Endi mavjud! Telegram Tadqiqoti 2025 โ yilning asosiy insaytlari 
cKure Red
Kanalga Telegramโda oโtish
The director's cut on critical feeds from InfoSec world ๐ Main Channel: @cKure โ๏ธ or queries email us ๐จ i@ckure.org
Ko'proq ko'rsatish2 576
Obunachilar
+524 soatlar
+137 kunlar
+4730 kunlar
Ma'lumot yuklanmoqda...
O'xshash kanallar
Taglar buluti
Kirish va chiqish esdaliklari
---
---
---
---
---
---
Obunachilarni jalb qilish
Iyun '26
Iyun '26
+59
2 kanalda
May '26
+82
1 kanalda
Get PRO
Aprel '26
+81
2 kanalda
Get PRO
Mart '26
+69
2 kanalda
Get PRO
Fevral '26
+51
2 kanalda
Get PRO
Yanvar '26
+119
2 kanalda
Get PRO
Dekabr '25
+81
2 kanalda
Get PRO
Noyabr '25
+86
1 kanalda
Get PRO
Oktabr '25
+54
3 kanalda
Get PRO
Sentabr '25
+56
3 kanalda
Get PRO
Avgust '25
+34
2 kanalda
Get PRO
Iyul '25
+39
3 kanalda
Get PRO
Iyun '25
+41
2 kanalda
Get PRO
May '25
+71
3 kanalda
Get PRO
Aprel '25
+36
1 kanalda
Get PRO
Mart '25
+37
2 kanalda
Get PRO
Fevral '25
+50
1 kanalda
Get PRO
Yanvar '25
+29
1 kanalda
Get PRO
Dekabr '24
+75
3 kanalda
Get PRO
Noyabr '24
+112
3 kanalda
Get PRO
Oktabr '24
+65
1 kanalda
Get PRO
Sentabr '24
+110
1 kanalda
Get PRO
Avgust '24
+114
1 kanalda
Get PRO
Iyul '24
+127
6 kanalda
Get PRO
Iyun '24
+53
2 kanalda
Get PRO
May '24
+70
2 kanalda
Get PRO
Aprel '24
+158
26 kanalda
Get PRO
Mart '24
+95
2 kanalda
Get PRO
Fevral '24
+153
24 kanalda
Get PRO
Yanvar '24
+114
2 kanalda
Get PRO
Dekabr '23
+96
1 kanalda
Get PRO
Noyabr '23
+28
1 kanalda
Get PRO
Oktabr '23
+34
1 kanalda
Get PRO
Sentabr '23
+22
0 kanalda
Get PRO
Avgust '23
+32
0 kanalda
Get PRO
Iyul '23
+31
0 kanalda
Get PRO
Iyun '23
+32
0 kanalda
Get PRO
May '23
+16
0 kanalda
Get PRO
Aprel '23
+29
0 kanalda
Get PRO
Mart '23
+22
0 kanalda
Get PRO
Fevral '23
+18
0 kanalda
Get PRO
Yanvar '23
+28
0 kanalda
Get PRO
Dekabr '22
+33
0 kanalda
Get PRO
Noyabr '22
+33
0 kanalda
Get PRO
Oktabr '22
+12
0 kanalda
Get PRO
Sentabr '22
+14
0 kanalda
Get PRO
Avgust '22
+38
0 kanalda
Get PRO
Iyul '22
+34
0 kanalda
Get PRO
Iyun '22
+30
0 kanalda
Get PRO
May '22
+38
0 kanalda
Get PRO
Aprel '22
+40
0 kanalda
Get PRO
Mart '22
+51
0 kanalda
Get PRO
Fevral '22
+23
0 kanalda
Get PRO
Yanvar '22
+39
0 kanalda
Get PRO
Dekabr '21
+243
0 kanalda
| Sana | Obunachilarni jalb qilish | Esdaliklar | Kanallar | |
| 20 Iyun | +5 | |||
| 19 Iyun | +5 | |||
| 18 Iyun | +1 | |||
| 17 Iyun | +2 | |||
| 16 Iyun | +3 | |||
| 15 Iyun | +3 | |||
| 14 Iyun | +1 | |||
| 13 Iyun | +2 | |||
| 12 Iyun | +2 | |||
| 11 Iyun | +1 | |||
| 10 Iyun | 0 | |||
| 09 Iyun | +2 | |||
| 08 Iyun | +3 | |||
| 07 Iyun | +2 | |||
| 06 Iyun | +4 | |||
| 05 Iyun | +1 | |||
| 04 Iyun | +2 | |||
| 03 Iyun | +6 | |||
| 02 Iyun | +9 | |||
| 01 Iyun | +5 |
Kanal postlari
๐ The Eternal Jew rises with same tricks up the sleeve: โPopaโ Botnet Linked to Publicly-Traded Israeli Firm
https://x.com/i/status/2067993607597092865
| 2 | Exploiting CVE-2024-1065 via the Page Cache!
A strategy for physical-page UAFs in MIGRATE_MOVABLE, where Dirty Pagetable and Dirty Cred don't apply.
https://kuzey.rs/posts/MaliUAF/
Demonstrated on the Mali GPU UAF found by Project Zero. | 494 |
| 3 | Free research papers
https://sci-bot.ru/ | 915 |
| 4 |  ๐ก๐
ฐ๏ธ๐
ฐ๏ธ๐
ฐ๏ธโโ๐
ฐ๏ธ๐
ฐ๏ธ๐
ฐ๏ธ๐
ฐ๏ธ
PimEyes.Com | 1 128 |
| 5 | ๐ฉโ๐ป Performing RCE in Internet Explorer via clickjacking!
Credits: Igor Sak-Sakovsky's (๐ | Psych0tr1a)
https://swarm.ptsecurity.com/the-click-that-shouldnt-have-worked-rce-via-clickjacking-in-internet-explorer/ | 1 194 |
| 6 | ๐ก๐ฐ For 19 years, GPS satellites have secretly broadcast a โnumbers stationโ in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, โghostโ substrings repeating years apart, and a โTEXTโ prefix spreading now.
https://lsc-pagepro.mydigitalpublication.com/publication/?i=865273&p=62&view=issueViewer
https://github.com/sjmurdoch/gps-special-messages
https://x.com/i/status/2061829547289387209 | 1 598 |
| 7 | ๐๐๐๐ค๐๐๐๐
Transfer data between devices using just QR codes!
QR-Beam โ A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use.
The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.
Beta: https://ckure.org/rx/QR-Beam | 1 |
| 8 | ๐๐๐๐ค๐๐๐๐
Transfer data between devices using just QR codes!
QR-Beam โ A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use.
The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.
Beta: https://ckure.org/rx/QR-Beam | 1 |
| 9 | ๐๐๐๐ค๐๐๐๐
Transfer data between devices using just QR codes!
QR-Beam โ A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use.
The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.
Beta: https://ckure.org/rx/QR-Beam | 1 124 |
| 10 | ๐ Mini Plasma Zero-Day by Chaotic Eclipse (aka Nightmare Eclipse) with a total of 6 0-Days in 6 weeks.
Official blog:
https://deadeclipse666.blogspot.com
https://blog.barracuda.com/2026/05/19/nightmare-eclipse-zero-days-grudge | 1 225 |
| 11 |  ๐ฑAnthropic co-founder says there is a "real possibility that AI will displace human labor at a very large scale," and that supporting those people "will be a moral imperative of historic proportions."
And we do not have a mechanism while most of the control of AI is with few wealthy nations and individuals. | 890 |
| 12 | ๐ ๐ ๐ ๐ ๐ ๐ ๐ โ๐ ๐ ๐
https://www.theverge.com/tech/935202/flipper-devices-one-zero-wireless-multi-tool-linux-open-source-computer | 1 405 |
| 13 | ๐ค ๐๐๐๐๐๐
Earlier today Cloudflare's CSO shared how they tested Anthropic Mythos using an unreleased 8-stage vulnerability-discovery agent.
Opus implemented the agent and it works via Claude SDK with a Pro or Max subscription, no API.
https://github.com/evilsocket/audit
๐ | Simone | 1 499 |
| 14 |  ๐40K Starlink terminals hacked to lure Russians into a cyber trap as per anti-Russia propaganda news.
40,000 Starlink terminals go dark. Russian soldiers scramble for answers and turn to Telegram. They donโt realise theyโve just walked into a trap. The journalists travelled across Ukraine from Lviv to the front line in Zaporizhzhia to uncover a pretty audacious cyber operation. Meet Goldfinger and the 256 Cyber Assault Brigade and Yaro, and the 128th Mechanised Brigade, holding the line in the south. | 1 379 |
| 15 |  ๐คฉ โ๏ธโ๏ธโ๏ธโ๏ธโ๏ธโ๏ธ
LLM used to make a Zero-Day by APT group on a popular software.
The zero day was a 2FA bypass via logic bug ๐ชฒ
Security researchers at Alphabetโs Google said they believe a cybercrime group used artificial intelligence to create a hacking tool that can bypass defenses in a widely-used tool to administer computer systems. The scheme, which was foiled when Google alerted the tool developer, would mark the first time that Googleโs Threat Intelligence Group caught a hacker using an AI-generated โzero-dayโ in such a way, according to a report published Monday. | 1 195 |
| 16 |  โ ๏ธโ ๏ธโ ๏ธโ ๏ธโ ๏ธโ ๏ธ
CVE-2026-0073: Critical Android Zero-Click, Zero-Day exploit in wireless debugging (if enabled) can allow adjacent hacker (in same network) to execute code as shell user. | 1 426 |
| 17 |  ๐
ฐ๏ธ๐
ฐ๏ธ๐
ฐ๏ธ๐ข๐
ฐ๏ธ๐
ฐ๏ธ๐
ฐ๏ธ
Devcore team chained โ๏ธโ๐ฅ 4 logic bugs to achieve sandbox escape in Microsoft Edge in PwnยฒOwn 2026, Berlin. | 1 187 |
| 18 | ๐ค Mythos finds a curl vulnerability.
https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-vulnerability/ | 1 296 |
| 19 |  ๐๐๐๐๐ข๐ข
FAST16 โ Pre-Stuxnet Sabotage Malware (2005)
- Referenced in Shadow Brokers (2017) leak (โNOTHING TO SEE HEREโ)
- Compiled ~2005 โ ~5 years before Stuxnet
- Type: Sabotage malware (not espionage)
Target
- High-precision engineering / simulation software
- Includes LS-DYNA, PKPM, MOHID
- Used for physics, impact, and advanced simulations (incl. nuclear-related domains)
Technique
- Kernel driver: "fast16.sys"
- In-memory patching of target processes
- Injects subtle calculation errors (floating-point manipulation)
- Goal: corrupt outputs while appearing normal
Propagation
- Worm-like spread via weak Windows network shares
Attribution
- Not confirmed
- Strong suspicion: US or allied origin (based on NSA-linked leak context)
Note
- LS-DYNA โ purely โexplosive softwareโ
- Broader simulation usage; โexplosive calculationsโ is a subset use case | 1 781 |
| 20 |  IoT side channel (correlation) attack using WiFi.
Heuristic surveillance data is both widely under-reported and difficult to mitigate without tossing your devices and living in the stone age. | 817 |
