cKure Red

Free research papers

https://sci-bot.ru/

📡🅰️🅰️🅰️❎❎🅰️🅰️🅰️🅰️

PimEyes.Com

👩‍💻 Performing RCE in Internet Explorer via clickjacking!

Credits: Igor Sak-Sakovsky's (𝕏 | Psych0tr1a)

https://swarm.ptsecurity.com/the-click-that-shouldnt-have-worked-rce-via-clickjacking-in-internet-explorer/

📡🛰 For 19 years, GPS satellites have secretly broadcast a “numbers station” in their public signals. We decoded 12M messages: a 2011 flash where 31 of 32 satellites flipped in hours, “ghost” substrings repeating years apart, and a “TEXT” prefix spreading now. https://lsc-pagepro.mydigitalpublication.com/publication/?i=865273&p=62&view=issueViewer https://github.com/sjmurdoch/gps-special-messages https://x.com/i/status/2061829547289387209

🔗🆒🆒🔤🆒🆒🆒🆒

Transfer data between devices using just QR codes!

QR-Beam — A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use. The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.

Beta: https://ckure.org/rx/QR-Beam

🔗🆒🆒🔤🆒🆒🆒🆒

Transfer data between devices using just QR codes!

QR-Beam — A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use. The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.

Beta: https://ckure.org/rx/QR-Beam

🔗🆒🆒🔤🆒🆒🆒🆒

Transfer data between devices using just QR codes!

QR-Beam — A browser-based data transfer tool where both sender and receiver run entirely client-side via JavaScript. No installation, simple mobile-friendly UI, and designed for real-world use. The idea isn't new, but was focused on turning it into a practical, production-ready solution with several improvements over existing PoCs.

Beta: https://ckure.org/rx/QR-Beam

😔 Mini Plasma Zero-Day by Chaotic Eclipse (aka Nightmare Eclipse) with a total of 6 0-Days in 6 weeks.

Official blog: https://deadeclipse666.blogspot.com

https://blog.barracuda.com/2026/05/19/nightmare-eclipse-zero-days-grudge

📱Anthropic co-founder says there is a "real possibility that AI will displace human labor at a very large scale," and that supporting those people "will be a moral imperative of historic proportions."

And we do not have a mechanism while most of the control of AI is with few wealthy nations and individuals.

🔠🔠🔠🔠🔠🔠🔠➖🔠🔠🔠 https://www.theverge.com/tech/935202/flipper-devices-one-zero-wireless-multi-tool-linux-open-source-computer

🤖 🆒🆒🆒🆒🆒🆒 Earlier today Cloudflare's CSO shared how they tested Anthropic Mythos using an unreleased 8-stage vulnerability-discovery agent. Opus implemented the agent and it works via Claude SDK with a Pro or Max subscription, no API.

https://github.com/evilsocket/audit

𝕏 | Simone

🚀40K Starlink terminals hacked to lure Russians into a cyber trap as per anti-Russia propaganda news.

40,000 Starlink terminals go dark. Russian soldiers scramble for answers and turn to Telegram. They don’t realise they’ve just walked into a trap. The journalists travelled across Ukraine from Lviv to the front line in Zaporizhzhia to uncover a pretty audacious cyber operation. Meet Goldfinger and the 256 Cyber Assault Brigade and Yaro, and the 128th Mechanised Brigade, holding the line in the south.

🤩 ❗️❗️❗️❗️❗️❗️ LLM used to make a Zero-Day by APT group on a popular software. The zero day was a 2FA bypass via logic bug 🪲

Security researchers at Alphabet’s Google said they believe a cybercrime group used artificial intelligence to create a hacking tool that can bypass defenses in a widely-used tool to administer computer systems. The scheme, which was foiled when Google alerted the tool developer, would mark the first time that Google’s Threat Intelligence Group caught a hacker using an AI-generated “zero-day” in such a way, according to a report published Monday.

⚠️⚠️⚠️⚠️⚠️⚠️ CVE-2026-0073: Critical Android Zero-Click, Zero-Day exploit in wireless debugging (if enabled) can allow adjacent hacker (in same network) to execute code as shell user.

🅰️🅰️🅰️🔢🅰️🅰️🅰️ Devcore team chained ⛓️‍💥 4 logic bugs to achieve sandbox escape in Microsoft Edge in Pwn²Own 2026, Berlin.

🤖 Mythos finds a curl vulnerability. https://daniel.haxx.se/blog/2026/05/11/mythos-finds-a-curl-vulnerability/

🆒🆒🆒🆒🔢🔢 FAST16 — Pre-Stuxnet Sabotage Malware (2005) - Referenced in Shadow Brokers (2017) leak (“NOTHING TO SEE HERE”) - Compiled ~2005 → ~5 years before Stuxnet - Type: Sabotage malware (not espionage) Target - High-precision engineering / simulation software - Includes LS-DYNA, PKPM, MOHID - Used for physics, impact, and advanced simulations (incl. nuclear-related domains) Technique - Kernel driver: "fast16.sys" - In-memory patching of target processes - Injects subtle calculation errors (floating-point manipulation) - Goal: corrupt outputs while appearing normal Propagation - Worm-like spread via weak Windows network shares Attribution - Not confirmed - Strong suspicion: US or allied origin (based on NSA-linked leak context) Note - LS-DYNA ≠ purely “explosive software” - Broader simulation usage; “explosive calculations” is a subset use case

IoT side channel (correlation) attack using WiFi. Heuristic surveillance data is both widely under-reported and difficult to mitigate without tossing your devices and living in the stone age.

💽 Phantomdrive is an open-source USB drive designed to conceal its actual capacity. Upon initial insertion, the device presents itself as an 8GB disk. To access the secondary partition, a file named "unlock.txt" must be created, followed by the entry of the password; the drive will subsequently unmount and remount, revealing the remaining data. All data is encrypted in place using an AES-256 key derived from the password. This mechanism is fundamentally different from how Veracrypt operates.

Phantomdrive is an open-source USB drive designed to conceal its actual capacity. Upon initial insertion, the device presents itself as an 8GB disk. To access the secondary partition, a file named "unlock.txt" must be created, followed by the entry of the password; the drive will subsequently unmount and remount, revealing the remaining data. All data is encrypted in place using an AES-256 key derived from the password. This mechanism is fundamentally different from how Veracrypt operates. Beta devices are available on the official website; please refer to the bio for the link.