blog post about a nice trick I found to escalate a postgres SQLi to RCE this week
the filewrite primitive was widely documented but I've not seen the .so one online yet so we though it might be interesting to publish it, if anyone already knew about it, i'm interested to know :)
🔓 On an asset under our continuous monitoring, our pentester @nol_tech turned a SELECT-only PostgreSQL SQLi in Drupal (CVE-2026-9082) into a full RCE when DB role is superuser. Details below 👇
📝 https://t.co/R7F5XQ2vZD
🛠️ https://t.co/yRJ8zX1Nlb
#Drupal#PostgreSQL#RCE#SQLi
Congratulations to our pentester @nol_tech on placing 2nd in the Web Senior category at the #FCSC2026 qualifications, with a score of 3,616 points.
This kind of result speaks for itself. Best of luck for the next rounds! 🍀
#CTF#Cybersecurity
🚨 New post on https://t.co/UzE5dLbhEx: how to sniff BLE communications with an SDR (e.g. HackRF One) — the challenges of frequency hopping and strengths of the SDR approach for security researchers. Read it ➜ https://t.co/dAI25vTr7J
#BLE#SDR#Security
🔔 New research from Lexfo on pre- & post-authentication vulnerabilities in WSO2 products — uncovering bypasses, RCE, SSRF, CSRF, and account-takeover risks. See our detail article → https://t.co/1jNmsIhdZl
#cybersecurity#infosec#offensivesecurity#pentest#WSO2
👾🔒New Analysis: Secp0 Ransomware! 🚨
Our CTI team with our CSIRT, has analyzed the Secp0 ransomware. It operates as double-extortion ransomware, encrypting data and threatening public disclosure, targeting Linux systems.
All the details in our report : https://t.co/6nmSPAsgU7
🌍 World Leaks: an extortion platform 🚨
Our CTI team produced an analysis of World Leaks. The article covers its origins, operational challenges, and collaborations with other threat actors.
https://t.co/FG74P7GBdx
#ThreatIntelligence#WorldLeaks#CTI
We produced an analysis at Lexfo on World Leaks, the extortion platform created by the operators of Hunters International and originally uncovered by @GroupIB@GroupIB_TI.
https://t.co/jEDVFJ8mf1
We welcome your feedbacks 😉
🛡️CYBERSEC
L’équipe CTI de @LexfoSecurite a réalisé une analyse de World Leaks, une plateforme d’extorsion créée par les opérateurs d’Hunters International en début d’année. L’article mentionne ses collaborations avec d’autres groupes de cybercriminels, notamment le groupe de ransomware Secp0.
https://t.co/0WALMpN1ZI
🕵️ OSINT
L'équipe CTI de @LexfoSecurite a investigué des réseaux de faussaires vendant des faux documents sur le clear web. À l'aide de l'OSINT, ils ont pu identifier des similitudes entre les sites web, révélant des acteurs communs.
https://t.co/9WJhGpFoBg
Grâce à des techniques d'OSINT, nous avons identifié des similitudes frappantes entre ces sites, révélant des liens avec des acteurs communs. Découvrez comment nous avons démêlé ce réseau et les résultats surprenants de notre investigation !https://t.co/HLqBUTszoT
New writeup from @_specters_ and I: we're finally allowed to disclose a vulnerability reported to Kia which would've allowed an attacker to remotely control almost all vehicles made after 2013 using only the license plate.
Full disclosure:
https://t.co/e2EwvUMgqw
A critical pre-auth remote code execution vulnerability was found in Jupiter X Core <= 4.6.5 (CVE-2024-7772).
Learn how to exploit it in our latest blog post!
https://t.co/SBFk14giec
Microsoft has uncovered a vulnerability in ESXi hypervisors, identified as CVE-2024-37085, being exploited by threat actors to obtain full administrative permissions on domain-joined ESXi hypervisors and encrypt critical servers in ransomware attacks. https://t.co/7NUvHGrzXM