NoGoolag
4.79K subscribers
23K photos
13.2K videos
852 files
22.3K links
Live free!

📡 @NoGoolag

FAQ:
http://t.me/NoGoolag/169

★Group:
https://t.me/joinchat/nMOOE4YJPDFhZjZk

📡 @Libreware

📚 @SaveAlexandria

📡 @BallMemes

FORWARDS ARE NOT ENDORSEMENTS

💯 % satire OSRET
Download Telegram
The code that wasn't there: Reading memory on an Android device by accident | The GitHub Blog – 2023

The bug was a somewhat accidental find, and although it can only be used to leak information, it is nevertheless a very powerful bug that can be used to leak large amounts of information to a malicious Android app; it can be used an unlimited number of times with no adverse effects on the running state of the phone. I’ll show how it can be used to leak information at the page level in the user space and kernel space. I’ll then use the kernel space information leak to construct a KASLR bypass. From a vulnerability research point of view, it’s also a rather subtle and perhaps one the most unusual bugs that I’ve ever found

#Android #Vulnerability #Bug #Qualcomm
New Python tool checks NPM packages for manifest confusion issues

The problem is with the inconsistent information between a package's manifest data as displayed in the NPM registry and the data present in the 'package.json' file of the published package.

A malicious actor could manipulate the manifest data of a new package, eliminating certain scripts or dependencies so that they do not appear in the NPM registry.

However, these scripts or dependencies would still be present in the package.json file and would be executed when the package is installed, without the user being aware

#Github #cybersec #vulnerability
itnewsbot@schleuss.online - WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April - Enlarge (credit: Getty Images)

A newly discovered zeroday in t... - https://arstechnica.com/?p=1962625 #vulnerability #security #zipfiles #exploit #zeroday #biz#winrar
#Intel ‘Downfall’: Severe flaw in billions of #CPUs leaks passwords and much more

There is a serious security flaw in billions of Intel CPUs that can let attackers steal confidential data like passwords and encryption keys. Firmware updates can fix it, but at a potential significant performance loss.

https://www.pcworld.com/article/2025589/downfall-serious-security-vulnerability-in-billions-of-intel-cpus-how-to-protect-yourself.html

https://downfall.page/


>It only requires the attacker and victim to share the same physical processor core
>only
"if you let us in your house, we might steal your stuff!"

#vulnerability
Unpatchable vulnerability in Apple chip leaks secret encryption keys | Ars Technica –

A newly discovered vulnerability baked into Apple’s M-series of chips allows attackers to extract secret keys from Macs when they perform widely used cryptographic operations, academic researchers have revealed in a paper published Thursday

#Apple #Vulnerability #Infosec
#Bluetooth #vulnerability allows unauthorized user to record & play audio on Bluetooth speaker via #BlueSpy

Prevention section explains how you can check if your Bluetooth LE speakers/headsets are vulnerable to this attack using nRF Connect app
https://www.mobile-hacker.com/2024/03/22/bluetooth-vulnerability-allows-unauthorized-user-to-record-and-play-audio-on-bluetooth-speakers/

#BlueDucky automates exploitation of Bluetooth pairing vulnerability that leads to 0-click code execution
▪️automatically scans for devices
▪️store MAC addresses of devices that are no longer visible but have enabled Bluetooth
▪️uses Rubber Ducky payloads
https://www.mobile-hacker.com/2024/03/26/blueducky-automates-exploitation-of-bluetooth-pairing-vulnerability-that-leads-to-0-click-code-execution/

Demonstration of using BlueDucky to exploit 0-click Bluetooth vulnerability of unpatched Android smartphone (CVE-2023-45866)
Exploit was triggered by Raspberry Pi 4 and then by Android running NetHunter
https://youtu.be/GOGW7U1f2RA

@androidMalware
Becoming any Android app via Zygote command injection | Meta Red Team X

We have discovered a vulnerability in Android that allows an attacker with the WRITE_SECURE_SETTINGS permission, which is held by the ADB shell and certain privileged apps, to execute arbitrary code as any app on a device. By doing so, they can read and write any app’s data, make use of per-app secrets and login tokens, change most system configuration, unenroll or bypass Mobile Device Management, and more. Our exploit involves no memory corruption, meaning it works unmodified on virtually any device running Android 9 or later, and persists across reboots.

#Zygote #Android #Vulnerability
"Haunted by Legacy: Discovering and Exploiting Vulnerable #Tunnelling Hosts", 2025.

This paper is the first to systematically analyse the securityof tunnelling hosts on the IPv4 and IPv6 Internet. Our large-scale Internet-wide scans identified over 4 million hosts that
accept unencrypted tunnelling packets from any source.

This is concerning because vulnerable hosts can be abused asone-way proxies, and many of these hosts also allow an ad-versary to spoof a packet’s source address, enabling variouskinds of known and novel attacks.

Moreover, we also demon-strated that these vulnerable hosts enable novel DoS attacks,such as our TuTL and Ping-Pong attacks. The TuTL attack
is especially concerning since it can be abused to perform DoS attacks against any third-party host on the Internet.

Our measurements also show that many Autonomous Systems,more than four thousand in total, do not (properly) imple-ment source address filtering, thereby allowing the spoofing
of source IP addresses.


#Hosts #Vulnerability
Deep dive into the #Signal arbitrary deletion #vulnerability I discovered in Signal Desktop:

In Signal Desktop, attachments are stored in a designated folder (typically “attachments.noindex”). The deletion logic resolves this folder’s absolute path using fs.realpathSync, which inherently follows symbolic links.


https://nitter.poast.org/jipisback/status/1894682205500088793

https://x.com/jipisback/status/1894682205500088793

https://fixupx.com/jipisback/status/1894682205500088793
EvilLoader: Unpatched Telegram for Android Vulnerability Disclosed | Mobile Hacker

A newly discovered #vulnerability in #Telegram for #Android, dubbed #EvilLoader, has been identified by malware and CTI analyst 0x6rss. This exploit allows attackers to disguise malicious APKs as video files, potentially leading to unauthorized #malware installations on users’ devices. The vulnerability was detailed in his blog post and accompanied by a Proof of Concept (PoC) code.

This #exploit remains unpatched and continues to work on the latest version of Telegram for Android 11.7.4. Even more concerning, the payload has been available for sale on underground forums since January 15, 2025, making it accessible to cybercriminals worldwide. This is similar to WhatsApp trick, where Android malware can impersonate PDF file and trick user to install it.

Via @androidMalware
Linux Kernel Rust Code Sees Its First CVE Vulnerability
17 December 2025 - CVE-2025-68260

The first CVE #vulnerability has been assigned to a piece of the #Linux kernel's #Rust code.

Comments

#Phoronix #LinuxKernel
Hacking your PC using your speaker without ever touching it

What initially started as simply wanting to write a Linux tool for communicating with my speaker ended up with me discovering vulnerabilities which allow any attacker within a ~15M range of any Katana V2X to turn it into a covert spying tool and Rubber Ducky - all without ever having to pair with or physically touch the device.

https://blog.nns.ee/2026/06/03/katana-badusb/

Comments

#BT #vulnerability
Media is too big
VIEW IN TELEGRAM
When Your Computer Gets Hacked Through A Bluetooth Speaker | Mental Outlaw


In this video I explain how a security researcher discovered an exploit in Creative's Sound Blaster Katana V2X soundbar that allows someone to install custom firmware to the speaker over an unauthenticated bluetooth connection to turn the speaker into a surveillance device or HID that can send commands to your computer.

Read the security researchers write up on the issue here

Pwnd Blaster: Hacking your PC using your speaker without ever touching it | nns.eehttps://blog.nns.ee/2026/06/03/katana-badusb/

#Bluetooth #Vulnerability #Hacking
#Exploit
A 27-Year-Old Authentication Bypass in OpenBSD's PPP Stack · Argus Blog –

#OpenBSD's sppp_pap_input function used attacker-controlled length fields as the bcmp comparison length for credential validation. Sending zero-length name and password fields caused bcmp to return 0 unconditionally, bypassing PAP authentication entirely.

The #vulnerability was introduced in 1999 and survived for 27 years before being fixed..