Talkback

Talkback

AI Powered Infosec Resource Aggregator to Boost Productivity.

Developed by elttam

Sign in to customize your weekly newsletter.

Resources See all
KongTuke FileFix Leads to New Interlock RAT Variant mal net

A new PHP-based Interlock RAT, used since June 2025 in widespread campaigns, employs compromised websites and Cloudflare tunnels for remote control, system reconnaissance, and lateral movement, demonstrating evolving sophistication.

Mon 14 Jul thedfirreport.com
GitHub - invictus-ir/KubeForenSys: A Kubernetes Forensic Collection Framework for Azure Kubernetes Service cloud for

KubeForenSys is a Python tool that collects Kubernetes cluster data and ingests it into Azure Log Analytics for security analysis, automatically provisioning necessary Azure resources and supporting customization.

Sun 13 Jul github.com/invictus-ir
GitHub - Idov31/NovaHypervisor: NovaHypervisor is a defensive x64 Intel host based hypervisor. The goal of this project is to protect against kernel based attacks (either via Bring Your Own Vulnerable Driver (BYOVD) or other means) by safeguarding defense products (AntiVirus / Endpoint Protection) and kernel memory structures and preventing unauthorized access to kernel memory. sys app

NovaHypervisor is a Windows-based hypervisor that protects kernel memory from attacks, integrates with Hyper-V, and requires specific setup and debugging tools.

Sun 13 Jul github.com/Idov31
Bypassing Meta’s Llama Firewall: A Case Study in Prompt Injection Vulnerabilities app

Evaluation uncovered significant bypass techniques against Meta’s Llama Guard, exposing vulnerabilities that can lead to malicious content and insecure code, underscoring the need for thorough security testing of LLM defenses.

Fri 11 Jul trendyol-tech.medium.com
Sil3ncer Deployed – RCE, Porn Diversion, and Ransomware on an SFTP-only Server exp net

A ransomware attack exploited CVE-2019-18935 in Telerik UI for ASP.NET AJAX on Windows Server 2012, establishing persistence, deploying backdoors, tunneling, and emphasizing the need for timely patching, enhanced logging, and monitoring to prevent such breaches.

Fri 11 Jul pentestpartners.com
Pre-Auth SQL Injection to RCE - Fortinet FortiWeb Fabric Connector (CVE-2025-25257) app exp

A pre-auth SQL injection vulnerability (CVE-2025-25257) in Fortinet’s FortiWeb allows attackers to execute remote code by exploiting input handling flaws to write malicious files via SQL commands.

Fri 11 Jul labs.watchtowr.com
Vulnerabilities See all
CVE-2025-46835 8.5
Received

Git GUI allows you to use the Git source control management tools via a GUI. When a user clones an untrusted repository and is tricked into editing a file located in a maliciously named directory in the repository, then Git GUI can create and overwrite fi…

  • The July 2025 Security Update Review
Thu 10 Jul
CVE-2025-46334 8.6
Received

Git GUI allows you to use the Git source control management tools via a GUI. A malicious repository can ship versions of sh.exe or typical textconv filter programs such as astextplain. Due to the unfortunate design of Tcl on Windows, the search path when …

  • The July 2025 Security Update Review
Thu 10 Jul
CVE-2025-27614 8.6
Received

Gitk is a Tcl/Tk based Git history browser. Starting with 2.41.0, a Git repository can be crafted in such a way that with some social engineering a user who has cloned the repository can be tricked into running any script (e.g., Bourne shell, Perl, Python…

  • The July 2025 Security Update Review
Thu 10 Jul
CVE-2025-27613 3.6
Received

Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support …

  • The July 2025 Security Update Review
Thu 10 Jul
CVE-2025-48386 6.3
Received

Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer (target) as a unique key for storing …

  • The July 2025 Security Update Review
Tue 8 Jul
CVE-2025-49760 3.5
Received

External control of file name or path in Windows Storage allows an authorized attacker to perform spoofing over a network.

  • The July 2025 Security Update Review
Tue 8 Jul
Topics See all
Check Point Research Check Point
Cybersecurity Research
  • 14th July – Threat Intelligence Report
  • From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery
  • 19th May – Threat Intelligence Report
  • ...
Mon 14 Jul
FortiWeb Fortinet
Web Application Firewall
  • 14th July – Threat Intelligence Report
  • Fortinet Releases Patch for Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257)
  • FortiWeb Pre-Auth RCE (CVE-2025-25257)
  • ...
Mon 14 Jul
SQL Server Microsoft
Relational Database Management System
  • 14th July – Threat Intelligence Report
  • Microsoft Patches 130 Vulnerabilities, Including Critical Flaws in SPNEGO and SQL Server
  • Microsoft Patch Tuesday, July 2025 Edition
  • ...
Mon 14 Jul
.NET Microsoft
Software Framework
  • Remote Code Execution in Broadcom Altiris IRM
  • Hunting Deserialization Vulnerabilities With Claude
  • The June 2025 Security Update Review
  • ...
Mon 14 Jul
Symantec Altiris Inventory Rule Management (IRM) Broadcom
Security Management Software
  • Remote Code Execution in Broadcom Altiris IRM
Mon 14 Jul
ysoserial Apache
Serialization Tool
  • CVE-2025-49127: Kafbat UI Remote Code Execution via JMX Unsafe Deserialization
  • Advisory: Sitecore RCE via Insecure Deserialization - CVE-2021-42237
  • Analysis Of Multiple Vulnerabilities In Ofbiz
  • ...
Mon 14 Jul

Indexed Resources