med-mastodon.com is one of the many independent Mastodon servers you can use to participate in the fediverse.
Medical community on Mastodon

Administered by:

Server stats:

361
active users

#exploit

9 posts7 participants1 post today

Drei chinesische Gruppen als Angreifer auf Sharepoint-Server identifiziert

Eine Analyse von Microsoft nennt drei verschiedene Gruppen aus China als Angreifer auf die jüngste Sharepoint-Lücke. Dabei dürfte es aber nicht bleiben.

heise.de/news/Drei-chinesische

heise online · Drei chinesische Gruppen als Angreifer auf Sharepoint-Server identifiziertBy Frank Schräer

Update: Neue Version von Sharepoint 2016 behebt Toolshell-Lücke

Microsoft legt nach und veröffentlicht auch für die 2016er-Ausgabe von Sharepoint einen Flicken. Admins sollten diesen unverzüglich einspielen.

heise.de/news/Update-Neue-Vers

heise online · Update: Neue Version von Sharepoint 2016 behebt Toolshell-Lücke
More from Dr. Christopher Kunz

Critical #CitrixBleed 2 #vulnerability has been under active #exploit for weeks

A critical vulnerability allowing #hackers to bypass #multifactor #authentication in network management devices made by #Citrix has been actively #exploited for more than a month, researchers said. The finding is at odds with advisories from the vendor saying there is no evidence of in-the-wild #exploitation.
#security #privacy

arstechnica.com/security/2025/

Ars Technica · Critical CitrixBleed 2 vulnerability has been under active exploit for weeksBy Dan Goodin

Just published a proof-of-concept exploit for CVE-2025-32463, a new Linux privilege escalation vulnerability affecting sudo discovered and disclosed by Stratascale about 2 weeks ago.

The PoC is available on GitHub. A full technical writeup will be published on my blog soon.

GitHub: github.com/morgenm/sudo-chroot

Rust PoC for CVE-2025-32463 (sudo chroot "chwoot" Local PrivEsc) - morgenm/sudo-chroot-CVE-2025-32463
GitHubGitHub - morgenm/sudo-chroot-CVE-2025-32463: Rust PoC for CVE-2025-32463 (sudo chroot "chwoot" Local PrivEsc)Rust PoC for CVE-2025-32463 (sudo chroot "chwoot" Local PrivEsc) - morgenm/sudo-chroot-CVE-2025-32463

#AMD warns of new #Meltdown, #Spectre-like bugs affecting #CPU
Four bugs do not appear too venomous – two have medium-severity ratings other two are rated "low." However, low-level nature of #exploit's impact has nonetheless led Trend Micro and CrowdStrike to assess them as "critical."
Rasons for low severity scores are high degree of complexity involved in successful attack – AMD said it could only be carried out by attacker able to run arbitrary code on a target machine
theregister.com/2025/07/09/amd

The Register · AMD warns of new Meltdown, Spectre-like bugs affecting CPUsBy Connor Jones