Fortinet’s CVE-2026-21643 highlights a persistent issue: management and control-plane components remain prime attack surfaces.

SQL injection leading to unauthenticated code execution reinforces the need for rapid patch cycles, continuous monitoring, and segmentation of security tooling.

Source: https://thehackernews.com/2026/02/fortinet-patches-critical-sqli-flaw.html

💬 How are you reducing blast radius for management infrastructure?

🔔 Follow @technadu for threat-focused security coverage

#Infosec #Fortinet #VulnerabilityResearch #SQLInjection #ZeroTrust #CyberDefense #TechNadu

If Claude Can Find serious cybersecurity Bug, Who Collects the Bounty?

Bug bounty programs vs. $20/month reasoning — when the brutal question becomes: why pay five-figure bounties if a Claude Code subscription already finds entire classes of bugs? #BugBounty #VulnerabilityResearch #OffSec #AppSec #Infosec #AI #LLM #SecurityResearch #CyberSecurity https://red.anthropic.com/2026/zero-days/

OpenAI’s Trusted Access for Cyber introduces a trust- and identity-based approach to controlling access to frontier cyber-capable models such as GPT-5.3-Codex.

The framework acknowledges the dual-use nature of vulnerability testing and aims to reduce friction for legitimate defenders through verification, monitoring, and calibrated safeguards. The program also includes an expanded cybersecurity grant initiative to accelerate defensive research.

💬 How should advanced AI capabilities be governed in security research?

Source: https://openai.com/index/trusted-access-for-cyber/

🔔 Follow @technadu for unbiased coverage of AI, policy, and cyber defense

#InfoSec #CyberDefense #AIinSecurity #VulnerabilityResearch #ResponsibleAI #ThreatPrevention #TechNadu

CISA has added CVE-2025-40551, a critical SolarWinds Web Help Desk deserialization vulnerability, to the KEV catalog after confirming active exploitation.

The flaw enables unauthenticated remote code execution and has already been patched, though exploitation details remain undisclosed. Additional KEV inclusions span Sangoma FreePBX and GitLab, reflecting continued abuse of both enterprise and open-source platforms.

This reinforces the importance of KEV-driven prioritization and continuous monitoring beyond initial disclosure.

Source: https://thehackernews.com/2026/02/cisa-adds-actively-exploited-solarwinds.html

Community insight welcome.
Follow TechNadu for ongoing vulnerability and threat intelligence updates.

#Infosec #KEV #CISA #VulnerabilityResearch #SolarWinds #ThreatLandscape #CyberDefense

SolarWinds has addressed six Web Help Desk vulnerabilities, including four critical issues that could enable unauthenticated RCE or authentication bypass.

The flaws span deserialization, CSRF handling, and credential management, with potential chaining scenarios highlighted by researchers. No in-the-wild exploitation has been reported.

How do you evaluate chained vulnerability exposure in internal tools?

Source: https://www.securityweek.com/solarwinds-patches-critical-web-help-desk-vulnerabilities/

Follow @technadu for objective infosec updates.

#InfoSec #SolarWinds #VulnerabilityResearch #PatchManagement #EnterpriseSecurity #CyberDefense

It was interesting to read up on the AI assisted code review at https://www.lesswrong.com/posts/7aJwgbMEiKq5egQbd/ai-found-12-of-12-openssl-zero-days-while-curl-cancelled-its

For context: I'm personally responsible for at least 29 curl CVEs. Out of the recent 6 CVEs mentioned in the blog post I found two. This gives me some perspective, I think.

I do not utilise AI tools in my vulnerability research. I am also fiercely critical of harmful proliferation of AI. This is due to the unsustainable way it is currently pushed, and use of as marketing ploy and gimmick rather than producing measurable benefit to users. This leads to negative impacts on economy, education & learning, not to mention impacts to nature due to wasteful use of energy.

This doesn't mean I am against AI. I have written by own AI tooling (fully local RAG with support for arbitrary number of models running on local nodes, implemented in python). I found the usefulness of such tool to be limited at best. It is somewhat useful in mass analysis of large document bases, but the level of analysis is superficial at best. These AI models are after all just language models, and do not have any true understanding or intelligence.

And here is the gist of it: The current tools are not intelligent. Understanding this limitation is the key of successful deployment and utilisation of AI tools. The tools can be useful in certain tasks, but they do not replace true intelligence.

The AI tooling AISLE are developing certainly is one of the better uses of AI, and definitely surpasses all my personal dabbling around it. It is clear that the tool does find vulnerabilities. The key question is how much hallucinations and false positives it produces: If the tool generates thousands of FPs and the true findings are hidden among them this limits the value and usefulness of the tool (of course it doesn't entirely negate it, many tools produce false positives). In short: The quality of the findings is key, and poor signal-to-noise ratio is highly undesirable.

Either way, I think there is a future for AI tools and they definitely will be helpful in vulnerability research.

I personally will keep exercising my wetware for this work, however.

#cybersecurity #infosec #vulnerabilityresearch #thoughtoftheday

Critical vulnerabilities were disclosed in InputPlumber affecting Linux systems, including SteamOS.

Impact highlights:
• Insufficient D-Bus authorization
• Potential keystroke injection via virtual devices
• Local denial-of-service and information exposure

The fixes emphasize secure Polkit usage, systemd hardening, and proper privilege boundaries.

Share insights and follow @technadu for vendor-neutral security reporting.

#InfoSec #LinuxHardening #VulnerabilityResearch #Polkit #D-Bus #OpenSourceSecurity

#curl 8.18.0 has been released. This release fixes 2 medium and 4 low level vulnerabilities:
- CVE-2025-13034: No QUIC certificate pinning with GnuTLS https://curl.se/docs/CVE-2025-13034.html
- CVE-2025-14017: broken TLS options for threaded LDAPS https://curl.se/docs/CVE-2025-14017.html
- CVE-2025-14524: bearer token leak on cross-protocol redirect https://curl.se/docs/CVE-2025-14524.html
- CVE-2025-14819: OpenSSL partial chain store policy bypass https://curl.se/docs/CVE-2025-14819.html
- CVE-2025-15079: libssh global knownhost override https://curl.se/docs/CVE-2025-15079.html
- CVE-2025-15224: libssh key passphrase bypass without agent set https://curl.se/docs/CVE-2025-15224.html

I discovered the last 2 vulnerabilities.

Download curl 8.18.0 from https://curl.se/download.html

#vulnerabilityresearch #vulnerability #cybersecurity #infosec

CSA has published guidance on CVE-2025-52691, a critical SmarterMail vulnerability enabling potential unauthenticated remote code execution through arbitrary file uploads.

Although exploitation has not been observed, the advisory highlights the continued exposure of mail server infrastructure and the importance of timely upgrades to fixed builds.

Engage in the discussion and follow TechNadu for sober, research-driven security reporting.

#InfoSec #VulnerabilityResearch #EmailInfrastructure #RCE #PatchManagement #CyberDefense #TechNadu

M-Files has released patches for CVE-2025-13008, an information disclosure vulnerability involving session token exposure between authenticated users.

The issue affects several release branches and could allow impersonation within M-Files Web under specific conditions.

No exploitation has been observed publicly, but the potential impact on document confidentiality is notable.

This reinforces the need for:

• Strong session controls
• Log review for unusual user behavior
• Prompt patch deployment

Follow @technadu for unbiased, technically grounded security updates.

Source : https://cybersecuritynews.com/m-files-vulnerability/

#InfoSec #VulnerabilityResearch #SessionManagement #EnterpriseSecurity #TechNadu

TeamViewer has documented multiple vulnerabilities affecting the DEX Client’s NomadBranch service in certain Windows versions.

The issues involve input validation weaknesses that may enable DoS conditions or limited data exposure in adjacent network scenarios.

No evidence of exploitation has been reported, and unaffected configurations are clearly defined.

From a defensive standpoint, this reinforces the need for:

• Asset visibility
• Internal service hardening
• Network segmentation

Follow @technadu for measured, fact-driven infosec updates.

Source : https://cybersecuritynews.com/teamviewer-dex-vulnerabilities/

#VulnerabilityResearch #EnterpriseSecurity #ThreatModeling #CyberDefense #TechNadu

An unverified claim has emerged regarding the sale of an Android exploit allegedly impacting versions 12–16 and ARM-based devices. The actor asserts capabilities including remote code execution and privilege escalation, though no public technical validation has been provided.

Such disclosures emphasize the need for disciplined analysis, coordinated validation, and avoidance of premature conclusions.

How do you assess credibility when exploit claims surface without proof-of-concept?

Source: https://x.com/MonThreat/status/2000196921802068226?s=20

Engage in the discussion and follow TechNadu for fact-focused infosec reporting.

#InfoSec #AndroidSecurity #VulnerabilityResearch #ThreatIntel #MobileSecurity #TechNadu

React has released fixes for newly identified React Server Components vulnerabilities discovered during community analysis of a previously disclosed critical flaw.

The issues include pre-authentication denial-of-service conditions and a constrained source code exposure scenario. React maintainers emphasized that follow-on disclosures are a common outcome of deeper scrutiny after high-impact patches.

How do you approach variant analysis and regression testing in application security?
Share insights, engage with peers, and follow us for continued coverage.

Source: https://thehackernews.com/2025/12/new-react-rsc-vulnerabilities-enable.html

#infosec #applicationsecurity #reactjs #websecurity #opensource #vulnerabilityresearch #technadu

I for sure am old and grumpy here, but this "technical breakdown" is not helping. If you can't give actual technical breakdown (there are reasons for this of course) maybe just mention that. Just don't make up some "execute_payload()" that is misleading.

#vulnerabilityresearch #CVE_2025_48593

How a Null Byte Unlocked a $XXXX Bounty: My Reflected XSS Story
The bug is a reflected Cross‑Site Scripting (XSS) vulnerability that was made possible by a null‑byte injection. The target’s product search reflected the user‑supplied query back into the HTML page, and the backend processed the input as a C‑style string, treating a null byte (0x00) as a terminator. This allowed an attacker to craft a payload like %00<script>alert(1)</script> where the WAF only inspected the portion before the null byte (innocent) while the server rendered the part after it, executing the JavaScript. Exploitation was straightforward: submit the specially crafted query through the search bar, intercept the response, and observe the script firing. The vulnerability could be chained to steal session cookies, perform actions on behalf of victims, or deliver malware, resulting in high‑severity impact. Mitigation requires proper input validation that rejects null bytes, safe server‑side sanitization, consistent output encoding, and WAF rules that scan the full request payload. Additionally, deploying a Content‑Security‑Policy and using modern browser security mechanisms further reduces risk. #infosec #BugBounty #Cybersecurity #XSS #WebSecurity #VulnerabilityResearch
https://santhosh-adiga-u.medium.com/how-a-null-byte-unlocked-a-xxxx-bounty-my-reflected-xss-story-cb1b94f8ea12?source=rss------bug_bounty-5

56 zero-days exploited for $790K on Pwn2Own Day 2. Hackers used mind-blowing techniques to expose vulnerabilities in trusted software—proof that our digital defenses are under constant siege. Curious about the tactics that shook the cybersecurity world?

https://thedefendopsdiaries.com/pwn2own-day-2-hackers-exploit-56-zero-days-for-790000/

#pwn2own
#zeroday
#ethicalhacking
#cybersecurity
#vulnerabilityresearch

ChatGPT Atlas browser raises security concerns: OpenAI's new Chromium-based browser draws criticism for replicating Perplexity Comet design while vulnerability research exposes risks. https://ppc.land/chatgpt-atlas-browser-raises-security-concerns/ #ChatGPT #AtlasBrowser #OpenAI #CyberSecurity #VulnerabilityResearch

34 zero-day exploits—from flagship smartphones to smart home tech—exposed a huge vulnerability gap at Pwn2Own Ireland 2025. Think your gadgets are secure? Dive into the shocking details.

https://thedefendopsdiaries.com/pwn2own-ireland-2025-record-breaking-zero-day-exploits-expose-expanding-attack-surfaces/

#pwn2own2025
#zeroday
#cybersecuritytrends
#vulnerabilityresearch
#iotsecurity

34 zero-days in one day—hackers at Pwn2Own Ireland 2025 broke records and left no stone unturned, from browsers to mobile devices. Are our digital defenses ready for what’s coming?

https://thedefendopsdiaries.com/pwn2own-ireland-2025-record-breaking-day-one-showcases-34-zero-day-exploits/

#pwn2own2025
#zeroday
#cybersecurity
#vulnerabilityresearch
#infosec
#ethicalhacking
#securitytrends
#exploitdevelopment
#bugbounty

New post: Advantech printer driver heap bug, likely LPE. Details + repro: https://neurowinter.com/security/2025/10/09/Multiple-Expliots-in-Advantech-Printer-Driver/ #infosec #Windows #LPE #PrinterDriver #Advantech #ReverseEngineering #WinDbg #Ghidra #CWE190 #VulnerabilityResearch #Security