Google Chrome remote code execution. 🚨 exploitation in the wild reported.

Payloads for FortiWeb XSS: /error3?msg=30&data=';alert('xss');// /omni_success?cmdb_edit_path=");alert('xss');//

Exploit of Sudo heap-based buffer overflow privilege escalation CVE-2021-3156:

Live Exploitation of CVE 2020-3452 Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) unauthenticated directory traversal

Vir.IT eXplorer privilege escalation. Vir.IT eXplorer is an antivirus product. This vulnerability was used by ZINC (A North Korean threat actor Associated with Lazarus Group) to hack cybersecurity researchers. But according to Microsoft, the threat actor was failed to exploit the vulnerability. Details are here:

# Exploit Title:- JioFi 4G Hotspot M2S 150 Mbps-Jio 4G Portable Wi-Fi Data Device - Buffer Overflow, Open Wireless Security - (PoC) # Date:- 2018-07-26 # Vendor Homepage:- # Hardware Link:- # Version:-JioFi 4G Hotspot M2S 150 Mbps Wireless Router # Category:- Hardware # Exploit Author:- Vikas Chaudhary # Published on :- # Contact:- # Web: # Tested on:- Windows 10 # CVE:- CVE-2018

Abusing XPC Service mechanism to elevate privilege in macOS/iOS In this blog, I will detail an interesting logic vulnerability I found in launchd process when it is managing the XPC Services. It’s easy be exploited and 100% stable to get high privilege in macOS/iOS. Because launchd is the most fundamental and important component in the OS, the vulnerability would also work even from the most restricted app sandbox. The vulnerability should work before macOS Big Sur and iOS 13.5.

heap overflow vulnerability in Sudo leads attackers to gain root privileges. Sudo is affected by this vulnerability for ten years (since July 2011). This vulnerability has been found by Qualys Research Team. Details are here:

Making Clouds Rain :: Remote Code Execution in Microsoft Office 365 This post is a story on how I found and exploited CVE-2020-16875, a remote code execution vulnerability in Exchange Online and bypassed two different patches for the vulnerability.

ZyXEL USG and ZyWALL hardcoded (backdoor) credentials: Username: zyfwp Password: PrOw!aN_fXp