اکنون در دسترس! پژوهش تلگرام ۲۰۲۵ — مهمترین بینشهای سال 
cKure Red
رفتن به کانال در Telegram
The director's cut on critical feeds from InfoSec world 🌎 Main Channel: @cKure ☕️ or queries email us 📨 i@ckure.org
نمایش بیشتر2 556
مشترکین
+124 ساعت
+127 روز
+5530 روز
در حال بارگیری داده...
کانالهای مشابه
ابر برچسبها
اشارات ورودی و خروجی
---
---
---
---
---
---
جذب مشترکین
ژوئن '26
ژوئن '26
+34
در 2 کانالها
مه '26
+82
در 1 کانالها
Get PRO
آوریل '26
+81
در 2 کانالها
Get PRO
مارس '26
+69
در 2 کانالها
Get PRO
فوریه '26
+51
در 2 کانالها
Get PRO
ژانویه '26
+119
در 2 کانالها
Get PRO
دسامبر '25
+81
در 2 کانالها
Get PRO
نوامبر '25
+86
در 1 کانالها
Get PRO
اکتبر '25
+54
در 3 کانالها
Get PRO
سپتامبر '25
+56
در 3 کانالها
Get PRO
اوت '25
+34
در 2 کانالها
Get PRO
ژوئیه '25
+39
در 3 کانالها
Get PRO
ژوئن '25
+41
در 2 کانالها
Get PRO
مه '25
+71
در 3 کانالها
Get PRO
آوریل '25
+36
در 1 کانالها
Get PRO
مارس '25
+37
در 2 کانالها
Get PRO
فوریه '25
+50
در 1 کانالها
Get PRO
ژانویه '25
+29
در 1 کانالها
Get PRO
دسامبر '24
+75
در 3 کانالها
Get PRO
نوامبر '24
+112
در 3 کانالها
Get PRO
اکتبر '24
+65
در 1 کانالها
Get PRO
سپتامبر '24
+110
در 1 کانالها
Get PRO
اوت '24
+114
در 1 کانالها
Get PRO
ژوئیه '24
+127
در 6 کانالها
Get PRO
ژوئن '24
+53
در 2 کانالها
Get PRO
مه '24
+70
در 2 کانالها
Get PRO
آوریل '24
+158
در 26 کانالها
Get PRO
مارس '24
+95
در 2 کانالها
Get PRO
فوریه '24
+153
در 24 کانالها
Get PRO
ژانویه '24
+114
در 2 کانالها
Get PRO
دسامبر '23
+96
در 1 کانالها
Get PRO
نوامبر '23
+28
در 1 کانالها
Get PRO
اکتبر '23
+34
در 1 کانالها
Get PRO
سپتامبر '23
+22
در 0 کانالها
Get PRO
اوت '23
+32
در 0 کانالها
Get PRO
ژوئیه '23
+31
در 0 کانالها
Get PRO
ژوئن '23
+32
در 0 کانالها
Get PRO
مه '23
+16
در 0 کانالها
Get PRO
آوریل '23
+29
در 0 کانالها
Get PRO
مارس '23
+22
در 0 کانالها
Get PRO
فوریه '23
+18
در 0 کانالها
Get PRO
ژانویه '23
+28
در 0 کانالها
Get PRO
دسامبر '22
+33
در 0 کانالها
Get PRO
نوامبر '22
+33
در 0 کانالها
Get PRO
اکتبر '22
+12
در 0 کانالها
Get PRO
سپتامبر '22
+14
در 0 کانالها
Get PRO
اوت '22
+38
در 0 کانالها
Get PRO
ژوئیه '22
+34
در 0 کانالها
Get PRO
ژوئن '22
+30
در 0 کانالها
Get PRO
مه '22
+38
در 0 کانالها
Get PRO
آوریل '22
+40
در 0 کانالها
Get PRO
مارس '22
+51
در 0 کانالها
Get PRO
فوریه '22
+23
در 0 کانالها
Get PRO
ژانویه '22
+39
در 0 کانالها
Get PRO
دسامبر '21
+243
در 0 کانالها
| تاریخ | رشد مشترکین | اشارات | کانالها | |
| 10 ژوئن | 0 | |||
| 09 ژوئن | +2 | |||
| 08 ژوئن | +3 | |||
| 07 ژوئن | +2 | |||
| 06 ژوئن | +4 | |||
| 05 ژوئن | +1 | |||
| 04 ژوئن | +2 | |||
| 03 ژوئن | +6 | |||
| 02 ژوئن | +9 | |||
| 01 ژوئن | +5 |
پستهای کانال
| 2 |  📡🅰️🅰️🅰️❎❎🅰️🅰️🅰️🅰️
PimEyes.Com | 622 |
| 3 | 👩💻 Performing RCE in Internet Explorer via clickjacking!
Credits: Igor Sak-Sakovsky's (𝕏 | Psych0tr1a)
https://swarm.ptsecurity.com/the-click-that-shouldnt-have-worked-rce-via-clickjacking-in-internet-explorer/ | 845 |
| 4 | 📡🛰 For 19 years, GPS satellites have secretly broadcast a “numbers station” in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, “ghost” substrings repeating years apart, and a “TEXT” prefix spreading now.
https://lsc-pagepro.mydigitalpublication.com/publication/?i=865273&p=62&view=issueViewer
https://github.com/sjmurdoch/gps-special-messages
https://x.com/i/status/2061829547289387209 | 1 219 |
| 5 | 🔗🆒🆒🔤🆒🆒🆒🆒
Transfer data between devices using just QR codes!
QR-Beam — A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use.
The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.
Beta: https://ckure.org/rx/QR-Beam | 1 |
| 6 | 🔗🆒🆒🔤🆒🆒🆒🆒
Transfer data between devices using just QR codes!
QR-Beam — A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use.
The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.
Beta: https://ckure.org/rx/QR-Beam | 1 |
| 7 | 🔗🆒🆒🔤🆒🆒🆒🆒
Transfer data between devices using just QR codes!
QR-Beam — A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use.
The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.
Beta: https://ckure.org/rx/QR-Beam | 916 |
| 8 | 😔 Mini Plasma Zero-Day by Chaotic Eclipse (aka Nightmare Eclipse) with a total of 6 0-Days in 6 weeks.
Official blog:
https://deadeclipse666.blogspot.com
https://blog.barracuda.com/2026/05/19/nightmare-eclipse-zero-days-grudge | 1 060 |
| 9 |  📱Anthropic co-founder says there is a "real possibility that AI will displace human labor at a very large scale," and that supporting those people "will be a moral imperative of historic proportions."
And we do not have a mechanism while most of the control of AI is with few wealthy nations and individuals. | 800 |
| 10 | 🔠🔠🔠🔠🔠🔠🔠➖🔠🔠🔠
https://www.theverge.com/tech/935202/flipper-devices-one-zero-wireless-multi-tool-linux-open-source-computer | 1 323 |
| 11 | 🤖 🆒🆒🆒🆒🆒🆒
Earlier today Cloudflare's CSO shared how they tested Anthropic Mythos using an unreleased 8-stage vulnerability-discovery agent.
Opus implemented the agent and it works via Claude SDK with a Pro or Max subscription, no API.
https://github.com/evilsocket/audit
𝕏 | Simone | 1 357 |
| 12 |  🚀40K Starlink terminals hacked to lure Russians into a cyber trap as per anti-Russia propaganda news.
40,000 Starlink terminals go dark. Russian soldiers scramble for answers and turn to Telegram. They don’t realise they’ve just walked into a trap. The journalists travelled across Ukraine from Lviv to the front line in Zaporizhzhia to uncover a pretty audacious cyber operation. Meet Goldfinger and the 256 Cyber Assault Brigade and Yaro, and the 128th Mechanised Brigade, holding the line in the south. | 1 257 |
| 13 |  🤩 ❗️❗️❗️❗️❗️❗️
LLM used to make a Zero-Day by APT group on a popular software.
The zero day was a 2FA bypass via logic bug 🪲
Security researchers at Alphabet’s Google said they believe a cybercrime group used artificial intelligence to create a hacking tool that can bypass defenses in a widely-used tool to administer computer systems. The scheme, which was foiled when Google alerted the tool developer, would mark the first time that Google’s Threat Intelligence Group caught a hacker using an AI-generated “zero-day” in such a way, according to a report published Monday. | 1 142 |
| 14 |  ⚠️⚠️⚠️⚠️⚠️⚠️
CVE-2026-0073: Critical Android Zero-Click, Zero-Day exploit in wireless debugging (if enabled) can allow adjacent hacker (in same network) to execute code as shell user. | 1 382 |
| 15 |  🅰️🅰️🅰️🔢🅰️🅰️🅰️
Devcore team chained ⛓️💥 4 logic bugs to achieve sandbox escape in Microsoft Edge in Pwn²Own 2026, Berlin. | 1 165 |
| 16 | 🤖 Mythos finds a curl vulnerability.
https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-vulnerability/ | 1 284 |
| 17 |  🆒🆒🆒🆒🔢🔢
FAST16 — Pre-Stuxnet Sabotage Malware (2005)
- Referenced in Shadow Brokers (2017) leak (“NOTHING TO SEE HERE”)
- Compiled ~2005 → ~5 years before Stuxnet
- Type: Sabotage malware (not espionage)
Target
- High-precision engineering / simulation software
- Includes LS-DYNA, PKPM, MOHID
- Used for physics, impact, and advanced simulations (incl. nuclear-related domains)
Technique
- Kernel driver: "fast16.sys"
- In-memory patching of target processes
- Injects subtle calculation errors (floating-point manipulation)
- Goal: corrupt outputs while appearing normal
Propagation
- Worm-like spread via weak Windows network shares
Attribution
- Not confirmed
- Strong suspicion: US or allied origin (based on NSA-linked leak context)
Note
- LS-DYNA ≠ purely “explosive software”
- Broader simulation usage; “explosive calculations” is a subset use case | 1 781 |
| 18 |  IoT side channel (correlation) attack using WiFi.
Heuristic surveillance data is both widely under-reported and difficult to mitigate without tossing your devices and living in the stone age. | 817 |
| 19 |  💽 Phantomdrive is an open-source USB drive designed to conceal its actual capacity. Upon initial insertion, the device presents itself as an 8GB disk. To access the secondary partition, a file named "unlock.txt" must be created, followed by the entry of the password; the drive will subsequently unmount and remount, revealing the remaining data. All data is encrypted in place using an AES-256 key derived from the password. This mechanism is fundamentally different from how Veracrypt operates. | 1 520 |
| 20 | Phantomdrive is an open-source USB drive designed to conceal its actual capacity. Upon initial insertion, the device presents itself as an 8GB disk. To access the secondary partition, a file named "unlock.txt" must be created, followed by the entry of the password; the drive will subsequently unmount and remount, revealing the remaining data. All data is encrypted in place using an AES-256 key derived from the password. This mechanism is fundamentally different from how Veracrypt operates. Beta devices are available on the official website; please refer to the bio for the link. | 0 |
