Make Self-XSS Great Again - Slonser Notes
https://blog.slonser.info/posts/make-self-xss-great-again/
GitHub - mverschu/CVE-2025-33073: PoC Exploit for the NTLM reflection SMB flaw.
https://github.com/mverschu/CVE-2025-33073
Synacktiv on X: "Microsoft just released the patch for CVE-2025-33073, a critical vulnerability allowing a standard user to remotely compromise any machine with SMB signing not enforced! Checkout the details in the blogpost by @yaumn_ and @wil_fri3d. https://t.co/EY5Z53w1ZT" / X
https://x.com/Synacktiv/status/1932748953961050198
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
https://thehackernews.com/2025/06/apple-zero-click-flaw-in-messages.html
Google links massive cloud outage to API management issue
https://www.bleepingcomputer.com/news/google/google-links-massive-cloud-outage-to-api-management-issue/
GitHub - TrenchantARC/Garbage-collection-in-v8: Talk presented at Offensivecon 2025 by Richard Abou Chaya and John Stephenson
https://github.com/TrenchantARC/Garbage-collection-in-v8
Inside a Dark Adtech Empire Fed by Fake CAPTCHAs – Krebs on Security
https://krebsonsecurity.com/2025/06/inside-a-dark-adtech-empire-fed-by-fake-captchas/
Discord flaw lets hackers reuse expired invites in malware campaign
https://www.bleepingcomputer.com/news/security/discord-flaw-lets-hackers-reuse-expired-invites-in-malware-campaign/
Cloudflare: Outage not caused by security incident, data is safe
https://www.bleepingcomputer.com/news/security/cloudflare-outage-not-caused-by-security-incident-data-is-safe/
270K websites injected with ‘JSF-ck’ obfuscated code | SC Media
https://www.scworld.com/news/270k-websites-injected-with-jsf-ck-obfuscated-code
Graphite Caught: First Forensic Confirmation of Paragon’s iOS Mercenary Spyware Finds Journalists Targeted - The Citizen Lab
https://citizenlab.ca/2025/06/first-forensic-confirmation-of-paragons-ios-mercenary-spyware-finds-journalists-targeted/
GitHub - DevBuiHieu/CVE-2025-33053-Proof-Of-Concept: CVE-2025-33053 Proof Of Concept (PoC)
https://github.com/DevBuiHieu/CVE-2025-33053-Proof-Of-Concept
Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
https://thehackernews.com/2025/06/ransomware-gangs-exploit-unpatched.html
Microsoft: KB5060533 update triggers boot errors on Surface Hub v1 devices
https://www.bleepingcomputer.com/news/microsoft/microsoft-kb5060533-update-triggers-boot-errors-on-surface-hub-v1-devices/
Microsoft confirms auth issues affecting Microsoft 365 users
https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-auth-issues-affecting-microsoft-365-users/
Victoria’s Secret restores critical systems after cyberattack
https://www.bleepingcomputer.com/news/security/victorias-secret-restores-critical-systems-after-cyberattack/
FortiOS SSL-VPN Vulnerability Let Attackers Access full SSL-VPN settings
https://cybersecuritynews.com/fortios-ssl-vpn-vulnerability/
New 'SmartAttack' Steals Air-Gapped Data Using Smartwatches - SecurityWeek
https://www.securityweek.com/new-smartattack-steals-air-gapped-data-using-smartwatches/
Predator Spyware Resurgence: Insikt Group Exposes New Global Infrastructure
https://www.recordedfuture.com/research/predator-still-active-new-links-identified
Release v1.1.0 · VirusTotal/yara-x · GitHub
https://github.com/VirusTotal/yara-x/releases/tag/v1.1.0