Art&Fact

A novel command-and-control (C2) technique in which a threat actor used a NATS server as C2 infrastructure. https://t.co/9cl4O79L77 ref: https://t.co/eVW5i2N826 A 'NATS URL' is a string (in a URL format) that specifies the IP address and port where the NATS server(s) can be reached, and what kind of connection to establish: TLS encrypted only TCP connection (i.e. NATS URLs starting with tls://...) TLS encrypted if the server is configured for it or plain un-encrypted TCP connection otherwise (i.e. NATS URLs starting with nats://...) Websocket connection (i.e. NATS URLs starting with ws://...)

⚠️ FreeBSD DHCP Client Vulnerability Enables Remote Code Execution as Root Source: https://t.co/MBazH8qJba The FreeBSD Project has released a critical security advisory addressing a severe flaw in its default IPv4 DHCP client. Tracked as CVE-2026-42511, this vulnerability allows a local network attacker to execute arbitrary code as root, granting them complete control over the compromised machine. The core issue resides in how dhclient(8) processes network configuration parameters from DHCP servers. When a device joins a network, it requests IP configuration data. The DHCP client takes the provided BOOTP file field and writes it to a local DHCP lease file. #cybersecuritynews

‼️A German hacker known as "Martha Root" dressed as a pink Power Ranger and deleted a white supremacist dating website live onstage This happened during the recent CCC conference. Martha had infiltrated the site, ran her own AI chatbot to extract as much information from users as possible, and downloaded every profile. She also uncovered the owner of the site. She has published all of the data.

MongoBleed (CVE-2025-14847) is basically Heartbleed for MongoDB - unauthenticated memory disclosure - public POC, trivial to exploit - leaks creds, tokens, cloud keys straight from RAM - huge exposed surface on the internet Good writeups and technical details here: https://t.co/LgK4RABmJu https://t.co/DWtByJQ3au https://t.co/LUwfnF6uXG Patch fast, rotate secrets, and assume exposed instances were scanned(!)