#rce β Public Fediverse posts
Live and recent posts from across the Fediverse tagged #rce, aggregated by home.social.
-
πΊ https://peer.adalta.social/w/4F9RUQ9KjQV1ZmNJXxhV7U
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_who_116651432488536294_fr)
π [βΉοΈ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Une chance unique pour les projets de recherche ambitieux.
-
πΊ https://peer.adalta.social/w/4F9RUQ9KjQV1ZmNJXxhV7U
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_who_116651432488536294_fr)
π [βΉοΈ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Une chance unique pour les projets de recherche ambitieux.
-
πΊ https://peer.adalta.social/w/kpp5Nf6FZxdqfyPGgu94Jb
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_who_116651432488536294_en)
π [βΉοΈ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Established PIβs Risk Missed Funding Opportunity
-
πΊ https://peer.adalta.social/w/kpp5Nf6FZxdqfyPGgu94Jb
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_who_116651432488536294_en)
π [βΉοΈ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Established PIβs Risk Missed Funding Opportunity
-
πΊ https://peer.adalta.social/w/eKmu2b9PwiywiRHtCHzyCj
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_who_116651432488536294_de)
π [βΉοΈ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Die potenziellen Risiken einer fehlenden ReaktionsfΓ€higkeit
-
πΊ https://peer.adalta.social/w/eKmu2b9PwiywiRHtCHzyCj
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_who_116651432488536294_de)
π [βΉοΈ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Die potenziellen Risiken einer fehlenden ReaktionsfΓ€higkeit
-
π° Microsoft Patches High-Severity SharePoint RCE Vulnerability (CVE-2026-45659)
π¨ Microsoft patches high-severity RCE flaw (CVE-2026-45659, CVSS 8.8) in SharePoint Server. Authenticated attackers with low privileges can execute code remotely. On-premise admins: Patch now! #SharePoint #CyberSecurity #PatchTuesday #RCE
π cyber[.]netsecops[.]io
-
π° Microsoft Patches High-Severity SharePoint RCE Vulnerability (CVE-2026-45659)
π¨ Microsoft patches high-severity RCE flaw (CVE-2026-45659, CVSS 8.8) in SharePoint Server. Authenticated attackers with low privileges can execute code remotely. On-premise admins: Patch now! #SharePoint #CyberSecurity #PatchTuesday #RCE
π cyber[.]netsecops[.]io
-
β οΈ Falla in KnowledgeDeliver consente potenziale esecuzione di codice remoto: aggiornare subito e verificare le istanze esposte. #CyberSecurity #RCE
π https://www.tomshw.it/hardware/knowledgedeliver-zero-day-web-shell
-
β οΈ Falla in KnowledgeDeliver consente potenziale esecuzione di codice remoto: aggiornare subito e verificare le istanze esposte. #CyberSecurity #RCE
π https://www.tomshw.it/hardware/knowledgedeliver-zero-day-web-shell
-
β οΈ Falla in KnowledgeDeliver consente potenziale esecuzione di codice remoto: aggiornare subito e verificare le istanze esposte. #CyberSecurity #RCE
π https://www.tomshw.it/hardware/knowledgedeliver-zero-day-web-shell
-
πΊ https://peer.adalta.social/w/nuUytsQ8m3DAMv1Hhyrdge
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116639642464504807_fr)
π [βΉοΈ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Une PrΓ©sentation ΓphΓ©mΓ¨re, Soulignant l'Attente d'une Mise Γ Jour Significative
-
πΊ https://peer.adalta.social/w/nuUytsQ8m3DAMv1Hhyrdge
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116639642464504807_fr)
π [βΉοΈ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Une PrΓ©sentation ΓphΓ©mΓ¨re, Soulignant l'Attente d'une Mise Γ Jour Significative
-
πΊ https://peer.adalta.social/w/tr7hhuNs1xe1XR245aZHDz
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116639642464504807_en)
π [βΉοΈ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Epicβs strategic deployment of UE6 hinges on a targeted demonstration, masking critical information regarding its full capabilities and release timeline.
-
πΊ https://peer.adalta.social/w/tr7hhuNs1xe1XR245aZHDz
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116639642464504807_en)
π [βΉοΈ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Epicβs strategic deployment of UE6 hinges on a targeted demonstration, masking critical information regarding its full capabilities and release timeline.
-
πΊ https://peer.adalta.social/w/34XFPRxaHg9p896MiTHF7N
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116639642464504807_de)
π [βΉοΈ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Erste Szenen in βRocket Leagueβ β Was bedeutet das fΓΌr die Zukunft?
-
πΊ https://peer.adalta.social/w/34XFPRxaHg9p896MiTHF7N
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116639642464504807_de)
π [βΉοΈ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Erste Szenen in βRocket Leagueβ β Was bedeutet das fΓΌr die Zukunft?
-
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions
Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.
Pulse ID: 6a1187d92cdbfd79095008cd
Pulse Link: https://otx.alienvault.com/pulse/6a1187d92cdbfd79095008cd
Pulse Author: AlienVault
Created: 2026-05-23 10:56:25Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault
-
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions
Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.
Pulse ID: 6a1187d92cdbfd79095008cd
Pulse Link: https://otx.alienvault.com/pulse/6a1187d92cdbfd79095008cd
Pulse Author: AlienVault
Created: 2026-05-23 10:56:25Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault
-
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions
Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.
Pulse ID: 6a1187d92cdbfd79095008cd
Pulse Link: https://otx.alienvault.com/pulse/6a1187d92cdbfd79095008cd
Pulse Author: AlienVault
Created: 2026-05-23 10:56:25Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault
-
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions
Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.
Pulse ID: 6a1187d92cdbfd79095008cd
Pulse Link: https://otx.alienvault.com/pulse/6a1187d92cdbfd79095008cd
Pulse Author: AlienVault
Created: 2026-05-23 10:56:25Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault
-
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions
Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.
Pulse ID: 6a1187d92cdbfd79095008cd
Pulse Link: https://otx.alienvault.com/pulse/6a1187d92cdbfd79095008cd
Pulse Author: AlienVault
Created: 2026-05-23 10:56:25Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault
-
πΊ https://peer.adalta.social/w/iMG1zLCJB3nNAorqqKG4ZB
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_law_116634446789845717_fr)
π [βΉοΈ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")Analyse approfondie des dysfonctionnements au sein de l'application de la loi en GΓ©orgie.
#law #lawenforcement #rce #policeaccountability #decertified
-
πΊ https://peer.adalta.social/w/iMG1zLCJB3nNAorqqKG4ZB
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_law_116634446789845717_fr)
π [βΉοΈ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")Analyse approfondie des dysfonctionnements au sein de l'application de la loi en GΓ©orgie.
#law #lawenforcement #rce #policeaccountability #decertified
-
CVE, Shell ΠΈ ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°: ΠΈΡΠΏΡΡΡΠ²Π°Π΅ΠΌ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎΡΡΠΈ PT Cloud Application Firewall
ΠΡΠΈΠ²Π΅Ρ, Π₯Π°Π±Ρ! ΠΠ΅Π½Ρ Π·ΠΎΠ²ΡΡ ΠΠ²Π°Π½ Π§Π΅Π±ΠΎΡΠ°ΡΠ΅Π², ΠΈΠ½ΠΆΠ΅Π½Π΅Ρ Π½Π°ΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ Π·Π°ΡΠΈΡΡ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ Π² Π2 ΠΠΈΠ±Π΅ΡΠ±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΡ . Π ΡΡΠ°ΡΡΠ΅ ΡΠ°ΡΡΠΌΠΎΡΡΡ, ΠΊΠ°ΠΊ PT Cloud Application Firewall (ucWAF) ΡΠ΅Π°Π³ΠΈΡΡΠ΅Ρ Π½Π° ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ° ΠΏΠΎΡΠ»Π΅ RCE Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ΠΌ Π½ΠΎΠ²ΠΎΠΉ CVE-2025-55182 . ΠΡΠΎ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΡ Π² Next.js, ΠΎΡΠΊΡΡΠ²Π°ΡΡΠ°Ρ Remote Code Execution ΡΠ΅ΡΠ΅Π· ΠΌΠ΅Ρ Π°Π½ΠΈΠ·ΠΌ Server Actions. Π― ΡΠΎΠ±ΡΠ°Π» ΡΠ΅ΡΡΠΎΠ²ΡΠΉ ΡΡΠ΅Π½Π΄ Ρ ΡΡΠ·Π²ΠΈΠΌΡΠΌ Next.js-ΠΈ ΠΏΡΠΎΠ²Π΅ΡΠΈΠ»: ΠΊΠ»Π°ΡΡΠΈΡΠ΅ΡΠΊΠΈΠΉ Π²Π΅Π±-ΡΠ΅Π»Π», Reverse Shell ΠΈ ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°. Next.js β ΠΎΠ΄ΠΈΠ½ ΠΈΠ· ΡΠ°ΠΌΡΡ ΠΏΠΎΠΏΡΠ»ΡΡΠ½ΡΡ ΡΡΠ΅ΠΉΠΌΠ²ΠΎΡΠΊΠΎΠ² Π΄Π»Ρ ΡΡΠΎΠ½ΡΠ΅Π½Π΄Π°, Π° Server Actions Π²ΠΊΠ»ΡΡΠ΅Π½Ρ ΠΏΠΎ ΡΠΌΠΎΠ»ΡΠ°Π½ΠΈΡ Π½Π°ΡΠΈΠ½Π°Ρ Ρ 14-ΠΉ Π²Π΅ΡΡΠΈΠΈ. ΠΡΠ»ΠΈ Π²Ρ Π΄Π΅ΠΏΠ»ΠΎΠΈΡΠ΅ Next.js Π² ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°Ρ , ΡΡΠ° ΡΡΠ°ΡΡΡ ΠΏΠΎΠΊΠ°ΠΆΠ΅Ρ, ΠΊΠ°ΠΊ Π²ΡΠ³Π»ΡΠ΄ΠΈΡ ΠΏΠΎΠ»Π½Π°Ρ ΡΠ΅ΠΏΠΎΡΠΊΠ° ΠΎΡ RCE Π΄ΠΎ Π²ΡΡ ΠΎΠ΄Π° Π½Π° Ρ ΠΎΡΡ, ΠΈ Π½Π° ΠΊΠ°ΠΊΠΎΠΌ ΡΡΠ°ΠΏΠ΅ WAF ΠΌΠΎΠΆΠ΅Ρ Π΅Π΅ ΠΎΡΡΠ°Π½ΠΎΠ²ΠΈΡΡ.
https://habr.com/ru/companies/k2tech/articles/1038048/
#cve202555182 #nextjs #server_actions #waf #pt_cloud_application_firewall #rce #reverse_shell #ΠΏΠΎΠ±Π΅Π³_ΠΈΠ·_ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ° #docker
-
CVE, Shell ΠΈ ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°: ΠΈΡΠΏΡΡΡΠ²Π°Π΅ΠΌ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎΡΡΠΈ PT Cloud Application Firewall
ΠΡΠΈΠ²Π΅Ρ, Π₯Π°Π±Ρ! ΠΠ΅Π½Ρ Π·ΠΎΠ²ΡΡ ΠΠ²Π°Π½ Π§Π΅Π±ΠΎΡΠ°ΡΠ΅Π², ΠΈΠ½ΠΆΠ΅Π½Π΅Ρ Π½Π°ΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ Π·Π°ΡΠΈΡΡ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ Π² Π2 ΠΠΈΠ±Π΅ΡΠ±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΡ . Π ΡΡΠ°ΡΡΠ΅ ΡΠ°ΡΡΠΌΠΎΡΡΡ, ΠΊΠ°ΠΊ PT Cloud Application Firewall (ucWAF) ΡΠ΅Π°Π³ΠΈΡΡΠ΅Ρ Π½Π° ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ° ΠΏΠΎΡΠ»Π΅ RCE Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ΠΌ Π½ΠΎΠ²ΠΎΠΉ CVE-2025-55182 . ΠΡΠΎ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΡ Π² Next.js, ΠΎΡΠΊΡΡΠ²Π°ΡΡΠ°Ρ Remote Code Execution ΡΠ΅ΡΠ΅Π· ΠΌΠ΅Ρ Π°Π½ΠΈΠ·ΠΌ Server Actions. Π― ΡΠΎΠ±ΡΠ°Π» ΡΠ΅ΡΡΠΎΠ²ΡΠΉ ΡΡΠ΅Π½Π΄ Ρ ΡΡΠ·Π²ΠΈΠΌΡΠΌ Next.js-ΠΈ ΠΏΡΠΎΠ²Π΅ΡΠΈΠ»: ΠΊΠ»Π°ΡΡΠΈΡΠ΅ΡΠΊΠΈΠΉ Π²Π΅Π±-ΡΠ΅Π»Π», Reverse Shell ΠΈ ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°. Next.js β ΠΎΠ΄ΠΈΠ½ ΠΈΠ· ΡΠ°ΠΌΡΡ ΠΏΠΎΠΏΡΠ»ΡΡΠ½ΡΡ ΡΡΠ΅ΠΉΠΌΠ²ΠΎΡΠΊΠΎΠ² Π΄Π»Ρ ΡΡΠΎΠ½ΡΠ΅Π½Π΄Π°, Π° Server Actions Π²ΠΊΠ»ΡΡΠ΅Π½Ρ ΠΏΠΎ ΡΠΌΠΎΠ»ΡΠ°Π½ΠΈΡ Π½Π°ΡΠΈΠ½Π°Ρ Ρ 14-ΠΉ Π²Π΅ΡΡΠΈΠΈ. ΠΡΠ»ΠΈ Π²Ρ Π΄Π΅ΠΏΠ»ΠΎΠΈΡΠ΅ Next.js Π² ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°Ρ , ΡΡΠ° ΡΡΠ°ΡΡΡ ΠΏΠΎΠΊΠ°ΠΆΠ΅Ρ, ΠΊΠ°ΠΊ Π²ΡΠ³Π»ΡΠ΄ΠΈΡ ΠΏΠΎΠ»Π½Π°Ρ ΡΠ΅ΠΏΠΎΡΠΊΠ° ΠΎΡ RCE Π΄ΠΎ Π²ΡΡ ΠΎΠ΄Π° Π½Π° Ρ ΠΎΡΡ, ΠΈ Π½Π° ΠΊΠ°ΠΊΠΎΠΌ ΡΡΠ°ΠΏΠ΅ WAF ΠΌΠΎΠΆΠ΅Ρ Π΅Π΅ ΠΎΡΡΠ°Π½ΠΎΠ²ΠΈΡΡ.
https://habr.com/ru/companies/k2tech/articles/1038048/
#cve202555182 #nextjs #server_actions #waf #pt_cloud_application_firewall #rce #reverse_shell #ΠΏΠΎΠ±Π΅Π³_ΠΈΠ·_ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ° #docker
-
CVE, Shell ΠΈ ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°: ΠΈΡΠΏΡΡΡΠ²Π°Π΅ΠΌ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎΡΡΠΈ PT Cloud Application Firewall
ΠΡΠΈΠ²Π΅Ρ, Π₯Π°Π±Ρ! ΠΠ΅Π½Ρ Π·ΠΎΠ²ΡΡ ΠΠ²Π°Π½ Π§Π΅Π±ΠΎΡΠ°ΡΠ΅Π², ΠΈΠ½ΠΆΠ΅Π½Π΅Ρ Π½Π°ΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ Π·Π°ΡΠΈΡΡ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ Π² Π2 ΠΠΈΠ±Π΅ΡΠ±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΡ . Π ΡΡΠ°ΡΡΠ΅ ΡΠ°ΡΡΠΌΠΎΡΡΡ, ΠΊΠ°ΠΊ PT Cloud Application Firewall (ucWAF) ΡΠ΅Π°Π³ΠΈΡΡΠ΅Ρ Π½Π° ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ° ΠΏΠΎΡΠ»Π΅ RCE Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ΠΌ Π½ΠΎΠ²ΠΎΠΉ CVE-2025-55182 . ΠΡΠΎ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΡ Π² Next.js, ΠΎΡΠΊΡΡΠ²Π°ΡΡΠ°Ρ Remote Code Execution ΡΠ΅ΡΠ΅Π· ΠΌΠ΅Ρ Π°Π½ΠΈΠ·ΠΌ Server Actions. Π― ΡΠΎΠ±ΡΠ°Π» ΡΠ΅ΡΡΠΎΠ²ΡΠΉ ΡΡΠ΅Π½Π΄ Ρ ΡΡΠ·Π²ΠΈΠΌΡΠΌ Next.js-ΠΈ ΠΏΡΠΎΠ²Π΅ΡΠΈΠ»: ΠΊΠ»Π°ΡΡΠΈΡΠ΅ΡΠΊΠΈΠΉ Π²Π΅Π±-ΡΠ΅Π»Π», Reverse Shell ΠΈ ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°. Next.js β ΠΎΠ΄ΠΈΠ½ ΠΈΠ· ΡΠ°ΠΌΡΡ ΠΏΠΎΠΏΡΠ»ΡΡΠ½ΡΡ ΡΡΠ΅ΠΉΠΌΠ²ΠΎΡΠΊΠΎΠ² Π΄Π»Ρ ΡΡΠΎΠ½ΡΠ΅Π½Π΄Π°, Π° Server Actions Π²ΠΊΠ»ΡΡΠ΅Π½Ρ ΠΏΠΎ ΡΠΌΠΎΠ»ΡΠ°Π½ΠΈΡ Π½Π°ΡΠΈΠ½Π°Ρ Ρ 14-ΠΉ Π²Π΅ΡΡΠΈΠΈ. ΠΡΠ»ΠΈ Π²Ρ Π΄Π΅ΠΏΠ»ΠΎΠΈΡΠ΅ Next.js Π² ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°Ρ , ΡΡΠ° ΡΡΠ°ΡΡΡ ΠΏΠΎΠΊΠ°ΠΆΠ΅Ρ, ΠΊΠ°ΠΊ Π²ΡΠ³Π»ΡΠ΄ΠΈΡ ΠΏΠΎΠ»Π½Π°Ρ ΡΠ΅ΠΏΠΎΡΠΊΠ° ΠΎΡ RCE Π΄ΠΎ Π²ΡΡ ΠΎΠ΄Π° Π½Π° Ρ ΠΎΡΡ, ΠΈ Π½Π° ΠΊΠ°ΠΊΠΎΠΌ ΡΡΠ°ΠΏΠ΅ WAF ΠΌΠΎΠΆΠ΅Ρ Π΅Π΅ ΠΎΡΡΠ°Π½ΠΎΠ²ΠΈΡΡ.
https://habr.com/ru/companies/k2tech/articles/1038048/
#cve202555182 #nextjs #server_actions #waf #pt_cloud_application_firewall #rce #reverse_shell #ΠΏΠΎΠ±Π΅Π³_ΠΈΠ·_ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ° #docker
-
CVE, Shell ΠΈ ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°: ΠΈΡΠΏΡΡΡΠ²Π°Π΅ΠΌ Π²ΠΎΠ·ΠΌΠΎΠΆΠ½ΠΎΡΡΠΈ PT Cloud Application Firewall
ΠΡΠΈΠ²Π΅Ρ, Π₯Π°Π±Ρ! ΠΠ΅Π½Ρ Π·ΠΎΠ²ΡΡ ΠΠ²Π°Π½ Π§Π΅Π±ΠΎΡΠ°ΡΠ΅Π², ΠΈΠ½ΠΆΠ΅Π½Π΅Ρ Π½Π°ΠΏΡΠ°Π²Π»Π΅Π½ΠΈΡ Π·Π°ΡΠΈΡΡ ΠΏΡΠΈΠ»ΠΎΠΆΠ΅Π½ΠΈΠΉ Π² Π2 ΠΠΈΠ±Π΅ΡΠ±Π΅Π·ΠΎΠΏΠ°ΡΠ½ΠΎΡΡΡ . Π ΡΡΠ°ΡΡΠ΅ ΡΠ°ΡΡΠΌΠΎΡΡΡ, ΠΊΠ°ΠΊ PT Cloud Application Firewall (ucWAF) ΡΠ΅Π°Π³ΠΈΡΡΠ΅Ρ Π½Π° ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ° ΠΏΠΎΡΠ»Π΅ RCE Ρ ΠΈΡΠΏΠΎΠ»ΡΠ·ΠΎΠ²Π°Π½ΠΈΠ΅ΠΌ Π½ΠΎΠ²ΠΎΠΉ CVE-2025-55182 . ΠΡΠΎ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΡ Π² Next.js, ΠΎΡΠΊΡΡΠ²Π°ΡΡΠ°Ρ Remote Code Execution ΡΠ΅ΡΠ΅Π· ΠΌΠ΅Ρ Π°Π½ΠΈΠ·ΠΌ Server Actions. Π― ΡΠΎΠ±ΡΠ°Π» ΡΠ΅ΡΡΠΎΠ²ΡΠΉ ΡΡΠ΅Π½Π΄ Ρ ΡΡΠ·Π²ΠΈΠΌΡΠΌ Next.js-ΠΈ ΠΏΡΠΎΠ²Π΅ΡΠΈΠ»: ΠΊΠ»Π°ΡΡΠΈΡΠ΅ΡΠΊΠΈΠΉ Π²Π΅Π±-ΡΠ΅Π»Π», Reverse Shell ΠΈ ΠΏΠΎΠ±Π΅Π³ ΠΈΠ· ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°. Next.js β ΠΎΠ΄ΠΈΠ½ ΠΈΠ· ΡΠ°ΠΌΡΡ ΠΏΠΎΠΏΡΠ»ΡΡΠ½ΡΡ ΡΡΠ΅ΠΉΠΌΠ²ΠΎΡΠΊΠΎΠ² Π΄Π»Ρ ΡΡΠΎΠ½ΡΠ΅Π½Π΄Π°, Π° Server Actions Π²ΠΊΠ»ΡΡΠ΅Π½Ρ ΠΏΠΎ ΡΠΌΠΎΠ»ΡΠ°Π½ΠΈΡ Π½Π°ΡΠΈΠ½Π°Ρ Ρ 14-ΠΉ Π²Π΅ΡΡΠΈΠΈ. ΠΡΠ»ΠΈ Π²Ρ Π΄Π΅ΠΏΠ»ΠΎΠΈΡΠ΅ Next.js Π² ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ°Ρ , ΡΡΠ° ΡΡΠ°ΡΡΡ ΠΏΠΎΠΊΠ°ΠΆΠ΅Ρ, ΠΊΠ°ΠΊ Π²ΡΠ³Π»ΡΠ΄ΠΈΡ ΠΏΠΎΠ»Π½Π°Ρ ΡΠ΅ΠΏΠΎΡΠΊΠ° ΠΎΡ RCE Π΄ΠΎ Π²ΡΡ ΠΎΠ΄Π° Π½Π° Ρ ΠΎΡΡ, ΠΈ Π½Π° ΠΊΠ°ΠΊΠΎΠΌ ΡΡΠ°ΠΏΠ΅ WAF ΠΌΠΎΠΆΠ΅Ρ Π΅Π΅ ΠΎΡΡΠ°Π½ΠΎΠ²ΠΈΡΡ.
https://habr.com/ru/companies/k2tech/articles/1038048/
#cve202555182 #nextjs #server_actions #waf #pt_cloud_application_firewall #rce #reverse_shell #ΠΏΠΎΠ±Π΅Π³_ΠΈΠ·_ΠΊΠΎΠ½ΡΠ΅ΠΉΠ½Π΅ΡΠ° #docker
-
πΊ https://peer.adalta.social/w/f5CJYsk2S3r6E33QkAqY2k
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_law_116634446789845717_en)
π [βΉοΈ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")The systemic failures within Oklahoma law enforcement demand immediate scrutiny and proactive reform strategies.
#law #lawenforcement #rce #policeaccountability #decertified
-
πΊ https://peer.adalta.social/w/f5CJYsk2S3r6E33QkAqY2k
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_law_116634446789845717_en)
π [βΉοΈ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")The systemic failures within Oklahoma law enforcement demand immediate scrutiny and proactive reform strategies.
#law #lawenforcement #rce #policeaccountability #decertified
-
πΊ https://peer.adalta.social/w/9kSyVrRG8b89NwuwU8ZkGG
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_law_116634446789845717_de)
π [βΉοΈ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")Die Analyse einer jahrzehntelangen Geschichte von Fehlverhalten und dem Verlust der GlaubwΓΌrdigkeit.
#law #lawenforcement #rce #policeaccountability #decertified
-
πΊ https://peer.adalta.social/w/9kSyVrRG8b89NwuwU8ZkGG
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_law_116634446789845717_de)
π [βΉοΈ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")Die Analyse einer jahrzehntelangen Geschichte von Fehlverhalten und dem Verlust der GlaubwΓΌrdigkeit.
#law #lawenforcement #rce #policeaccountability #decertified
-
πΊ https://peer.adalta.social/w/cWSGv8iyjZhDZMqoKP9Z8K
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116634098171239795_fr)
π [βΉοΈ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Une crise politique potentielle et des implications juridiques majeures pour le SΓ©nateur Boldman.
-
πΊ https://peer.adalta.social/w/cWSGv8iyjZhDZMqoKP9Z8K
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116634098171239795_fr)
π [βΉοΈ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Une crise politique potentielle et des implications juridiques majeures pour le SΓ©nateur Boldman.
-
πΊ https://peer.adalta.social/w/jvmrgjCd2TdTW7vJwjSwQq
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116634098171239795_en)
π [βΉοΈ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")The release of critical DUI footage presents a significant reputational and political challenge for Senator Boldman and the Montana legislature.
-
πΊ https://peer.adalta.social/w/jvmrgjCd2TdTW7vJwjSwQq
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116634098171239795_en)
π [βΉοΈ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")The release of critical DUI footage presents a significant reputational and political challenge for Senator Boldman and the Montana legislature.
-
πΊ https://peer.adalta.social/w/eso6C17hDAneajVhmrNPkb
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116634098171239795_de)
π [βΉοΈ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Die Freigabe von 34 Minuten DUI-Fahrtaufnahmen stellt einen ernsthaften Reputationsschaden dar.
-
πΊ https://peer.adalta.social/w/eso6C17hDAneajVhmrNPkb
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_release_116634098171239795_de)
π [βΉοΈ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Die Freigabe von 34 Minuten DUI-Fahrtaufnahmen stellt einen ernsthaften Reputationsschaden dar.
-
$148,337 #BugBounty paid by Google to a researcher (@brutecat) who found debug endpoints on Google Cloud allowing to configure privileged workflows leading to full #RCE in Google Cloud production (CVE-2026-2031)
#CloudSecurity #BugBountyTips
π
https://brutecat.com/articles/google-cloud-rce/ -
$148,337 #BugBounty paid by Google to a researcher (@brutecat) who found debug endpoints on Google Cloud allowing to configure privileged workflows leading to full #RCE in Google Cloud production (CVE-2026-2031)
#CloudSecurity #BugBountyTips
π
https://brutecat.com/articles/google-cloud-rce/ -
$148,337 #BugBounty paid by Google to a researcher (@brutecat) who found debug endpoints on Google Cloud allowing to configure privileged workflows leading to full #RCE in Google Cloud production (CVE-2026-2031)
#CloudSecurity #BugBountyTips
π
https://brutecat.com/articles/google-cloud-rce/ -
$148,337 #BugBounty paid by Google to a researcher (@brutecat) who found debug endpoints on Google Cloud allowing to configure privileged workflows leading to full #RCE in Google Cloud production (CVE-2026-2031)
#CloudSecurity #BugBountyTips
π
https://brutecat.com/articles/google-cloud-rce/ -
$148,337 #BugBounty paid by Google to a researcher (@brutecat) who found debug endpoints on Google Cloud allowing to configure privileged workflows leading to full #RCE in Google Cloud production (CVE-2026-2031)
#CloudSecurity #BugBountyTips
π
https://brutecat.com/articles/google-cloud-rce/ -
Android Malware Forces Hidden Premium Service Subscriptions
Pulse ID: 6a12dc1c3f49b8b35effd5b8
Pulse Link: https://otx.alienvault.com/pulse/6a12dc1c3f49b8b35effd5b8
Pulse Author: cryptocti
Created: 2026-05-24 11:08:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RCE #bot #cryptocti
-
Android Malware Forces Hidden Premium Service Subscriptions
Pulse ID: 6a12dc1c3f49b8b35effd5b8
Pulse Link: https://otx.alienvault.com/pulse/6a12dc1c3f49b8b35effd5b8
Pulse Author: cryptocti
Created: 2026-05-24 11:08:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RCE #bot #cryptocti
-
Android Malware Forces Hidden Premium Service Subscriptions
Pulse ID: 6a12dc1c3f49b8b35effd5b8
Pulse Link: https://otx.alienvault.com/pulse/6a12dc1c3f49b8b35effd5b8
Pulse Author: cryptocti
Created: 2026-05-24 11:08:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RCE #bot #cryptocti
-
Android Malware Forces Hidden Premium Service Subscriptions
Pulse ID: 6a12dc1c3f49b8b35effd5b8
Pulse Link: https://otx.alienvault.com/pulse/6a12dc1c3f49b8b35effd5b8
Pulse Author: cryptocti
Created: 2026-05-24 11:08:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RCE #bot #cryptocti
-
Android Malware Forces Hidden Premium Service Subscriptions
Pulse ID: 6a12dc1c3f49b8b35effd5b8
Pulse Link: https://otx.alienvault.com/pulse/6a12dc1c3f49b8b35effd5b8
Pulse Author: cryptocti
Created: 2026-05-24 11:08:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RCE #bot #cryptocti
-
πΊ https://peer.adalta.social/w/iYgGRavWfn2EywpfKUNyqM
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_privacy_116628435824362399_fr)
π [βΉοΈ](https://summed.news/article/oklahoma-biometrics-privacy-law-s-territorial-reach-limited-appeals-court-says-54026f4c?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Un Verdict qui Remet en Question les Droits des Citoyens
-
πΊ https://peer.adalta.social/w/iYgGRavWfn2EywpfKUNyqM
π [π©πͺπΊπΈπ«π·](https://adalta.info/articles/prstn_privacy_116628435824362399_fr)
π [βΉοΈ](https://summed.news/article/oklahoma-biometrics-privacy-law-s-territorial-reach-limited-appeals-court-says-54026f4c?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Un Verdict qui Remet en Question les Droits des Citoyens