PT SWARM

👑 Our researcher has discovered LPE in VMWare Tools (CVE-2025-22230 & CVE-2025-22247) via VGAuth! Write-up by the one who broke it: Sergey Bliznyuk https://swarm.ptsecurity.com/the-guest-who-could-exploiting-lpe-in-vmware-tools/

⚠️ We've reproduced CVE-2025-49113 in Roundcube. This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization. If you're running Roundcube — update immediately!

🚨 We've launched dbugs.ptsecurity.com, a new home for vulnerabilities. More than CVEs. More than MITRE. ✅ Trends & Insights ✅ AI-generated, multi-source vulnerability descriptions ✅ Researcher credits Explore now: https://dbugs.ptsecurity.com

🇻🇳 At the Positive Hack Talks in Hanoi, our blue team member naumovax shared valuable insights: 1️⃣ Architecture of an automation tool for detecting malware in the network 2️⃣ Key features you should add to your tool 3️⃣ Our refined Suricata rules Link 👉 https://static.ptsecurity.com/events/stratocaster-how-we-automated-the-routine-search-for-unknown-malware-in-the-network-traffic.pdf Link to our Suricata rules: https://rules.ptsecurity.com/

Exploiting SSTI in a Modern Spring Boot Application (3.3.4) 👤 by parzel The article explores exploiting a Server-Side Template Injection (SSTI) vulnerability in a Spring Boot 3.3.4 application using Thymeleaf, leading to Remote Code Execution (RCE). It highlights the process of injecting malicious input to trigger Java reflection and bypass security defenses in modern framework. The post provides a detailed walkthrough of achieving RCE despite the robust safeguards present, emphasizing the comp...

🎮 Xbox 360 security in details: the long way to RGH3. Read the exclusive story about the chipless and reliable Xbox 360 modding method by 15432h 🔗https://swarm.ptsecurity.com/xbox-360-security-in-details-the-long-way-to-rgh3/

🦊 Mozilla Foundation fixed CVE-2025-6430, discovered by our researcher Daniil Satyaev! This vulnerability allows the Content-Disposition: attachment header to be ignored if the page is opened using <embed> or <object>, resulting in files being displayed instead of downloaded.

📑 A new article from our researchers Aleksey Solovev, Nikita Sveshnikov and Vladimir Razov — "Blind trust: what is hidden behind the process of creating your PDF file?". https://swarm.ptsecurity.com/blind-trust-what-is-hidden-behind-the-process-of-creating-your-pdf-file/

Don't Call That "Protected" Method: Dissecting an N-Day vBulletin RCE 👤 by Egidio Romano The article analyzes a critical Unauthenticated Remote Code Execution vulnerability (CVE-2025-48827) in vBulletin, which becomes exploitable when running on PHP 8.1 or newer. The vulnerability stems from vBulletin’s misuse of ReflectionMethod::invoke(), which in PHP 8.1+ no longer blocks access to protected methods by default. As a result, attackers can remotely trigger sensitive internal functions original...

📟 Our researcher a1exdandy has uncovered vulnerabilities in GD32 microcontrollers (GigaDevice) that bypass protection mechanisms, allowing memory extraction. The article 👉 https://swarm.ptsecurity.com/gigavulnerability-readout-protection-bypass-on-gigadevice-gd32-mcus/