Sys-Admin Up

Открыть в Telegram

InfoSec, Hacks, Perks, Tools, IT/IS Courses, CVE… Contains part of the news that was not included in the Sys-Admin & InfoSec Channel (@sysadm_in_channel)

Больше

США14 404 Технологии и приложения40 470

1 091

Подписчики

-124 часа

-37 дней

+830 день

218

Просмотры поста

~ 7124 часа

~ 8948 часов

19.98%

Коэффициент вовлеченности

Нет данных

Постов в день

Ads index

beta

Архив постов

1 091

https://www.huntress.com/blog/uptick-bomgar-exploitation

1 091

152 Chrome Live Wallpaper Extensions Hid Ad Tracking and Faked Google Search Traffic A network of 152 Chrome live wallpaper extensions hid ad tracking and made extension-driven traffic look like Google search clicks: https://socket.dev/blog/152-chrome-live-wallpaper-extensions-hid-ad-tracking

1 091

https://github.com/MSNightmare/GreatXML

1 091

Today, the account of one of the "clean internet" advocates disappeared. WTF?

1 091

Evil Hentai) These files were distributed alongside games created using various game engines and programming languages, including RenPy (Python), RPG Maker MV (JavaScript), and others. All identified games were categorized as hentai games. https://securelist.ru/argamal-rat-distributed-with-hentai-games/115833/

1 091

Evil Hentai) https://securelist.ru/argamal-rat-distributed-with-hentai-games/115833/

1 091

How flat is replacing fat in AWS data center networks https://www.amazon.science/blog/how-flat-is-replacing-fat-in-aws-data-center-networks

1 091

New Malware Targeting Minecraft Infects 2K Daily, and Teens are Becoming Attackers https://www.mcafee.com/blogs/security-news/minecraft-malware-campaign-research-teen-hacker-cyberbullying/

1 091

https://heyitsas.im/posts/cifswitch/

1 091

Authenticated RCE via Argument Injection in Gogs (NOT FIXED) https://www.rapid7.com/blog/post/ve-authenticated-rce-via-argument-injection-gogs-unfixed/

1 091

FROST: Fingerprinting Remotely using OPFS-based SSD Timing In this paper, we show that SSD contention side channels can be mounted by a remote attacker from within the browser, without native code execution.

1 091

https://github.com/perplexityai/bumblebee

1 091

Introducing nginx-poolslip, a fresh RCE for the the latest nginx release 1.31.0. https://x.com/nebusecurity/status/2057071579876753643

1 091

MSaaS explored from Microsoft https://www.microsoft.com/en-us/security/blog/2026/05/19/exposing-fox-tempest-a-malware-signing-service-operation/

1 091

Chromium as c2: https://infosec.exchange/@rebane2001/116606719764376414

1 091

https://www.stepsecurity.io/blog/actions-cool-issues-helper-github-action-compromised-all-tags-point-to-imposter-commit-that-exfiltrates-ci-cd-credentials

1 091

DirtyDecrypt PoC https://github.com/v12-security/pocs/tree/main/dirtydecrypt

1 091

https://techcommunity.microsoft.com/blog/exchange/addressing-exchange-server-may-2026-vulnerability-cve-2026-42897/4518498

1 091

New Actors Deploy Shai-Hulud Clones: TeamPCP Copycats Are Here Four malicious npm packages were uploaded to npm by the same threat actor, including a non-obfuscated Shai-Hulud clone https://www.ox.security/blog/new-actors-deploy-shai-hulud-clones-teampcp-copycats-are-here/

1 091

NGINX ngx_http_rewrite_module Heap-Based Buffer Overflow (Queries and Signatures Only) An unauthenticated attacker can crash the NGINX worker process by sending crafted HTTP requests - CVE-2026-42945: https://docs.vulncheck.com/initial-access/2026-05-15#cve-2026-42945-nginx-ngx_http_rewrite_module-heap-based-buffer-overflow-queries-and-signatures-only