#pathtraversal

Red Hot Cyber

@redhotcyber.bsky.social

3 days ago

Dieci bug gravi aggiornati in WordPress: Le scansioni stanno iniziando: aggiorna subito!

📌 Link all'articolo : www.redhotcyber.com/post/die...

#redhotcyber #news #wordpress #aggiornamento #vulnerabilita #cybersecurity #hacking #cms #pathtraversal

Offensive Sequence

@offseq.bsky.social

1 month ago

CVE-2026-25592: CWE-22: Improper Limitation of a Pathname to a Restricted Direct CVE-2026-25592 is a critical security vulnerability classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory, also known as Path Traversal) affecting Microsoft’s Semantic Kernel .NET SDK versions earlier than 1.7

CRITICAL: CVE-2026-25592 in Microsoft Semantic Kernel (<1.70.0) enables remote path traversal & arbitrary file writes. Patch to v1.70.0+ ASAP or validate file paths! radar.offseq.com/threat/cve-2026-25592-cw... #OffSeq #PathTraversal #AIsecurity

Rene Robichaud

@neroqc.bsky.social

1 month ago

WinRAR path traversal flaw still exploited by numerous hackers Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity vulnerability in WinRAR for initial access and to deliver various malicious paylo...

WinRAR path traversal flaw still exploited by numerous hackers
www.bleepingcomputer.com/news/securit...

#Infosec #Security #Cybersecurity #CeptBiro #WinRAR #PathTraversal

Red Hot Cyber

@redhotcyber.bsky.social

4 months ago

Uno 0day su FortiWeb WAF sfruttato attivamente! E rimuovete le interfacce di Admin da Internet

📌 Link all'articolo : www.redhotcyber.com/post/uno...

#redhotcyber #news #cybersecurity #hacking #fortinet #fortiweb #pathtraversal #vulnerabilita #exploit #accesso remoto #bug

Offensive Sequence

@offseq.bsky.social

6 months ago

Security threat visualization

⚠️ HIGH-severity vuln in Ai3 QbiCRMGateway 7.5.1: CVE-2025-9639 allows unauth'd file reads via path traversal. No patch—restrict access, monitor activity. More info: radar.offseq.com/threat/cve-2025-9639-cwe... #OffSeq #Vulnerability #PathTraversal

raptor :C_H:

@raptor.infosec.exchange.ap.brid.gy

6 months ago

I had missed this #linux #kernel discussion about #pathtraversal #vulnerabilities

[RFC] Add a prctl to disable ".." traversal in path resolution

lore.kernel.org/linux-fsdevel/2024121114...

CyberTaters

@potato.software

6 months ago

New Zip Slip variant exploits path traversal flaws in decompression tools, enabling attackers to overwrite critical files. Update utilities and enforce strict path validation. #PotatoSecurity #ZipSlip #PathTraversal Link: thedailytechfeed.com/emerging-zip...

The Daily Tech Feed

@thedailytechfeed.com

6 months ago

New Zip Slip variant exploits path traversal flaws in decompression tools, enabling attackers to overwrite critical files. Update utilities and enforce strict path validation. #CyberSecurity #ZipSlip #PathTraversal Link: thedailytechfeed.com/emerging-zip...

ud3x 🇪🇺🇺🇦

@ud3x.bsky.social

10 months ago

Busting Big Brother - Aufklärungsgeräte analysiert Gemeinsame Datenreise und Erkundungstour in die Welt der Überwachungs- und Sicherheitsindustrie an Hand eines konkreten Überwachungsgerät...

Alle paar Jahre gibt es Vorträge, die aus der Masse der ohnehin guten Vorträge noch einmal herausstechen und bei denen es einem die Schuhe auszieht.

Hier ist so einer.

Kontext: Staatliche Überwachungsphantasien "before and after".

#eh22 #PathTraversal #Grundgütiger 🙄

media.ccc.de/v/eh22-108-b...

Ivan “CLOVIS” Canet

@ivcanet.bsky.social

1 year ago

The vulnerability is by design: how an attack exploited an unknown feature of the standard library

ivan.canet.dev/blog/2024/09...

#programming #pathtraversal #infosec #webdev

Ivan “CLOVIS” Canet

@clovis.techhub.social.ap.brid.gy

1 year ago

The vulnerability is by design: how an attack exploited an unknown feature of the standard library

ivan.canet.dev/blog/2024/09/23/js-path-...

#programming #pathtraversal #infosec #webdev

CyberTaters

@potato.software

1 year ago

I analyzed three months of data from path-traversal attacks against SolarWinds Serv-U and wrote up my findings. Check it out on the @GreyNoise Grimoire!

#Potatosecurity #Blog #PathTraversal #Exploit

Ron Bowes

@iagox86.bsky.social

1 year ago

GreyNoise Labs - Whatchu looking for (starring SolarWinds Serv-U - CVE-2024-28995) SolarWinds Serv-U has given us a really good dataset for which files attackers are searching for - let’s see what we can learn!

I analyzed three months of data from path-traversal attacks against SolarWinds Serv-U and wrote up my findings. Check it out on the @GreyNoise Grimoire!

#Cybersecurity #Blog #PathTraversal #Exploit

Rene Robichaud

@neroqc.bsky.social

1 year ago

APT Just Means Another Path Traversal - Eclypsium | Supply Chain Security for the Modern Enterprise New Zero Day in Palo Alto GlobalProtect VPN Appliances Introduction On April 12th, Volexity announced they discovered zero day exploitation occurring against Palo Alto GlobalProtect VPN appliances run...

APT Just Means Another Path Traversal
eclypsium.com/blog/apt-jus...
#Infosec #Security #Cybersecurity #CeptBiro #APT #PathTraversal