Intruder's free tool finds exposed API vulnerabilities

A new command injection vulnerability in OpenSSH, tracked as CVE-2025-61984, has been disclosed, which could allow an attacker to achieve remote code execution on a victim’s machine. The vulnerability is a bypass of a previous fix for a similar issue (CVE-2023-51385) and exploits how the ProxyCommand feature interacts with the underlying system shell when handling specially crafted usernames. #OpenSSH #vulnerability #security

Code scanning does show vulnerabilities in code, and makes you think it proves reachability.. this is really a straw man attempt at security. Unless you correlate that to run time, you're just shuffling priorities based on what you think, not reality. Here's a post from Gai Gutherz about how Miggo truly helps quiet the noise by providing concise evidence about what's reachable and what is risk. Great read.

Cache poisoning vulnerabilities found in 2 DNS resolving apps https://ift.tt/roF2aiW The makers of BIND, the Internet’s most widely used software for resolving domain names, are warning of two vulnerabilities that allow attackers to poison entire caches of results and send users to malicious destinations that are indistinguishable from the real ones. The vulnerabilities, tracked as CVE-2025-40778 and CVE-2025-40780, stem from a logic error and a weakness in generating pseudo-random numbers, respectively. They each carry a severity rating of 8.6. Separately, makers of the Domain Name System resolver software Unbound warned of similar vulnerabilities that were reported by the same researchers. The unbound vulnerability severity score is 5.6 Revisiting Kaminsky’s cache poisoning attack The vulnerabilities can be exploited to cause DNS resolvers located inside thousands of organizations to replace valid results for domain lookups with corrupted ones. The corrupted results would replace the IP addresses controlled by the domain name operator (for instance, 3.15.119.63 for arstechnica.com) with malicious ones controlled by the attacker. Patches for all three vulnerabilities became available on Wednesday. Read full article Comments via Biz & IT – Ars Technica https://arstechnica.com October 22, 2025 at 06:35PM

🚨 Critical 7-Zip Vulnerabilities Enable Remote Code Execution via ZIP Archives 🚨 Security researchers have disclosed two directory traversal vulnerabilities in 7-Zip that allow remote code execution (RCE) when processing malicious ZIP files. Tracked as CVE-2025-11001 and CVE-2025-11002, these flaws stem from improper handling of symbolic links within ZIP archives. 🧠 Technical Summary: Vulnerability Type: Directory Traversal via Symbolic Links CVSS Score: 7.0 (High) Impact: Arbitrary file overwrite and RCE under SYSTEM context Exploitation: Requires only ZIP extraction in a vulnerable environment 📂 Attack Vector: Malicious ZIP contains symlinks like ../../../../windows/system32/malicious.dll On extraction, 7-Zip places payloads in sensitive directories Payloads executed via scheduled tasks or service plugins 🔐 Mitigation: Upgrade to 7-Zip version 25.00, which blocks symlinks escaping extraction paths Audit systems that auto-process ZIPs (e.g., backup/file-sharing tools) Monitor for suspicious ZIP entries and unexpected DLLs in protected directories 🛡️ Security Best Practices: Enforce strict path sanitization Disable automatic archive extraction in untrusted contexts Continuously monitor file-handling services for anomalies #CyberSecurity #7Zip #CVE202511001 #CVE202511002 #RemoteCodeExecution #DirectoryTraversal #InfoSec #VulnerabilityManagement #PatchNow #ThreatIntel #SecurityAlert #SysAdmin #SOC #CyberThreats

From LFI to RCE: Active Exploitation Detected in Gladinet and TrioFox Vulnerability Huntress detected active exploitation of CVE-2025-11371 (CVSS 6.1), an unauthenticated local file inclusion flaw in Gladinet CentreStack and TrioFox prior to version 16.7.10368.56560, first on September 27, 2025, affecting three customers. It allows system file disclosure, chaining with prior CVE-2025-30406 (CVSS 9.0) for remote code execution via hard-coded keys. The zero-day enables threat actors to retrieve keys from Web.config files, leading to broader network compromises in file-sharing applications. Attackers scan for exposed instances, inject payloads to read sensitive configs, and escalate to shell access for lateral movement. Huntress's report details IoCs like unusual HTTP requests and file access logs, urging immediate upgrades. The flaw's unauthenticated nature makes it a prime target for automated bots. Organizations using these tools should isolate them from the internet and implement web application firewalls to block path traversal attempts. https://lnkd.in/eVq4q7b3

🚨 TryHackMe's Gallery challenge demonstrates why 85% of web application breaches still exploit basic SQL injection vulnerabilities, despite decades of awareness campaigns. 🔍 This hands-on scenario showcases how attackers exploit poorly sanitized input fields to extract sensitive database information. The walkthrough reveals classic injection techniques that security teams encounter in 73% of web application penetration tests. 🛠️ Key technical elements include bypassing authentication mechanisms, enumerating database structures, and escalating privileges through system command execution. These attack vectors mirror real-world incidents where initial web compromise leads to full system takeover in under 4 hours on average. 📊 The methodology highlights why organizations investing in secure coding practices see 67% fewer critical vulnerabilities compared to those relying solely on post-deployment scanning. Manual code review combined with automated testing catches 94% of injection flaws before production deployment. Security teams benefit from hands-on practice identifying these attack patterns. Organizations with regular penetration testing exercises report 58% faster incident response times when facing actual SQL injection attempts. #CyberSecurity #WebSecurity #SQLInjection #PenetrationTesting #InfoSec #SecurityTraining #WebApplicationSecurity #EthicalHacking source: https://lnkd.in/dfySqVgf

A new command injection vulnerability in OpenSSH, tracked as CVE-2025-61984, has been disclosed, which could allow an attacker to achieve remote code execution on a victim’s machine. The vulnerability is a bypass of a previous fix for a similar issue (CVE-2023-51385) and exploits how the ProxyCommand feature interacts with the underlying system shell when handling […] The post OpenSSH Vulnerability Exploited Via ProxyCommand to Execute Remote Code – PoC Released appeared first on Cyber Security News .

OpenSSH Vulnerability Exploited Via ProxyCommand to Execute Remote Code – PoC Released A new command injection vulnerability in OpenSSH, tracked as CVE-2025-61984, has been disclosed, which could allow an attacker to achieve remote code execution on a victim’s machine. The vulnerability is a bypass of a previous fix for a similar issue (CVE-2023-51385) and exploits how the ProxyCommand feature interacts with the underlying system shell when handling specially crafted usernames. Stay connected for industry’s latest content – Follow Deepthi Talasila #DevSecOps #ApplicationSecurity #AgenticAI #CloudSecurity #CyberSecurity #AIinSecurity #SecureDevOps #AppSec #AIandSecurity #CloudComputing #SecurityEngineering #ZeroTrust #MLSecurity #AICompliance #SecurityAutomation #SecureCoding #linkedin #InfoSec #SecurityByDesign #AIThreatDetection #CloudNativeSecurity #ShiftLeftSecurity #SecureAI #AIinDevSecOps #SecurityOps #CyberResilience #DataSecurity #SecurityInnovation #SecurityArchitecture #TrustworthyAI #AIinCloudSecurity #NextGenSecurity https://lnkd.in/gHw7FmWg

Claude Code has had several new features in recent releases. One of the most interesting is the new /security-review command, which will check the current repo for security vulnerabilities like SQL injection, XSS, CSRF, etc "We're using this ourselves at Anthropic and it's already caught real vulnerabilities, including a potential remote code execution vulnerability in an internal tool." https://lnkd.in/eeKy5HMP

🚨 Critical Alert: Public Exploit Code Released for Sudo Vulnerability A proof-of-concept exploit for CVE-2025-32463 is now publicly available, and it's dangerously simple to execute. What You Need to Know: - CVSS Score: 9.3 (Critical) - Affected: Sudo versions 1.9.14 - 1.9.17 - The Threat: Any local user can escalate to root with just a few lines of code - Status: Active exploitation confirmed by CISA How It Works: The exploit manipulates sudo’s  --chroot  option to load malicious configuration files and shared libraries, granting instant root access. The entire attack takes seconds. Action Required NOW: ✅ Upgrade to sudo 1.9.17p1 or later
 ✅ Monitor for suspicious  -R  option usage
 ✅ Disable  --chroot  in sudoers if patching is delayed With 303+ stars on GitHub and public exploit code available, the attack surface has exploded. This is one of the most urgent patches of 2025. 👀 Is your infrastructure patched? Read More : https://lnkd.in/eUanTyFD