The React2Shell exploit is now being used for large scale DDoS attacks, top sources include:
Microsoft, Hetzner, Contabo, netcup, DigitalOcean and all other Public Cloud providers and hosters.
Do you use a virtual machine to browse dangerous links safely? If you use the Chrome browser inside that virtual machine, is it secure enough?
As you might have guessed, the answer is not so much.
We chained six unique CVEs from 2023 listed below.
β’ Chrome Renderer RCE : CVE-2023-3079
β’ Chrome Sandbox Escape : CVE-2023-21674
β’ LPE in guest OS : CVE-2023-29360
β’ VMware Info Leak : CVE-2023-34044
β’ VMware Escape : CVE-2023-20869
β’ LPE in host OS : CVE-2023-36802
Someone has been spoofing SYN packets to port 179 across the internet since Thursday at rates almost 200PB an hour.
A 1Gbps device can send 450GB of SYN in an hour.
430k to 460k devices, and that's only if each device sustains the rate at 100% utilization for the entire hour