Security Advisory / Vulns / 0day
- Thread starter old.Osy
- Start date
old.Osy
No longer scrounging, still a bastard.
- Joined
- Dec 22, 2003
- Messages
- 2,756
- Thread starter
- #152
To whoever is born before the 80's - High-severity WinRAR 0-day exploited for weeks by 2 groups
- Joined
- Dec 22, 2003
- Messages
- 12,559
Poor WinRAR, first it's nobody ever registering, it's now a security vulnerability
old.Osy
No longer scrounging, still a bastard.
- Joined
- Dec 22, 2003
- Messages
- 2,756
- Thread starter
- #154
Copy Fail — 732 Bytes to Root
CVE-2026-31431. 100% Reliable Linux LPE — no race, no per-distro offsets, page-cache write that bypasses on-disk file-integrity tools and crosses containers. Found by Xint Code.
copy.fail
old.Osy
No longer scrounging, still a bastard.
- Joined
- Dec 22, 2003
- Messages
- 2,756
- Thread starter
- #155
Popular DAEMON Tools software compromised
Targeted by threat actors: individuals and organizations across 100+ countries and territories, with the majority of victims located in Russia, Brazil, Turkey, Spain, Germany, France, Italy, and China.
securelist.com
old.Osy
No longer scrounging, still a bastard.
- Joined
- Dec 22, 2003
- Messages
- 2,756
- Thread starter
- #156
LastPass says hackers stole customer data through a supply chain breach at Klue
LastPass notified customers that personal data and support cases were stolen after hackers breached Klue and used stolen OAuth tokens to access Salesforce.
thenextweb.com
- Joined
- Dec 11, 1997
- Messages
- 9,077,660
This is the biggest issue facing any Company, you are only secure as your weakest link in the chain. Do not assume anything outside of your Company unless verified by security auditors to a well publicised standard.