nightmare

This repository is an introduction to binary exploitation and reverse engineering course based on CTF challenges, called "Nightmare". It contains a large amount of content, with over 90 challenges, laid out in a linear fashion, and well-documented write-ups explaining how to go from being handed...

GHSA-2WRP-6FG6-HMC5

creationtimestamp| type| source ---|---|--- 2025-07-16 04:30:54+00:00| seen| https://gist.github.com/safer-bot/e5ac7e49ce7135e506c75a08642d928e...

GHSA-HQ9P-PM7W-8P54

creationtimestamp| type| source ---|---|--- 2025-06-11 20:15:58+00:00| seen| Telegram/nn4r48fMtsoF4yprR5SnwOJcbR44UlHSPFU-GpYRsWktOw 2025-06-17 13:11:06+00:00| seen| https://gist.github.com/safer-bot/227b935768f4907b3da218450ed38465 2025-07-07 04:47:43+00:00| seen|...

Ruby on Rails: Subdomain Takeover at https://new.rubyonrails.org/

Disclaimer I know it's OOS but the issue is pretty serious because of the attractive domain name "new.rubyonrails.org" basically anyone could have put malware there. Summary Hi! I discovered that new.rubyonrails.org was pointing to an unclaimed Github Page, making it vulnerable to subdomain...

Emotet returns just in time for Christmas

Emotet is a threat we have been tracking very closely throughout the year thanks to its large email distribution campaigns. Once again, and for about two months, the botnet stopped its malspam activity only to return days before Christmas. In typical Emotet fashion, the threat actors continue to...

Vulnerability fixed in TNEF

A new patch of TNEF has been released, in which a vulnerability has been fixed. The vulnerability allows a malicious person able to execute arbitrary code under the privileges of the user. TNEF has made available a patch that fixes the vulnerability. fix. More information can be found on the...