正在加载视频...

视频加载失败

返回首页

CVE-2025-24071: Microsoft Windows File Explorer Spoofing Vulnerability Check out the new security vulnerability I discovered in Windows, which I believe is potentially being sold in the wild. (fixed patch tuesday) Blog post: PoC:

0x6rss's profile picture

0x6rss

17,177 subscribers

45,616 次观看 • 1 年前 •via X (Twitter)

科学技术
LIVE

Anya Rossi• Live Now

Private livecam show

2 条评论

0x6rss 的头像
0x6rss1 年前

Update: Microsoft has changed its CVE number. The CVE number previously defined by Microsoft, CVE-2025-24071, has been updated to CVE-2025-24054.🤷‍♂️

Alexander Myasoedov 的头像
Alexander Myasoedov1 年前

INTRODUCING: Agentic Security - LLM Security Scanner! 🔍 🔑 Features: Scans for prompt injections, jailbreaking & more. Provides detailed reports & options to customize attack rules. 🔗access the GitHub Link ↓

相关视频

🔥 Microsoft fixed CVE-2025-47955, discovered by our researcher Sergey Bliznyuk! This vulnerability allows a locally authenticated attacker to elevate privileges to SYSTEM via the Windows RasMan service. 🔗 Advisory:
0:24

🔥 Microsoft fixed CVE-2025-47955, discovered by our researcher Sergey Bliznyuk! This vulnerability allows a locally authenticated attacker to elevate privileges to SYSTEM via the Windows RasMan service. 🔗 Advisory:

PT SWARM

13,345 次观看 • 1 年前

🚨CVE-2025-26666: Windows Media Remote Code Execution Vulnerability Credit:
1:39

🚨CVE-2025-26666: Windows Media Remote Code Execution Vulnerability Credit:

Dark Web Informer

13,379 次观看 • 1 年前

Microsoft Copilot 1-Click HACK A new Microsoft Copilot vulnerability called Reprompt allows hackers to steal your data with a single click. Is this the end of Windows security? Here is why I prefer Linux.
2:58

Microsoft Copilot 1-Click HACK A new Microsoft Copilot vulnerability called Reprompt allows hackers to steal your data with a single click. Is this the end of Windows security? Here is why I prefer Linux.

David Bombal

24,527 次观看 • 5 个月前

🚨CVE-2025-29927: Next.js Middleware Bypass Vulnerability PoC: Credit:
2:53

🚨CVE-2025-29927: Next.js Middleware Bypass Vulnerability PoC: Credit:

Dark Web Informer

21,021 次观看 • 9 个月前

🚨CVE-2024-21413 - Microsoft Outlook Remote Code Execution Vulnerability PoC (no audio) Credit:
2:37

🚨CVE-2024-21413 - Microsoft Outlook Remote Code Execution Vulnerability PoC (no audio) Credit:

Dark Web Informer

69,288 次观看 • 1 年前

‼️ CVE-2026-32223: Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability
0:56

‼️ CVE-2026-32223: Windows USB Printing Stack (usbprint.sys) Elevation of Privilege Vulnerability

Dark Web Informer

32,252 次观看 • 1 个月前

‼️ CVE-2025-1974: Kubernetes IngressNightmare Vulnerability CVSS: 9.8 PoC: PoC Published: March 26th, 2026
0:51

‼️ CVE-2025-1974: Kubernetes IngressNightmare Vulnerability CVSS: 9.8 PoC: PoC Published: March 26th, 2026

Dark Web Informer

16,152 次观看 • 4 个月前

Windows Notepad.exe Now Has Remote Code Execution Vulnerability First Notepad++ gets hijacked by Chinese hackers, now Notepad.exe gets a "Severe" CVE. Apparently editing a plain text file is the most dangerous thing you can do on Windows.
12:41

Windows Notepad.exe Now Has Remote Code Execution Vulnerability First Notepad++ gets hijacked by Chinese hackers, now Notepad.exe gets a "Severe" CVE. Apparently editing a plain text file is the most dangerous thing you can do on Windows.

The Lunduke Journal

17,782 次观看 • 4 个月前

🚨CVE-2023-20198: Remote Code Execution via File Upload Vulnerability | $15,000 Bounty | PoC Credit:
3:26

🚨CVE-2023-20198: Remote Code Execution via File Upload Vulnerability | $15,000 Bounty | PoC Credit:

Dark Web Informer

22,486 次观看 • 1 年前

🚨PoC CVE-2025-32433: Critical Erlang/OTP SSH RCE Vulnerability Credit:
0:37

🚨PoC CVE-2025-32433: Critical Erlang/OTP SSH RCE Vulnerability Credit:

Dark Web Informer - Cyber Threat Intelligence

10,660 次观看 • 1 年前

CVE-2023-23397 Simple and dirty PoC of the CVE-2023-23397 vulnerability impacting the Outlook thick client. #CVE #cybersecurity #infosec
0:42

CVE-2023-23397 Simple and dirty PoC of the CVE-2023-23397 vulnerability impacting the Outlook thick client. #CVE #cybersecurity #infosec

HackGit

76,809 次观看 • 3 年前

POC for CVE-2024-38063 (RCE in Windows TCP/IP) :
0:26

POC for CVE-2024-38063 (RCE in Windows TCP/IP) :

Binni Shah

41,209 次观看 • 1 年前

Tested: Windows 11’s ‘faster’ File Explorer (preloaded) is still slower than Windows 10. On a 4GB RAM test machine, File Explorer used ~32.4MB of RAM without preloading. After turning on preloading, Windows quietly adds ~35MB more. So Explorer now sits at ~67.4MB in memory before you even open it. 35MB isn’t a big deal in 2025. Your browser eats that for breakfast. That's not the point of my testing. Why is the preloaded File Explorer still slower than Windows 10? I made a video to compare the two versions.
0:20

Tested: Windows 11’s ‘faster’ File Explorer (preloaded) is still slower than Windows 10. On a 4GB RAM test machine, File Explorer used ~32.4MB of RAM without preloading. After turning on preloading, Windows quietly adds ~35MB more. So Explorer now sits at ~67.4MB in memory before you even open it. 35MB isn’t a big deal in 2025. Your browser eats that for breakfast. That's not the point of my testing. Why is the preloaded File Explorer still slower than Windows 10? I made a video to compare the two versions.

Windows Latest

752,581 次观看 • 6 个月前

Releasing a Windows 11 LPE exploit by b33f | 🇺🇦✊ and I. Exploits CVE-2023-21768, a vuln in afd.sys. Blog post soon!
0:45

Releasing a Windows 11 LPE exploit by b33f | 🇺🇦✊ and I. Exploits CVE-2023-21768, a vuln in afd.sys. Blog post soon!

chompie

265,388 次观看 • 3 年前

Windows 365 Link is the secure, purpose-built device for Windows 365, delivering a seamless Windows desktop experience in the Microsoft Cloud. No local data, apps, or admin users—security is built in. #MSIgnite
1:23

Windows 365 Link is the secure, purpose-built device for Windows 365, delivering a seamless Windows desktop experience in the Microsoft Cloud. No local data, apps, or admin users—security is built in. #MSIgnite

Microsoft

64,972 次观看 • 1 年前

🚨𝗡𝗲𝘄 𝗛𝗶𝗴𝗵-𝗦𝗲𝘃𝗲𝗿𝗶𝘁𝘆 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗶𝗻 𝗔𝗠𝗜-𝗕𝗮𝘀𝗲𝗱 𝗗𝗲𝘃𝗶𝗰𝗲𝘀 Our Deep Vulnerability Analysis (DVA) technology has automatically uncovered a high-impact vulnerability (CVE-2025-33043) in the AMI MicrocodeUpdate module that's impacting the entire ecosystem. 𝗪𝗵𝗼'𝘀 𝗔𝗳𝗳𝗲𝗰𝘁𝗲𝗱: Major device manufacturers including HP, Lenovo, Samsung, and Adlinktech. The vulnerability was actually silently fixed upstream ages ago, but not all downstream OEM vendors distributed the patch.
1:28

🚨𝗡𝗲𝘄 𝗛𝗶𝗴𝗵-𝗦𝗲𝘃𝗲𝗿𝗶𝘁𝘆 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗶𝗻 𝗔𝗠𝗜-𝗕𝗮𝘀𝗲𝗱 𝗗𝗲𝘃𝗶𝗰𝗲𝘀 Our Deep Vulnerability Analysis (DVA) technology has automatically uncovered a high-impact vulnerability (CVE-2025-33043) in the AMI MicrocodeUpdate module that's impacting the entire ecosystem. 𝗪𝗵𝗼'𝘀 𝗔𝗳𝗳𝗲𝗰𝘁𝗲𝗱: Major device manufacturers including HP, Lenovo, Samsung, and Adlinktech. The vulnerability was actually silently fixed upstream ages ago, but not all downstream OEM vendors distributed the patch.

BINARLY🔬

12,005 次观看 • 11 个月前

My first blog post: Creating a PDF Dropper by Injecting Malicious JavaScript into a PDF with a Cobalt Strike Payload For the source code and PoC, check out my blog post:👇
0:47

My first blog post: Creating a PDF Dropper by Injecting Malicious JavaScript into a PDF with a Cobalt Strike Payload For the source code and PoC, check out my blog post:👇

0x6rss

76,989 次观看 • 1 年前

🚨 Very concerning 0-click zero-day vulnerability for sale: allows unauthenticated attackers to execute arbitrary code with SYSTEM-level privileges on fully patched Windows 10/11 and Windows Server 2022 systems. The exploit is “reliable, low-resource, and bypasses the latest security mitigations.” Price: 25k POC:
0:53

🚨 Very concerning 0-click zero-day vulnerability for sale: allows unauthenticated attackers to execute arbitrary code with SYSTEM-level privileges on fully patched Windows 10/11 and Windows Server 2022 systems. The exploit is “reliable, low-resource, and bypasses the latest security mitigations.” Price: 25k POC:

International Cyber Digest

77,014 次观看 • 9 个月前

🚨CVE-2025-31161: Authentication Bypass Vulnerability in CrushFTP Credit: Exploit:
8:14

🚨CVE-2025-31161: Authentication Bypass Vulnerability in CrushFTP Credit: Exploit:

Dark Web Informer

36,563 次观看 • 1 年前

CVE-2026-20841-POC REMOTE CODE EXECUTION VULNERABILITY IN NOTEPAD VERSION 11 Mr Phil Ghana 🇬🇭 Nana Sei Anyemedu
1:23

CVE-2026-20841-POC REMOTE CODE EXECUTION VULNERABILITY IN NOTEPAD VERSION 11 Mr Phil Ghana 🇬🇭 Nana Sei Anyemedu

H4RUK7 KIRA 🇯🇵🇨🇵

20,829 次观看 • 4 个月前