OFFSITE.DARK

Transmission

SIGNALS

29 signals

news

Jun 25, 2026 · Sploitus

Burst Statistics WordPress Auth Bypass (CVE-2026-8181)

Sploitus-indexed flaw in is_mainwp_authenticated() lets unauthenticated attackers impersonate admins with any Basic Auth password.

  • wordpress
  • auth-bypass
  • cve
  • plugin
  • privilege-escalation
→ Read signal

news

Jun 25, 2026 · Sploitus

Cisco CUCM SSRF to RCE Chain (CVE-2026-20230)

Sploitus-indexed PoC analysis chains unauthenticated WebDialer SSRF through Axis internals to arbitrary file write and RCE.

  • cisco
  • cucm
  • ssrf
  • rce
  • cve
  • voip
  • telecom
→ Read signal

news

Jun 25, 2026 · Sploitus

Claude Desktop Cowork VM Integrity Bypass (CVE-2026-7574)

Sploitus-indexed local flaw: Cowork trusts rootfs.img existence/version without hash or signature, enabling VM persistence.

  • anthropic
  • claude
  • local
  • persistence
  • cve
  • vm
→ Read signal

news

Jun 24, 2026 · Sploitus

Krayin CRM TinyMCE Upload RCE (CVE-2026-38526)

Sploitus-indexed authenticated PoC uploads PHP via /admin/tinymce/upload to public storage for www-data execution.

  • krayin
  • crm
  • rce
  • cve
  • file-upload
  • laravel
→ Read signal

news

Jun 22, 2026 · Sploitus

SP Page Builder Joomla Unauthenticated RCE (CVE-2026-48908)

Pre-auth ZIP upload to com_sppagebuilder iconfont path enables .PHP execution via .htaccess bypass; CVSS 10.0 on Sploitus.

  • joomla
  • rce
  • cve
  • cms
  • file-upload
  • joomshaper
→ Read signal

news

Jun 19, 2026 · Sploitus

BIND 9 Resolver Unbounded Loop DoS (CVE-2026-5950)

Unchecked resend loop in BIND 9 bad-server handling enables remote resource exhaustion; defensive notes indexed on Sploitus.

  • bind
  • dns
  • dos
  • cve
  • isc
→ Read signal

news

Jun 19, 2026 · Church of Malware

ek0ms savi0r Publishes REAPER GitHub Secret Scanner

ek0ms savi0r publishes REAPER on Church of Malware git — Go-based GitHub hidden secret scanner.

  • tools
  • github
  • secrets
  • offensive
→ Read signal

news

Jun 19, 2026 · Sploitus

GitLab WebAuthn 2FA Bypass (CVE-2026-2745)

Authentication bypass in GitLab WebAuthn 2FA due to inconsistent input validation; indexed on Sploitus Exploits of the week.

  • gitlab
  • webauthn
  • auth-bypass
  • cve
  • 2fa
→ Read signal

news

Jun 19, 2026 · Sploitus

JupyterHub CSRF XSRF Bypass (CVE-2026-40864)

Sec-Fetch-Mode: no-cors misclassified as same-origin bypasses XSRF on /hub/spawn and /hub/accept-share; PoC indexed on Sploitus.

  • jupyterhub
  • csrf
  • xsrf
  • cve
  • jupyter
→ Read signal

news

Jun 19, 2026 · Sploitus

kit-exploits-prv — Sploitus PoC Collection Roundup

Sploitus Exploits of the week entry kit-exploits-prv indexes a curated private PoC collection for authorized security testing.

  • sploitus
  • poc
  • exploit-kit
  • research
→ Read signal

news

Jun 18, 2026 · Hacker News

10k GitHub Repos Found Distributing Trojan Malware

Researcher identifies ~10,000 GitHub repos cloning legitimate projects and pushing trojanized README zip archives.

  • malware
  • supply-chain
  • github
→ Read signal

news

Jun 18, 2026 · Hacker News

Nginx HTTP/3 QUIC Zero-Day (CVE-2026-42530)

Remote code execution in NGINX Open Source 1.31.0–1.31.1 when HTTP/3 QUIC is enabled; patched in 1.31.2.

  • nginx
  • zero-day
  • rce
  • cve
  • quic
→ Read signal

news

Jun 18, 2026 · Hacker News

Popa Botnet Linked to NetNut Proxy Provider

Popa Android TV box botnet (~1.5–2.5M daily IPs) linked to publicly-traded Israeli firm Alarum/NetNut.

  • botnet
  • iot
  • proxy
  • android
→ Read signal

news

Jun 17, 2026 · Church of Malware

mastercodeon Publishes Peercord P2P Chat on Church of Malware Git

mastercodeon publishes Peercord on Church of Malware git — decentralized Discord-like social platform.

  • tools
  • p2p
  • infra
  • decentralized
→ Read signal

news

Jun 17, 2026 · Hacker News

FortiBleed Leaks VPN Credentials for 73k Devices

FortiBleed data leak exposes Fortinet VPN credentials for approximately 73,000 devices.

  • fortinet
  • vpn
  • breach
  • credentials
  • info-disclosure
→ Read signal

news

Jun 17, 2026 · Hacker News

Mastra NPM Scope Compromise Targets Crypto Wallets

140+ @mastra packages hijacked via dormant maintainer account; typosquat easy-day-js drops cross-platform stealer.

  • npm
  • supply-chain
  • stealer
  • lazarus
→ Read signal

news

Jun 17, 2026 · vx-underground

Malicious Steam Workshop Wallpapers Steal Accounts

Kaspersky finds dozens of trojanized Wallpaper Engine app wallpapers on Steam Workshop with tens of thousands of downloads.

  • malware
  • stealer
  • gaming
  • steam
→ Read signal

news

Jun 16, 2026 · vx-underground

152 Chrome Wallpaper Extensions Hide Ad Fraud

Network of 152 Chrome live wallpaper extensions faked web traffic and AdSense clicks; 105,000+ combined installs.

  • malware
  • chrome
  • ad-fraud
  • extensions
→ Read signal

news

Jun 15, 2026 · vx-underground

Mirai Variant Targets IoT Telnet

Modified Mirai strain scanning telnet with updated credentials and DGA C2.

  • mirai
  • iot
  • botnet
  • telnet
→ Read signal

news

Jun 15, 2026 · Sploitus

shell-quote quote() Newline Command Injection (CVE-2026-9277)

Sploitus-indexed PoC shows object-token newline in shell-quote quote() becomes POSIX command separator; fix in 1.8.4.

  • npm
  • nodejs
  • command-injection
  • cve
  • supply-chain
→ Read signal

news

Jun 14, 2026 · Sploitus

Bookly WordPress Stored XSS via Cookie (CVE-2026-5513)

Unauthenticated stored XSS in Bookly ≤27.2 via bookly-customer-full-name cookie; scanner PoC indexed on Sploitus.

  • wordpress
  • bookly
  • xss
  • cve
  • plugin
→ Read signal

news

Jun 13, 2026 · Sploitus

Apache HTTP/2 Bomb DoS (CVE-2026-49975)

Single-connection HPACK bomb plus flow-control stall can exhaust gigabytes of RAM; public PoC indexed on Sploitus.

  • apache
  • http2
  • dos
  • cve
  • hpack
→ Read signal

news

Jun 13, 2026 · Sploitus

Avada Builder WordPress Unauthenticated RCE (CVE-2026-6279)

Sploitus-indexed PoC abuses fusion_get_widget_markup AJAX with leaked nonce to call_user_func arbitrary PHP functions.

  • wordpress
  • avada
  • rce
  • cve
  • php
  • fusion-builder
→ Read signal

news

Jun 13, 2026 · Sploitus

PeopleSoft SSRF PoC Enables Unauthenticated RCE (CVE-2026-35273)

Sploitus-indexed PoC chains SSRF via PSIGW HttpListeningConnector into cloud credential theft and remote code execution.

  • peoplesoft
  • ssrf
  • rce
  • cve
  • oracle
  • cloud
→ Read signal

news

Jun 11, 2026 · Sploitus

JCE Joomla Unauthenticated RCE (CVE-2026-48907)

Sploitus-indexed PoCs chain unauthenticated JCE profile import to PHP execution in Joomla tmp/; CVSS 10.0.

  • joomla
  • jce
  • rce
  • cve
  • cms
  • file-upload
→ Read signal

news

Jun 11, 2026 · Microsoft MSRC

Patch Tuesday: 3 Zero-Days Addressed

June Patch Tuesday addresses 67 CVEs including 3 actively exploited zero-days.

  • windows
  • patches
  • zero-day
→ Read signal

news

May 30, 2026 · Sploitus

WP Maps Pro Unauthenticated Admin Creation (CVE-2026-8732)

Sploitus mass-scanner PoCs abuse wpgmp_temp_access_ajax with public fc-call-nonce to create administrator accounts.

  • wordpress
  • privilege-escalation
  • cve
  • plugin
  • auth-bypass
→ Read signal

news

May 22, 2026 · Sploitus

NGINX Rift Heap Overflow RCE (CVE-2026-42945)

18-year-old rewrite-module desync enables pre-auth RCE; depthfirst PoC indexed on Sploitus with Docker lab and exploit modes.

  • nginx
  • rce
  • cve
  • rewrite
  • depthfirst
→ Read signal

news

Dec 13, 2025 · Sploitus

React2Shell RCE in React Server Components (CVE-2025-55182)

Critical CVSS 10.0 RCE in react-server-dom-webpack affects React 19 and Next.js App Router; public PoC scanner indexed on Sploitus.

  • react
  • nextjs
  • rce
  • cve
  • deserialization
→ Read signal