CitrixBleed 2: Electric Boogaloo — CVE-2025–5777 | by Kevin Beaumont | Jun, 2025 | DoublePulsar
https://doublepulsar.com/citrixbleed-2-electric-boogaloo-cve-2025-5777-c7f5e349d206
WinRAR patches bug letting malware launch from extracted archives
https://www.bleepingcomputer.com/news/security/winrar-patches-bug-letting-malware-launch-from-extracted-archives/
GitHub - temp43487580/EntraPassTheCert: tool for requesting Entra ID's P2P certificate and authenticating remote Entra joinned devices with it
https://github.com/temp43487580/EntraPassTheCert
ADCS Attacks with Certipy | serioton
https://seriotonctf.github.io/ADCS-Attacks-with-Certipy/
New 'CitrixBleed 2' NetScaler flaw let hackers hijack sessions
https://www.bleepingcomputer.com/news/security/new-citrixbleed-2-netscaler-flaw-let-hackers-hijack-sessions/
Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC
https://thehackernews.com/2025/06/citrix-releases-emergency-patches-for.html
BreachForums hacking forum operators reportedly arrested in France
https://www.bleepingcomputer.com/news/security/breachforums-hacking-forum-operators-reportedly-arrested-in-france/
FileFix - A ClickFix Alternative | mr.d0x
https://mrd0x.com/filefix-clickfix-alternative/
Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games
https://thehackernews.com/2025/06/pro-iranian-hacktivist-group-leaks.html
xbz0n@sh:~# Mythic C2 with EarlyBird Injection and Defender Evasion
http://xbz0n.sh/blog/mythic-c2-early-bird-defender-evasion
Code Execution Vulnerability Patched in GitHub Enterprise Server - SecurityWeek
https://www.securityweek.com/code-execution-vulnerability-patched-in-github-enterprise-server/
New Vulnerabilities Expose Millions of Brother Printers to Hacking - SecurityWeek
https://www.securityweek.com/new-vulnerabilities-expose-millions-of-brother-printers-to-hacking/
しばらくお待ちください...
https://capesandbox.com/analysis/11082/
New wave of ‘fake interviews’ use 35 npm packages to spread malware
https://www.bleepingcomputer.com/news/security/new-wave-of-fake-interviews-use-35-npm-packages-to-spread-malware/
SonicWall warns of trojanized NetExtender stealing VPN logins
https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-trojanized-netextender-stealing-vpn-logins/
MacOS Sandbox Escape via Double Free in coreaudiod/CoreAudio Framework [406271181] - Project Zero
https://project-zero.issues.chromium.org/issues/406271181![MacOS Sandbox Escape via Double Free in coreaudiod/CoreAudio Framework [406271181] - Project Zero](/image/screenshot/17211cacbae5e193d4beb2c514c55eed.webp)
Microsoft Extends Windows 10 Security Updates for One Year with New Enrollment Options
https://thehackernews.com/2025/06/microsoft-extends-windows-10-security.html
OneClik: A ClickOnce-Based APT Campaign Targeting Energy, Oil and Gas Infrastructure
https://www.trellix.com/blogs/research/oneclik-a-clickonce-based-apt-campaign-targeting-energy-oil-and-gas-infrastructure/
Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure
https://thehackernews.com/2025/06/citrix-bleed-2-flaw-enables-token-theft.html
Mainline Health, Select Medical Each Disclose Data Breaches Impacting 100,000 People - SecurityWeek
https://www.securityweek.com/mainline-health-select-medical-each-disclose-data-breaches-impacting-100000-people/
An inside look at NSA (Equation Group) TTPs from China’s lense
https://www.inversecos.com/2025/02/an-inside-look-at-nsa-equation-group.html?m=1
GitHub - NeffIsBack/wsuks: Automating the MITM attack on WSUS
https://github.com/NeffIsBack/wsuks