[ZDI-25-609|CVE-2025-20281] Cisco Identity Services Engine invokeStrongSwanShellScript Command Injection Remote Code Execution Vulnerability (CVSS 9.8; Credit: Bobby Gould (Bobby Gould) of Trend Zero Day Initiative) zerodayinitiative.com/advisories/ZDI…

Our flagship Hunting Zero-Days in Embedded Devices training returns to Rome, September 23-26! In 4 intensive days, you'll learn to inspect devices, find hidden debug interfaces, extract firmware, analyze it, find a remote vulnerability, and exploit it!

🚨In the upcoming September edition of "Advanced NET Exploitation" at Cyber Saiyan | RomHack Conference, Training, Camp 2025, we'll review the SharePoint p2o Deserialization exploit that was found by the Legend Khoa Dinh himself 🔥 P.S: for the love of god, register NOW! 😅

Blog for ToolShell Disclaimer: The content of this blog is provided for educational and informational purposes only. blog.viettelcybersecurity.com/sharepoint-too… #SharePoint #ToolShell

Proud father moment 😎

I have launched YSoNet (ysonet.net) and added #SharePoint CVE-2025-49704 payload generator to it as the first thing. Here is how this can work: Running command: ``` ysonet.exe -p sharepoint --cve=CVE-2025-49704 -var 1 -c "calc" ``` Running C# code: ``` ysonet.exe

Stack overflows, heap overflows, and existential dread - it must be an SSLVPN. labs.watchtowr.com/stack-overflow…

Announcing #Pwn2Own Ireland for 2025! We return to the Emerald Isle with our new partner Meta and a $1,000,000 WhatsApp bounty. Yes - one million dollars. Plus new USB attack vectors on phones and more. Check out the details at zerodayinitiative.com/blog/2025/7/30…

Does MSRC sometimes use AI to respond to researchers? Asking for a friend 🙃

Btw, I described my SharePoint CVE-2024-38018 at a PL conference last year, and they've recently uploaded it. I guess you don't know Polish, but slides are in English 😅 RCE part starts at 30:30 youtu.be/a2_onBMte8I?si…

Research is fun. One month ago, I thought that I'll never again make a research as good as my .NET deserialization one. Here I am today, writing a new whitepaper. You never know the day 😅

The whitepaper is live! Learn how to win the HTTP desync endgame... and why HTTP/1.1 needs to die: http1mustdie.com

[ZDI-25-813] (0Day) Microsoft PowerShell TryModuleAutoLoading Directory Traversal Remote Code Execution Vulnerability (CVSS 7.5; Credit: Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative) zerodayinitiative.com/advisories/ZDI…

[ZDI-25-822] (0Day) Microsoft SharePoint GetTransformer Unsafe Reflection Denial-of-Service Vulnerability (CVSS 6.5; Credit: Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative) zerodayinitiative.com/advisories/ZDI…

[ZDI-25-820] (0Day) Microsoft SharePoint IsAuthorizedType Deserialization of Untrusted Data Information Disclosure and Denial-of-Service Vulnerability (CVSS 8.1; Credit: Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative) zerodayinitiative.com/advisories/ZDI…

[ZDI-25-809] (0Day) Microsoft Exchange PowerShell Exposed Dangerous Method NTLM Relay Vulnerability (CVSS 8.8; Credit: Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative) zerodayinitiative.com/advisories/ZDI…

We've managed to make it through hacker summer camp, and #Microsoft and #Adobe survived enough to deliver their latest security patches. Join The Dustin Childs as he breaks down another large Patch Tuesday release. zerodayinitiative.com/blog/2025/8/12…

Should security solutions be secure? We're beginning to feel wrong. Enjoy some unscheduled programming - our analysis of CVE-2025-25256, a pre-auth Command Injection in Fortinet's FortiSIEM labs.watchtowr.com/should-securit…

Small survey. Should my blogs be: a) Long as usual, with a deep dive and the code flow analysis. b) Shorter, straight to the root-cause analysis. Any feedback appreciated :)