A strategy for physical-page UAFs in MIGRATE_MOVABLE, where Dirty Pagetable and Dirty Cred don't apply. https://kuzey.rs/posts/MaliUAF/ Demonstrated on the Mali GPU UAF found by Project Zero.
1 041
9
Free research papers https://sci-bot.ru/
1 488
10
📡🅰️🅰️🅰️❎❎🅰️🅰️🅰️🅰️ PimEyes.Com
📡🅰️🅰️🅰️❎❎🅰️🅰️🅰️🅰️ PimEyes.Com
1 551
11
👩‍💻 Performing RCE in Internet Explorer via clickjacking! Credits: Igor Sak-Sakovsky's (𝕏 | Psych0tr1a) https://swarm.ptsecurity.com/the-click-that-shouldnt-have-worked-rce-via-clickjacking-in-internet-explorer/
1 505
12
📡🛰 For 19 years, GPS satellites have secretly broadcast a “numbers station” in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, “ghost” substrings repeating years apart, and a “TEXT” prefix spreading now. https://lsc-pagepro.mydigitalpublication.com/publication/?i=865273&p=62&view=issueViewer https://github.com/sjmurdoch/gps-special-messages https://x.com/i/status/2061829547289387209
1 898
13
🔗🆒🆒🔤🆒🆒🆒🆒 Transfer data between devices using just QR codes! QR-Beam — A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use. The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs. Beta: https://ckure.org/rx/QR-Beam
1
14
🔗🆒🆒🔤🆒🆒🆒🆒 Transfer data between devices using just QR codes! QR-Beam — A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use. The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs. Beta: https://ckure.org/rx/QR-Beam
1
15
🔗🆒🆒🔤🆒🆒🆒🆒 Transfer data between devices using just QR codes! QR-Beam — A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use. The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs. Beta: https://ckure.org/rx/QR-Beam
1 272
16
😔 Mini Plasma Zero-Day by Chaotic Eclipse (aka Nightmare Eclipse) with a total of 6 0-Days in 6 weeks. Official blog: https://deadeclipse666.blogspot.com https://blog.barracuda.com/2026/05/19/nightmare-eclipse-zero-days-grudge
1 317
17
📱Anthropic co-founder says there is a "real possibility that AI will displace human labor at a very large scale," and that s
📱Anthropic co-founder says there is a "real possibility that AI will displace human labor at a very large scale," and that supporting those people "will be a moral imperative of historic proportions." And we do not have a mechanism while most of the control of AI is with few wealthy nations and individuals.
926
18
🔠🔠🔠🔠🔠🔠🔠➖🔠🔠🔠 https://www.theverge.com/tech/935202/flipper-devices-one-zero-wireless-multi-tool-linux-open-source-com
🔠🔠🔠🔠🔠🔠🔠➖🔠🔠🔠 https://www.theverge.com/tech/935202/flipper-devices-one-zero-wireless-multi-tool-linux-open-source-computer
1 408
19
🤖 🆒🆒🆒🆒🆒🆒 Earlier today Cloudflare's CSO shared how they tested Anthropic Mythos using an unreleased 8-stage vulnerability-discovery agent. Opus implemented the agent and it works via Claude SDK with a Pro or Max subscription, no API. https://github.com/evilsocket/audit 𝕏 | Simone
1 499
20
🚀40K Starlink terminals hacked to lure Russians into a cyber trap as per anti-Russia propaganda news. 40,000 Starlink termin
🚀40K Starlink terminals hacked to lure Russians into a cyber trap as per anti-Russia propaganda news. 40,000 Starlink terminals go dark. Russian soldiers scramble for answers and turn to Telegram. They don’t realise they’ve just walked into a trap. The journalists travelled across Ukraine from Lviv to the front line in Zaporizhzhia to uncover a pretty audacious cyber operation. Meet Goldfinger and the 256 Cyber Assault Brigade and Yaro, and the 128th Mechanised Brigade, holding the line in the south.
1 379