A public exploit is now available for a recently patched Arch Linux vulnerability called PinTheft. The flaw allows a local attacker to gain full root privileges on a system. The vulnerability has already been fixed, so users who have updated their systems are protected from this exploit.
Exploit code for a critical flaw in Cisco's Unified Communications Manager is now public. This allows unauthenticated attackers to gain full control of systems, creating an urgent need for IT teams to apply the available patch immediately.
Proof-of-concept exploit code, named DirtyDecrypt, has been publicly released for a recently patched Linux kernel vulnerability. The flaw allows for local privilege escalation, enabling an attacker with local access to gain higher-level system permissions. The vulnerability was discovered and reported by security researchers in early May.
A researcher released a proof-of-concept exploit for a new Windows zero-day vulnerability named 'MiniPlasma'. The exploit allows an attacker with local access to gain the highest system privileges on fully patched Windows 10 and 11 machines. Microsoft has not yet released a patch.
A security researcher has released a proof-of-concept exploit for a new Windows zero-day vulnerability called MiniPlasma. The exploit can grant full SYSTEM privileges on fully patched Windows 11 systems. The flaw is reportedly an unfixed version of a bug Microsoft claimed to have patched in 2020.
A proof-of-concept exploit is now public for a high-severity Linux kernel vulnerability dubbed 'DirtyDecrypt.' The flaw allows a local user to gain root privileges on systems with the `rxgk` module enabled. Major distributions are affected, and patches are available. Teams should update their systems immediately.
A recently published guide demonstrates how a vulnerability in SAR2HTML version 3.2.1 can be exploited for remote code execution. The walkthrough, based on a TryHackMe challenge, shows how attackers can gain root privileges and full control over a target system by leveraging this specific software flaw.