#rce โ Public Fediverse posts
Live and recent posts from across the Fediverse tagged #rce, aggregated by home.social.
-
๐บ https://peer.adalta.social/w/4F9RUQ9KjQV1ZmNJXxhV7U
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_who_116651432488536294_fr)
๐ [โน๏ธ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Une chance unique pour les projets de recherche ambitieux.
-
๐บ https://peer.adalta.social/w/4F9RUQ9KjQV1ZmNJXxhV7U
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_who_116651432488536294_fr)
๐ [โน๏ธ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Une chance unique pour les projets de recherche ambitieux.
-
๐บ https://peer.adalta.social/w/kpp5Nf6FZxdqfyPGgu94Jb
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_who_116651432488536294_en)
๐ [โน๏ธ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Established PIโs Risk Missed Funding Opportunity
-
๐บ https://peer.adalta.social/w/kpp5Nf6FZxdqfyPGgu94Jb
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_who_116651432488536294_en)
๐ [โน๏ธ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Established PIโs Risk Missed Funding Opportunity
-
๐บ https://peer.adalta.social/w/eKmu2b9PwiywiRHtCHzyCj
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_who_116651432488536294_de)
๐ [โน๏ธ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Die potenziellen Risiken einer fehlenden Reaktionsfรคhigkeit
-
๐บ https://peer.adalta.social/w/eKmu2b9PwiywiRHtCHzyCj
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_who_116651432488536294_de)
๐ [โน๏ธ](https://rxn.mbp-rnc.com/26aav.html?utm_source=Mastodon&utm_medium=social&utm_campaign=funding_calls_organic")Die potenziellen Risiken einer fehlenden Reaktionsfรคhigkeit
-
๐ฐ Microsoft Patches High-Severity SharePoint RCE Vulnerability (CVE-2026-45659)
๐จ Microsoft patches high-severity RCE flaw (CVE-2026-45659, CVSS 8.8) in SharePoint Server. Authenticated attackers with low privileges can execute code remotely. On-premise admins: Patch now! #SharePoint #CyberSecurity #PatchTuesday #RCE
๐ cyber[.]netsecops[.]io
-
๐ฐ Microsoft Patches High-Severity SharePoint RCE Vulnerability (CVE-2026-45659)
๐จ Microsoft patches high-severity RCE flaw (CVE-2026-45659, CVSS 8.8) in SharePoint Server. Authenticated attackers with low privileges can execute code remotely. On-premise admins: Patch now! #SharePoint #CyberSecurity #PatchTuesday #RCE
๐ cyber[.]netsecops[.]io
-
โ ๏ธ Falla in KnowledgeDeliver consente potenziale esecuzione di codice remoto: aggiornare subito e verificare le istanze esposte. #CyberSecurity #RCE
๐ https://www.tomshw.it/hardware/knowledgedeliver-zero-day-web-shell
-
โ ๏ธ Falla in KnowledgeDeliver consente potenziale esecuzione di codice remoto: aggiornare subito e verificare le istanze esposte. #CyberSecurity #RCE
๐ https://www.tomshw.it/hardware/knowledgedeliver-zero-day-web-shell
-
โ ๏ธ Falla in KnowledgeDeliver consente potenziale esecuzione di codice remoto: aggiornare subito e verificare le istanze esposte. #CyberSecurity #RCE
๐ https://www.tomshw.it/hardware/knowledgedeliver-zero-day-web-shell
-
๐บ https://peer.adalta.social/w/nuUytsQ8m3DAMv1Hhyrdge
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116639642464504807_fr)
๐ [โน๏ธ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Une Prรฉsentation รphรฉmรจre, Soulignant l'Attente d'une Mise ร Jour Significative
-
๐บ https://peer.adalta.social/w/nuUytsQ8m3DAMv1Hhyrdge
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116639642464504807_fr)
๐ [โน๏ธ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Une Prรฉsentation รphรฉmรจre, Soulignant l'Attente d'une Mise ร Jour Significative
-
๐บ https://peer.adalta.social/w/tr7hhuNs1xe1XR245aZHDz
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116639642464504807_en)
๐ [โน๏ธ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Epicโs strategic deployment of UE6 hinges on a targeted demonstration, masking critical information regarding its full capabilities and release timeline.
-
๐บ https://peer.adalta.social/w/tr7hhuNs1xe1XR245aZHDz
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116639642464504807_en)
๐ [โน๏ธ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Epicโs strategic deployment of UE6 hinges on a targeted demonstration, masking critical information regarding its full capabilities and release timeline.
-
๐บ https://peer.adalta.social/w/34XFPRxaHg9p896MiTHF7N
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116639642464504807_de)
๐ [โน๏ธ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Erste Szenen in โRocket Leagueโ โ Was bedeutet das fรผr die Zukunft?
-
๐บ https://peer.adalta.social/w/34XFPRxaHg9p896MiTHF7N
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116639642464504807_de)
๐ [โน๏ธ](https://www.heise.de/news/Unreal-Engine-6-Epic-zeigt-erste-Szenen-in-Rocket-League-11305854.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon")Erste Szenen in โRocket Leagueโ โ Was bedeutet das fรผr die Zukunft?
-
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions
Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.
Pulse ID: 6a1187d92cdbfd79095008cd
Pulse Link: https://otx.alienvault.com/pulse/6a1187d92cdbfd79095008cd
Pulse Author: AlienVault
Created: 2026-05-23 10:56:25Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault
-
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions
Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.
Pulse ID: 6a1187d92cdbfd79095008cd
Pulse Link: https://otx.alienvault.com/pulse/6a1187d92cdbfd79095008cd
Pulse Author: AlienVault
Created: 2026-05-23 10:56:25Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault
-
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions
Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.
Pulse ID: 6a1187d92cdbfd79095008cd
Pulse Link: https://otx.alienvault.com/pulse/6a1187d92cdbfd79095008cd
Pulse Author: AlienVault
Created: 2026-05-23 10:56:25Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault
-
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions
Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.
Pulse ID: 6a1187d92cdbfd79095008cd
Pulse Link: https://otx.alienvault.com/pulse/6a1187d92cdbfd79095008cd
Pulse Author: AlienVault
Created: 2026-05-23 10:56:25Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault
-
Laravel Lang Compromised with RCE Backdoor Across 700+ Versions
Community-maintained Laravel Lang packages were compromised with remote code execution backdoors affecting over 700 versions across multiple repositories including laravel-lang/lang, laravel-lang/http-statuses, laravel-lang/attributes, and laravel-lang/actions. The attack involved coordinated rapid tag publishing on May 22-23, 2026, suggesting organization-level credential compromise. A malicious helpers.php file was automatically executed via Composer's autoloader, deploying a sophisticated cross-platform information stealer. The second-stage payload systematically harvested credentials from cloud infrastructure, Kubernetes, CI/CD systems, browsers, password managers, cryptocurrency wallets, VPN clients, and local configurations. Stolen data was encrypted and exfiltrated to a command-and-control server. The backdoor employed advanced evasion techniques including TLS verification bypass, per-host execution markers, and embedded Windows executables to bypass Chrome encryption protections.
Pulse ID: 6a1187d92cdbfd79095008cd
Pulse Link: https://otx.alienvault.com/pulse/6a1187d92cdbfd79095008cd
Pulse Author: AlienVault
Created: 2026-05-23 10:56:25Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #Browser #Chrome #Cloud #CyberSecurity #Encryption #HTTP #InfoSec #OTX #OpenThreatExchange #PHP #Password #RAT #RCE #RemoteCodeExecution #TLS #VPN #Windows #Word #bot #cryptocurrency #AlienVault
-
๐บ https://peer.adalta.social/w/iMG1zLCJB3nNAorqqKG4ZB
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_law_116634446789845717_fr)
๐ [โน๏ธ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")Analyse approfondie des dysfonctionnements au sein de l'application de la loi en Gรฉorgie.
#law #lawenforcement #rce #policeaccountability #decertified
-
๐บ https://peer.adalta.social/w/iMG1zLCJB3nNAorqqKG4ZB
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_law_116634446789845717_fr)
๐ [โน๏ธ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")Analyse approfondie des dysfonctionnements au sein de l'application de la loi en Gรฉorgie.
#law #lawenforcement #rce #policeaccountability #decertified
-
CVE, Shell ะธ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ: ะธัะฟัััะฒะฐะตะผ ะฒะพะทะผะพะถะฝะพััะธ PT Cloud Application Firewall
ะัะธะฒะตั, ะฅะฐะฑั! ะะตะฝั ะทะพะฒัั ะะฒะฐะฝ ะงะตะฑะพัะฐัะตะฒ, ะธะฝะถะตะฝะตั ะฝะฐะฟัะฐะฒะปะตะฝะธั ะทะฐัะธัั ะฟัะธะปะพะถะตะฝะธะน ะฒ ะ2 ะะธะฑะตัะฑะตะทะพะฟะฐัะฝะพััั . ะ ััะฐััะต ัะฐััะผะพััั, ะบะฐะบ PT Cloud Application Firewall (ucWAF) ัะตะฐะณะธััะตั ะฝะฐ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ ะฟะพัะปะต RCE ั ะธัะฟะพะปัะทะพะฒะฐะฝะธะตะผ ะฝะพะฒะพะน CVE-2025-55182 . ะญัะพ ััะทะฒะธะผะพััั ะฒ Next.js, ะพัะบััะฒะฐััะฐั Remote Code Execution ัะตัะตะท ะผะตั ะฐะฝะธะทะผ Server Actions. ะฏ ัะพะฑัะฐะป ัะตััะพะฒัะน ััะตะฝะด ั ััะทะฒะธะผัะผ Next.js-ะธ ะฟัะพะฒะตัะธะป: ะบะปะฐััะธัะตัะบะธะน ะฒะตะฑ-ัะตะปะป, Reverse Shell ะธ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ. Next.js โ ะพะดะธะฝ ะธะท ัะฐะผัั ะฟะพะฟัะปััะฝัั ััะตะนะผะฒะพัะบะพะฒ ะดะปั ััะพะฝัะตะฝะดะฐ, ะฐ Server Actions ะฒะบะปััะตะฝั ะฟะพ ัะผะพะปัะฐะฝะธั ะฝะฐัะธะฝะฐั ั 14-ะน ะฒะตััะธะธ. ะัะปะธ ะฒั ะดะตะฟะปะพะธัะต Next.js ะฒ ะบะพะฝัะตะนะฝะตัะฐั , ััะฐ ััะฐััั ะฟะพะบะฐะถะตั, ะบะฐะบ ะฒัะณะปัะดะธั ะฟะพะปะฝะฐั ัะตะฟะพัะบะฐ ะพั RCE ะดะพ ะฒัั ะพะดะฐ ะฝะฐ ั ะพัั, ะธ ะฝะฐ ะบะฐะบะพะผ ััะฐะฟะต WAF ะผะพะถะตั ะตะต ะพััะฐะฝะพะฒะธัั.
https://habr.com/ru/companies/k2tech/articles/1038048/
#cve202555182 #nextjs #server_actions #waf #pt_cloud_application_firewall #rce #reverse_shell #ะฟะพะฑะตะณ_ะธะท_ะบะพะฝัะตะนะฝะตัะฐ #docker
-
CVE, Shell ะธ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ: ะธัะฟัััะฒะฐะตะผ ะฒะพะทะผะพะถะฝะพััะธ PT Cloud Application Firewall
ะัะธะฒะตั, ะฅะฐะฑั! ะะตะฝั ะทะพะฒัั ะะฒะฐะฝ ะงะตะฑะพัะฐัะตะฒ, ะธะฝะถะตะฝะตั ะฝะฐะฟัะฐะฒะปะตะฝะธั ะทะฐัะธัั ะฟัะธะปะพะถะตะฝะธะน ะฒ ะ2 ะะธะฑะตัะฑะตะทะพะฟะฐัะฝะพััั . ะ ััะฐััะต ัะฐััะผะพััั, ะบะฐะบ PT Cloud Application Firewall (ucWAF) ัะตะฐะณะธััะตั ะฝะฐ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ ะฟะพัะปะต RCE ั ะธัะฟะพะปัะทะพะฒะฐะฝะธะตะผ ะฝะพะฒะพะน CVE-2025-55182 . ะญัะพ ััะทะฒะธะผะพััั ะฒ Next.js, ะพัะบััะฒะฐััะฐั Remote Code Execution ัะตัะตะท ะผะตั ะฐะฝะธะทะผ Server Actions. ะฏ ัะพะฑัะฐะป ัะตััะพะฒัะน ััะตะฝะด ั ััะทะฒะธะผัะผ Next.js-ะธ ะฟัะพะฒะตัะธะป: ะบะปะฐััะธัะตัะบะธะน ะฒะตะฑ-ัะตะปะป, Reverse Shell ะธ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ. Next.js โ ะพะดะธะฝ ะธะท ัะฐะผัั ะฟะพะฟัะปััะฝัั ััะตะนะผะฒะพัะบะพะฒ ะดะปั ััะพะฝัะตะฝะดะฐ, ะฐ Server Actions ะฒะบะปััะตะฝั ะฟะพ ัะผะพะปัะฐะฝะธั ะฝะฐัะธะฝะฐั ั 14-ะน ะฒะตััะธะธ. ะัะปะธ ะฒั ะดะตะฟะปะพะธัะต Next.js ะฒ ะบะพะฝัะตะนะฝะตัะฐั , ััะฐ ััะฐััั ะฟะพะบะฐะถะตั, ะบะฐะบ ะฒัะณะปัะดะธั ะฟะพะปะฝะฐั ัะตะฟะพัะบะฐ ะพั RCE ะดะพ ะฒัั ะพะดะฐ ะฝะฐ ั ะพัั, ะธ ะฝะฐ ะบะฐะบะพะผ ััะฐะฟะต WAF ะผะพะถะตั ะตะต ะพััะฐะฝะพะฒะธัั.
https://habr.com/ru/companies/k2tech/articles/1038048/
#cve202555182 #nextjs #server_actions #waf #pt_cloud_application_firewall #rce #reverse_shell #ะฟะพะฑะตะณ_ะธะท_ะบะพะฝัะตะนะฝะตัะฐ #docker
-
CVE, Shell ะธ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ: ะธัะฟัััะฒะฐะตะผ ะฒะพะทะผะพะถะฝะพััะธ PT Cloud Application Firewall
ะัะธะฒะตั, ะฅะฐะฑั! ะะตะฝั ะทะพะฒัั ะะฒะฐะฝ ะงะตะฑะพัะฐัะตะฒ, ะธะฝะถะตะฝะตั ะฝะฐะฟัะฐะฒะปะตะฝะธั ะทะฐัะธัั ะฟัะธะปะพะถะตะฝะธะน ะฒ ะ2 ะะธะฑะตัะฑะตะทะพะฟะฐัะฝะพััั . ะ ััะฐััะต ัะฐััะผะพััั, ะบะฐะบ PT Cloud Application Firewall (ucWAF) ัะตะฐะณะธััะตั ะฝะฐ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ ะฟะพัะปะต RCE ั ะธัะฟะพะปัะทะพะฒะฐะฝะธะตะผ ะฝะพะฒะพะน CVE-2025-55182 . ะญัะพ ััะทะฒะธะผะพััั ะฒ Next.js, ะพัะบััะฒะฐััะฐั Remote Code Execution ัะตัะตะท ะผะตั ะฐะฝะธะทะผ Server Actions. ะฏ ัะพะฑัะฐะป ัะตััะพะฒัะน ััะตะฝะด ั ััะทะฒะธะผัะผ Next.js-ะธ ะฟัะพะฒะตัะธะป: ะบะปะฐััะธัะตัะบะธะน ะฒะตะฑ-ัะตะปะป, Reverse Shell ะธ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ. Next.js โ ะพะดะธะฝ ะธะท ัะฐะผัั ะฟะพะฟัะปััะฝัั ััะตะนะผะฒะพัะบะพะฒ ะดะปั ััะพะฝัะตะฝะดะฐ, ะฐ Server Actions ะฒะบะปััะตะฝั ะฟะพ ัะผะพะปัะฐะฝะธั ะฝะฐัะธะฝะฐั ั 14-ะน ะฒะตััะธะธ. ะัะปะธ ะฒั ะดะตะฟะปะพะธัะต Next.js ะฒ ะบะพะฝัะตะนะฝะตัะฐั , ััะฐ ััะฐััั ะฟะพะบะฐะถะตั, ะบะฐะบ ะฒัะณะปัะดะธั ะฟะพะปะฝะฐั ัะตะฟะพัะบะฐ ะพั RCE ะดะพ ะฒัั ะพะดะฐ ะฝะฐ ั ะพัั, ะธ ะฝะฐ ะบะฐะบะพะผ ััะฐะฟะต WAF ะผะพะถะตั ะตะต ะพััะฐะฝะพะฒะธัั.
https://habr.com/ru/companies/k2tech/articles/1038048/
#cve202555182 #nextjs #server_actions #waf #pt_cloud_application_firewall #rce #reverse_shell #ะฟะพะฑะตะณ_ะธะท_ะบะพะฝัะตะนะฝะตัะฐ #docker
-
CVE, Shell ะธ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ: ะธัะฟัััะฒะฐะตะผ ะฒะพะทะผะพะถะฝะพััะธ PT Cloud Application Firewall
ะัะธะฒะตั, ะฅะฐะฑั! ะะตะฝั ะทะพะฒัั ะะฒะฐะฝ ะงะตะฑะพัะฐัะตะฒ, ะธะฝะถะตะฝะตั ะฝะฐะฟัะฐะฒะปะตะฝะธั ะทะฐัะธัั ะฟัะธะปะพะถะตะฝะธะน ะฒ ะ2 ะะธะฑะตัะฑะตะทะพะฟะฐัะฝะพััั . ะ ััะฐััะต ัะฐััะผะพััั, ะบะฐะบ PT Cloud Application Firewall (ucWAF) ัะตะฐะณะธััะตั ะฝะฐ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ ะฟะพัะปะต RCE ั ะธัะฟะพะปัะทะพะฒะฐะฝะธะตะผ ะฝะพะฒะพะน CVE-2025-55182 . ะญัะพ ััะทะฒะธะผะพััั ะฒ Next.js, ะพัะบััะฒะฐััะฐั Remote Code Execution ัะตัะตะท ะผะตั ะฐะฝะธะทะผ Server Actions. ะฏ ัะพะฑัะฐะป ัะตััะพะฒัะน ััะตะฝะด ั ััะทะฒะธะผัะผ Next.js-ะธ ะฟัะพะฒะตัะธะป: ะบะปะฐััะธัะตัะบะธะน ะฒะตะฑ-ัะตะปะป, Reverse Shell ะธ ะฟะพะฑะตะณ ะธะท ะบะพะฝัะตะนะฝะตัะฐ. Next.js โ ะพะดะธะฝ ะธะท ัะฐะผัั ะฟะพะฟัะปััะฝัั ััะตะนะผะฒะพัะบะพะฒ ะดะปั ััะพะฝัะตะฝะดะฐ, ะฐ Server Actions ะฒะบะปััะตะฝั ะฟะพ ัะผะพะปัะฐะฝะธั ะฝะฐัะธะฝะฐั ั 14-ะน ะฒะตััะธะธ. ะัะปะธ ะฒั ะดะตะฟะปะพะธัะต Next.js ะฒ ะบะพะฝัะตะนะฝะตัะฐั , ััะฐ ััะฐััั ะฟะพะบะฐะถะตั, ะบะฐะบ ะฒัะณะปัะดะธั ะฟะพะปะฝะฐั ัะตะฟะพัะบะฐ ะพั RCE ะดะพ ะฒัั ะพะดะฐ ะฝะฐ ั ะพัั, ะธ ะฝะฐ ะบะฐะบะพะผ ััะฐะฟะต WAF ะผะพะถะตั ะตะต ะพััะฐะฝะพะฒะธัั.
https://habr.com/ru/companies/k2tech/articles/1038048/
#cve202555182 #nextjs #server_actions #waf #pt_cloud_application_firewall #rce #reverse_shell #ะฟะพะฑะตะณ_ะธะท_ะบะพะฝัะตะนะฝะตัะฐ #docker
-
๐บ https://peer.adalta.social/w/f5CJYsk2S3r6E33QkAqY2k
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_law_116634446789845717_en)
๐ [โน๏ธ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")The systemic failures within Oklahoma law enforcement demand immediate scrutiny and proactive reform strategies.
#law #lawenforcement #rce #policeaccountability #decertified
-
๐บ https://peer.adalta.social/w/f5CJYsk2S3r6E33QkAqY2k
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_law_116634446789845717_en)
๐ [โน๏ธ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")The systemic failures within Oklahoma law enforcement demand immediate scrutiny and proactive reform strategies.
#law #lawenforcement #rce #policeaccountability #decertified
-
๐บ https://peer.adalta.social/w/9kSyVrRG8b89NwuwU8ZkGG
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_law_116634446789845717_de)
๐ [โน๏ธ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")Die Analyse einer jahrzehntelangen Geschichte von Fehlverhalten und dem Verlust der Glaubwรผrdigkeit.
#law #lawenforcement #rce #policeaccountability #decertified
-
๐บ https://peer.adalta.social/w/9kSyVrRG8b89NwuwU8ZkGG
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_law_116634446789845717_de)
๐ [โน๏ธ](https://copblaster.com/cop/18101/malcolm-d-mcrae?utm_source=dlvr.it&utm_medium=mastodon")Die Analyse einer jahrzehntelangen Geschichte von Fehlverhalten und dem Verlust der Glaubwรผrdigkeit.
#law #lawenforcement #rce #policeaccountability #decertified
-
๐บ https://peer.adalta.social/w/cWSGv8iyjZhDZMqoKP9Z8K
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116634098171239795_fr)
๐ [โน๏ธ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Une crise politique potentielle et des implications juridiques majeures pour le Sรฉnateur Boldman.
-
๐บ https://peer.adalta.social/w/cWSGv8iyjZhDZMqoKP9Z8K
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116634098171239795_fr)
๐ [โน๏ธ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Une crise politique potentielle et des implications juridiques majeures pour le Sรฉnateur Boldman.
-
๐บ https://peer.adalta.social/w/jvmrgjCd2TdTW7vJwjSwQq
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116634098171239795_en)
๐ [โน๏ธ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")The release of critical DUI footage presents a significant reputational and political challenge for Senator Boldman and the Montana legislature.
-
๐บ https://peer.adalta.social/w/jvmrgjCd2TdTW7vJwjSwQq
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116634098171239795_en)
๐ [โน๏ธ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")The release of critical DUI footage presents a significant reputational and political challenge for Senator Boldman and the Montana legislature.
-
๐บ https://peer.adalta.social/w/eso6C17hDAneajVhmrNPkb
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116634098171239795_de)
๐ [โน๏ธ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Die Freigabe von 34 Minuten DUI-Fahrtaufnahmen stellt einen ernsthaften Reputationsschaden dar.
-
๐บ https://peer.adalta.social/w/eso6C17hDAneajVhmrNPkb
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_release_116634098171239795_de)
๐ [โน๏ธ](https://summed.news/article/montana-court-orders-release-of-1st-34-minutes-of-sen-boldman-s-helena-dui-footage-23a5b85e?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Die Freigabe von 34 Minuten DUI-Fahrtaufnahmen stellt einen ernsthaften Reputationsschaden dar.
-
$148,337 #BugBounty paid by Google to a researcher (@brutecat) who found debug endpoints on Google Cloud allowing to configure privileged workflows leading to full #RCE in Google Cloud production (CVE-2026-2031)
#CloudSecurity #BugBountyTips
๐
https://brutecat.com/articles/google-cloud-rce/ -
$148,337 #BugBounty paid by Google to a researcher (@brutecat) who found debug endpoints on Google Cloud allowing to configure privileged workflows leading to full #RCE in Google Cloud production (CVE-2026-2031)
#CloudSecurity #BugBountyTips
๐
https://brutecat.com/articles/google-cloud-rce/ -
$148,337 #BugBounty paid by Google to a researcher (@brutecat) who found debug endpoints on Google Cloud allowing to configure privileged workflows leading to full #RCE in Google Cloud production (CVE-2026-2031)
#CloudSecurity #BugBountyTips
๐
https://brutecat.com/articles/google-cloud-rce/ -
$148,337 #BugBounty paid by Google to a researcher (@brutecat) who found debug endpoints on Google Cloud allowing to configure privileged workflows leading to full #RCE in Google Cloud production (CVE-2026-2031)
#CloudSecurity #BugBountyTips
๐
https://brutecat.com/articles/google-cloud-rce/ -
$148,337 #BugBounty paid by Google to a researcher (@brutecat) who found debug endpoints on Google Cloud allowing to configure privileged workflows leading to full #RCE in Google Cloud production (CVE-2026-2031)
#CloudSecurity #BugBountyTips
๐
https://brutecat.com/articles/google-cloud-rce/ -
Android Malware Forces Hidden Premium Service Subscriptions
Pulse ID: 6a12dc1c3f49b8b35effd5b8
Pulse Link: https://otx.alienvault.com/pulse/6a12dc1c3f49b8b35effd5b8
Pulse Author: cryptocti
Created: 2026-05-24 11:08:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RCE #bot #cryptocti
-
Android Malware Forces Hidden Premium Service Subscriptions
Pulse ID: 6a12dc1c3f49b8b35effd5b8
Pulse Link: https://otx.alienvault.com/pulse/6a12dc1c3f49b8b35effd5b8
Pulse Author: cryptocti
Created: 2026-05-24 11:08:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RCE #bot #cryptocti
-
Android Malware Forces Hidden Premium Service Subscriptions
Pulse ID: 6a12dc1c3f49b8b35effd5b8
Pulse Link: https://otx.alienvault.com/pulse/6a12dc1c3f49b8b35effd5b8
Pulse Author: cryptocti
Created: 2026-05-24 11:08:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RCE #bot #cryptocti
-
Android Malware Forces Hidden Premium Service Subscriptions
Pulse ID: 6a12dc1c3f49b8b35effd5b8
Pulse Link: https://otx.alienvault.com/pulse/6a12dc1c3f49b8b35effd5b8
Pulse Author: cryptocti
Created: 2026-05-24 11:08:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RCE #bot #cryptocti
-
Android Malware Forces Hidden Premium Service Subscriptions
Pulse ID: 6a12dc1c3f49b8b35effd5b8
Pulse Link: https://otx.alienvault.com/pulse/6a12dc1c3f49b8b35effd5b8
Pulse Author: cryptocti
Created: 2026-05-24 11:08:12Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Android #CyberSecurity #InfoSec #Malware #OTX #OpenThreatExchange #RCE #bot #cryptocti
-
๐บ https://peer.adalta.social/w/iYgGRavWfn2EywpfKUNyqM
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_privacy_116628435824362399_fr)
๐ [โน๏ธ](https://summed.news/article/oklahoma-biometrics-privacy-law-s-territorial-reach-limited-appeals-court-says-54026f4c?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Un Verdict qui Remet en Question les Droits des Citoyens
-
๐บ https://peer.adalta.social/w/iYgGRavWfn2EywpfKUNyqM
๐ [๐ฉ๐ช๐บ๐ธ๐ซ๐ท](https://adalta.info/articles/prstn_privacy_116628435824362399_fr)
๐ [โน๏ธ](https://summed.news/article/oklahoma-biometrics-privacy-law-s-territorial-reach-limited-appeals-court-says-54026f4c?utm_source=mastodon&utm_medium=social&utm_campaign=auto")Un Verdict qui Remet en Question les Droits des Citoyens