Getting RCE in Chrome with incorrect side effect in the JIT compiler - The GitHub Blog
https://github.blog/2023-09-26-getting-rce-in-chrome-with-incorrect-side-effect-in-the-jit-compiler/
New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software
https://thehackernews.com/2023/09/new-zenrat-malware-targeting-windows.html
GitHub - M01N-Team/HeaderLessPE
https://github.com/M01N-Team/HeaderLessPE
GitHub repos bombarded by info-stealing commits masked as Dependabot
https://www.bleepingcomputer.com/news/security/github-repos-bombarded-by-info-stealing-commits-masked-as-dependabot/
Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data
https://thehackernews.com/2023/09/researchers-uncover-new-gpu-side.html
ZenRAT: Malware Brings More Chaos Than Calm | Proofpoint US
https://www.proofpoint.com/us/blog/threat-insight/zenrat-malware-brings-more-chaos-calm
GitHub - Chocapikk/CVE-2023-29357: Microsoft SharePoint Server Elevation of Privilege Vulnerability
https://github.com/Chocapikk/CVE-2023-29357
Chinese Gov Hackers Caught Hiding in Cisco Router Firmware - SecurityWeek
https://www.securityweek.com/chinese-gov-hackers-caught-hiding-in-cisco-router-firmware/
Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score
https://thehackernews.com/2023/09/new-libwebp-vulnerability-under-active.html
Hackers actively exploiting Openfire flaw to encrypt servers
https://www.bleepingcomputer.com/news/security/hackers-actively-exploiting-openfire-flaw-to-encrypt-servers/
[P2O Vancouver 2023] SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955) | STAR Labs
https://starlabs.sg/blog/2023/09-sharepoint-pre-auth-rce-chain/![[P2O Vancouver 2023] SharePoint Pre-Auth RCE chain (CVE-2023–29357 & CVE-2023–24955) | STAR Labs](/image/screenshot/45b7f86a3f202b3c538673cf3adb88a4.webp)
Modern GPUs vulnerable to new GPU.zip side-channel attack
https://www.bleepingcomputer.com/news/security/modern-gpus-vulnerable-to-new-gpuzip-side-channel-attack/
New GPU Side-Channel Attack Allows Malicious Websites to Steal Data - SecurityWeek
https://www.securityweek.com/new-gpu-side-channel-attack-allows-malicious-websites-to-steal-data/
DEF CON 25 Conference - Josh Schwartz, John Cramb - MEATPISTOL, A Modular Malware Implant Framework - YouTube
https://www.youtube.com/watch?v=dbIdo9ilEIY
Misconfigured TeslaMate Instances Put Tesla Car Owners at Risk - SecurityWeek
https://www.securityweek.com/misconfigured-teslamate-instances-put-tesla-car-owners-at-risk/
Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors
https://thehackernews.com/2023/09/red-cross-themed-phishing-attacks.html
What We Can Learn from Cybersecurity Trashfires - YouTube
https://www.youtube.com/watch?v=Eb8xYuof4CA
GitHub - unkvolism/Fuck-Etw: Bypass the Event Trace Windows(ETW) and unhook ntdll.
https://github.com/unkvolism/Fuck-Etw
macOS 14 Sonoma Patches 60 Vulnerabilities - SecurityWeek
https://www.securityweek.com/macos-14-sonoma-patches-60-vulnerabilities/
‘Snatch’ Ransom Group Exposes Visitor IP Addresses – Krebs on Security
https://krebsonsecurity.com/2023/09/snatch-ransom-group-exposes-visitor-ip-addresses/
GitHub - lozaning/HomeAssistantPoliceDetector: Scans for BLE devices and if it see any from Taser International sets an home assistant switch to 'on', turns back off a minute after the device is gone
https://github.com/lozaning/HomeAssistantPoliceDetector
US and Japan warn of Chinese hackers backdooring Cisco routers
https://www.bleepingcomputer.com/news/security/us-and-japan-warn-of-chinese-hackers-backdooring-cisco-routers/
Building automation giant Johnson Controls hit by ransomware attack
https://www.bleepingcomputer.com/news/security/building-automation-giant-johnson-controls-hit-by-ransomware-attack/
GitHub - buptsb/CVE-2023-4762
https://github.com/buptsb/CVE-2023-4762
GitHub - hmgle/graftcp: A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.
https://github.com/hmgle/graftcp
Firefox 118 Patches High-Severity Vulnerabilities - SecurityWeek
https://www.securityweek.com/firefox-118-patches-high-severity-vulnerabilities/