Talkback

Talkback

AI Powered Infosec Resource Aggregator to Boost Productivity.

Developed by elttam

Sign in to customize your weekly newsletter.

Resources See all
Bad News for the Average Pentester social

Atredis champions human-driven cybersecurity testing enhanced by AI, emphasizing skilled professionals and quality over automation and cost.

Sat 16 May atredis.com
Welcome to BlackFile: Inside a Vishing Extortion Operation cloud social net

UNC6671 ("BlackFile") conducts advanced vishing, MFA interception, and data exfiltration via automated scripts, employing dynamic infrastructure and evolving tactics to target cloud platforms, necessitating robust credential and anomaly monitoring defenses.

Fri 15 May cloud.google.com
From Vercel Typosquatting to an Obfuscated macOS Malware Loader mal social sys

A sophisticated malware campaign exploited a Vercel URL typo, employing multi-stage redirects, obfuscation, blockchain infrastructure, and social engineering to target macOS users with in-memory payloads and evasive techniques.

Fri 15 May infosecwriteups.com
NIST NVD Enrichment Policy Change: Prioritizing Vulnerabilities with Attacker Behavior Signals net

Effective vulnerability prioritization requires moving beyond NVD CVSS scores to incorporate real-time attacker activity and underground intelligence, as CVE scoring delays limit timely risk assessment.

Fri 15 May recordedfuture.com
OT pen test findings that plant teams can actually use ics net

Effective OT pen test recommendations require context-aware, practical solutions aligned with environment-specific risks, avoiding misuse of CVSS scores and ensuring actionable, realistic security improvements.

Fri 15 May pentestpartners.com
GitHub - Nightmare-Eclipse/MiniPlasma: CVE-2020-17103 was apparently not patched or the patch was reversed, regardless this the PoC for an LPE in cldflt.sys sys app

A race condition vulnerability in cldflt!HsmOsBlockPlaceholderAccess, linked to CVE-2020-17103 and initially thought patched, remains unpatched or reintroduced, enabling privilege escalation across all Windows versions.

Thu 14 May github.com/Nightmare-Eclipse
Vulnerabilities See all
CVE-2026-8390 7.3
Analyzed

Use-after-free in the JavaScript: WebAssembly component. This vulnerability was fixed in Firefox 150.0.3.

  • GitHub - kiddo-pwn/ffffirefox
Tue 12 May
CVE-2020-28018 9.8
Modified

Exim 4 before 4.94.2 allows Use After Free in smtp_reset in certain situations that may be common for builds with OpenSSL.

  • XBOW - Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim
  • From theory to practice: analysis and PoC development for CVE-2020-28018 (User-After-Free in Exim) - Adepts of 0xCC
  • lockedbyte/CVE-Exploits
  • ...
Thu 6 May
CVE-2020-17103 7.0
Modified

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

  • MiniPlasma, a powerful LPE
  • GitHub - Nightmare-Eclipse/MiniPlasma: CVE-2020-17103 was apparently not patched or the patch was reversed, regardless this the PoC for an LPE in cldflt.sys
  • Hunting for Bugs in Windows Mini-Filter Drivers
  • ...
Thu 10 Dec
CVE-2018-6789 9.8
Analyzed

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely.

  • XBOW - Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim
  • Exim Mail Transfer Agent Vulnerable to Remote SQL Injection (CVE-2025-26794), PoC Published
  • I know there are lots of people waiting for the recent Microsoft Exchange pre-auth RCE on our side. This is a short advisory and detailed timeline. #proxylogon
  • ...
Thu 8 Feb
CVE-2017-16943 9.8
Modified

The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via vectors involving BDAT commands.

  • XBOW - Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim
  • New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
  • 21Nails: Multiple Critical Vulnerabilities in Exim Mail Server
  • ...
Sat 25 Nov
CVE-2026-44582 3.7
Undergoing Analysis

Next.js is a React framework for building full-stack web applications. From 13.4.6 to before 15.5.16 and 16.2.5, React Server Component responses can be vulnerable to cache poisoning in deployments that rely on shared caches with insufficient response par…

  • GitHub - dwisiswant0/next-16.2.4-pocs: Next.js v16.2.4 Security PoC Collection (CVE-2026-23870, CVE-2026-44575, CVE-2026-44579, CVE-2026-44574, CVE-2026-44578, CVE-2026-44573, CVE-2026-44581, CVE-2026-44580, CVE-2026-44577, CVE-2026-44576, CVE-2026-44582, CVE-2026-44572)
Wed 13 May
Topics See all
Exim Exim
Mail Transfer Agent
  • XBOW - Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim
  • New Exim BDAT Vulnerability Exposes GnuTLS Builds to Potential Code Execution
  • Exim Mail Transfer Agent Vulnerable to Remote SQL Injection (CVE-2025-26794), PoC Published
  • ...
Sun 17 May
Python Python
Programming language
  • Folder CrackMe_PyVMP_v7
  • GitHub - 12EDiTUS/frida-termux-build: Custom built Frida 17.9.10 for Termux (Android ARM64) Python 3.13. Solves _Py_NoneStruct symbol errors and Toolchain 404.
  • Welcome to BlackFile: Inside a Vishing Extortion Operation
  • ...
Sun 17 May
Elasticsearch Elastic
Search engine
  • Elastic Security MCP App: Interactive security operations inside your AI Tools
  • (CVE-2026-41873) Apache Pony Mail CRLF Injection and SSRF Leading to Full Account Takeover
  • Claude Code/Cowork monitoring at scale with Otel & Elastic — Elastic Security Labs
  • ...
Sun 17 May
Linux kernel Linux Foundation
Operating System
  • GitHub - 0xdeadbeefnetwork/ssh-keysign-pwn: Steal SSH host private keys and /etc/shadow via the ptrace_may_access mm-NULL bypass + pidfd_getfd. Pre-31e62c2ebbfd kernels.
  • The 4th Linux kernel flaw this month can lead to stolen SSH host keys
  • A third Linux kernel exploit dropped in two weeks: researchers condemn disclosures without embargoes
  • ...
Sun 17 May
GitHub Actions GitHub
Continuous Integration/Continuous Deployment (CI/CD) tool
  • Mini Shai-Hulud npm Attack: All Affected Packages
  • TanStack, Mistral AI, UiPath Hit in Fresh Supply Chain Attack
  • Mini Shai-Hulud Worm Compromises TanStack, Mistral AI, Guardrails AI & More Packages
  • ...
Sun 17 May
Word Microsoft
Word processing software
  • Microsoft Patches Critical Zero-Click Outlook Vulnerability Threatening Enterprises
  • MuddyWater Targets 100+ Gov Entities in MEA With Phoenix Backdoor
  • CTI Analysis: Malicious Email Campaign
  • ...
Sun 17 May

Indexed Resources