Hacker News with Generative AI: Exploits

Critical hardcoded SolarWinds credential now exploited in the wild (theregister.com)
A critical, hardcoded login credential in SolarWinds' Web Help Desk line has been exploited in the wild by criminals, according to the US Cybersecurity and Infrastructure Security Agency, which has added the security blunder to its Known Exploited Vulnerabilities (KEV) Catalog.
Cybersecurity, Software, Exploits, Security Breaches
7 points by romperstomper 35 days ago | 0 comments
Firefox and Tor hit with 9.8 critical level exploit (youtube.com)
Security, Firefox, Tor, Exploits
4 points by wappieslurkz 36 days ago | 1 comments
Attacking UNIX Systems via CUPS (evilsocket.net)
Hello friends, this is the first of two, possibly three (if and when I have time to finish the Windows research) writeups. We will start with targeting GNU/Linux systems with an RCE. As someone who’s directly involved in the CUPS project said:
Security, Linux, Exploits, CUPS
438 points by NetBender 56 days ago | 325 comments
Jailbreak Your Enemies with a Link: Remote Execution on iOS (jacobbartlett.substack.com)
This is the story of the Trident exploit chain: 3 zero-day vulnerabilities in iOS that enabled the first remote jailbreak. Part #1 dives into the internals of the JavaScriptCore runtime: where a vulnerability lurks in WebKit which would crack your iPhone wide open.
Cybersecurity, iOS, Exploits, Mobile Security
35 points by jakey_bakey 66 days ago | 3 comments
CVE-2024-29510 – Exploiting Ghostscript using format strings (codeanlabs.com)
Security, Software Vulnerabilities, Programming, Exploits
41 points by ThomasRinsma 142 days ago | 9 comments
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (ambionics.io)
Security, PHP, Exploits, Programming, Linux
76 points by todsacerdoti 178 days ago | 11 comments
Unauthenticated, RCE vulnerability in Palo Alto firewalls, exploits in the wild (paloaltonetworks.com)
Security, Cybersecurity, Vulnerabilities, Exploits
38 points by billyhoffman 223 days ago | 1 comments