Sys-Admin Up

前往频道在 Telegram

InfoSec, Hacks, Perks, Tools, IT/IS Courses, CVE… Contains part of the news that was not included in the Sys-Admin & InfoSec Channel (@sysadm_in_channel)

显示更多

美国14 404 技术与应用40 470

1 091

订阅者

-124 小时

-37 天

+830 天

218

帖子浏览量

~ 7124 小时

~ 8948 小时

19.98%

参与率

无数据

每日帖子数

Ads index

beta

帖子存档

1 091

https://www.huntress.com/blog/uptick-bomgar-exploitation

1 091

152 Chrome Live Wallpaper Extensions Hid Ad Tracking and Faked Google Search Traffic A network of 152 Chrome live wallpaper extensions hid ad tracking and made extension-driven traffic look like Google search clicks: https://socket.dev/blog/152-chrome-live-wallpaper-extensions-hid-ad-tracking

1 091

https://github.com/MSNightmare/GreatXML

1 091

Today, the account of one of the "clean internet" advocates disappeared. WTF?

1 091

Evil Hentai) These files were distributed alongside games created using various game engines and programming languages, including RenPy (Python), RPG Maker MV (JavaScript), and others. All identified games were categorized as hentai games. https://securelist.ru/argamal-rat-distributed-with-hentai-games/115833/

1 091

Evil Hentai) https://securelist.ru/argamal-rat-distributed-with-hentai-games/115833/

1 091

How flat is replacing fat in AWS data center networks https://www.amazon.science/blog/how-flat-is-replacing-fat-in-aws-data-center-networks

1 091

New Malware Targeting Minecraft Infects 2K Daily, and Teens are Becoming Attackers https://www.mcafee.com/blogs/security-news/minecraft-malware-campaign-research-teen-hacker-cyberbullying/

1 091

https://heyitsas.im/posts/cifswitch/

1 091

Authenticated RCE via Argument Injection in Gogs (NOT FIXED) https://www.rapid7.com/blog/post/ve-authenticated-rce-via-argument-injection-gogs-unfixed/

1 091

FROST: Fingerprinting Remotely using OPFS-based SSD Timing In this paper, we show that SSD contention side channels can be mounted by a remote attacker from within the browser, without native code execution.

1 091

https://github.com/perplexityai/bumblebee

1 091

Introducing nginx-poolslip, a fresh RCE for the the latest nginx release 1.31.0. https://x.com/nebusecurity/status/2057071579876753643

1 091

MSaaS explored from Microsoft https://www.microsoft.com/en-us/security/blog/2026/05/19/exposing-fox-tempest-a-malware-signing-service-operation/

1 091

Chromium as c2: https://infosec.exchange/@rebane2001/116606719764376414

1 091

https://www.stepsecurity.io/blog/actions-cool-issues-helper-github-action-compromised-all-tags-point-to-imposter-commit-that-exfiltrates-ci-cd-credentials

1 091

DirtyDecrypt PoC https://github.com/v12-security/pocs/tree/main/dirtydecrypt

1 091

https://techcommunity.microsoft.com/blog/exchange/addressing-exchange-server-may-2026-vulnerability-cve-2026-42897/4518498

1 091

New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here Four malicious npm packages were uploaded to npm by the same threat actor, including a non-obfuscated Shai-Hulud clone https://www.ox.security/blog/new-actors-deploy-shai-hulud-clones-teampcp-copycats-are-here/

1 091

NGINX ngx_http_rewrite_module Heap-Based Buffer Overflow (Queries and Signatures Only) An unauthenticated attacker can crash the NGINX worker process by sending crafted HTTP requests - CVE-2026-42945: https://docs.vulncheck.com/initial-access/2026-05-15#cve-2026-42945-nginx-ngx_http_rewrite_module-heap-based-buffer-overflow-queries-and-signatures-only