Lmst
Login
Cyclone

Sysadmin by day | Hacker by night | Go Developer | hashpwn site owner

Cyclonecyclone@infosec.exchange
2025-05-21

A critical vulnerability, CVE-2025-1127, has been identified in over 150 Lexmark printer models, including the CX, MX, XC, and CS series. This flaw allows remote attackers to execute arbitrary code on unpatched devices by exploiting a combination of path traversal (CWE-22) and race condition (CWE-362) vulnerabilities in the embedded web server. The vulnerability has been assigned a CVSS v3.1 score of 9.1 (Critical).

forum.hashpwn.net/post/620

#lexmark #printer #rce #CVE20251127 #cybersecurity #news #hashpwn

Critical RCE Vulnerability in Lexmark Printers (CVE-2025-1127) Threatens Networks
Cyclonecyclone@infosec.exchange
2025-05-20

Inside Job - Coinbase Faces $400M Fallout After Insider Data Breach and $20M Ransom Demand

forum.hashpwn.net/post/617

#coinbase #crypto #hack #breach #hashpwn #news #cybersecurity

Inside Job - Coinbase Faces $400M Fallout After Insider Data Breach and $20M Ransom Demand
Cyclonecyclone@infosec.exchange
2025-05-16

The FBI has issued an urgent alert about a wave of sophisticated social engineering attacks where threat actors impersonate high-ranking U.S. officials using AI-generated voice cloning and malicious text messages.

forum.hashpwn.net/post/611

#smish #vish #ai #infosec #cybersecurity #news #hashpwn

FBI Warns Senior U.S. Officials of AI Voice Cloning and Smishing Campaigns
Cyclonecyclone@infosec.exchange
2025-05-14

Exodus to Drop Monero (XMR) Support by August 2025

Exodus Wallet, a popular self-custody cryptocurrency wallet, has officially announced it will discontinue support for Monero (XMR) on August 10, 2025. After this deadline, users will no longer be able to send, receive, or view XMR balances through Exodus.

What You Need to Know:
forum.hashpwn.net/post/607

#exodus #xmr #crypto #wallet #hashpwn #news

Exodus to Drop Monero (XMR) Support by August 2025
Cyclonecyclone@infosec.exchange
2025-05-13

Spider v0.9.0 released:

Updates:
-url-match flag to filter URLs by keyword
Several small bug fixes
Go bumped to v1.24.3

forum.hashpwn.net/post/606

#infosec #spider #urlcrawl #hashpwn #wordlist #ngram

Cyclonecyclone@infosec.exchange
2025-05-09

LockBit Ransomware Group Breached.

forum.hashpwn.net/post/599

#lockbit #ransomware #breach #hack #hashpwn #cybersecurity #infosec

LockBit Ransomware Group Breached
Cyclonecyclone@infosec.exchange
2025-05-06

For anyone having issues logging into hashpwn or creating a new account due to captcha not working, this issue has been fixed.

forum.hashpwn.net/post/591

#hashpwn #captcha

Cyclone boosted:
Kali Linuxkalilinux@infosec.exchange
2025-04-28

⚠️ Warning ⚠️
Kali has a new signing key! 🔑
(Manual action required! 🫣)

If you are getting:

> Missing key 827C8569F2518CC677FECA1AED65462EC8D5E4C5, which is needed to verify signature.

You need to download and install the new key manually, here’s the one-liner:

```
sudo wget archive.kali.org/archive-keyri -O /usr/share/keyrings/kali-archive-keyring.gpg
```

Blog post: A New Kali Linux Archive Signing Key ~ kali.org/blog/new-kali-archive

Cyclonecyclone@infosec.exchange
2025-04-21

I am sad to announce that our friend and hashpwn moderator, Flagg, passed away a few weeks ago.

Flagg was not only a talented individual in his field, he was a good friend and will be greatly missed.

Announcements were made at hashpwn and hashmob where Flagg was an active member.

hashpwn:
forum.hashpwn.net/post/569

hashmob:
discord.com/channels/840750605

Rest in peace, friend.

Cyclone boosted:
Royce Williamstychotithonus@infosec.exchange
2025-04-19

Password crackers:

If you're still mashing up all of your wordlists into a single monolithic file for deduplication purposes ... let me suggest an option that scales better, simply by approaching the problem differently:

Deduplicate each new source as it arrives, and then add it to a repository, by removing all strings already in your repository ...and then preserve it as a separate file! (You might call this the "sort once, deduplicate often" method.)

blog.techsolvency.com/2025/04/

The key benefit: the memory usage required is a factor of the size of the new file alone, rather than of the entire corpus.

Also useful for other medium-sized "dedupe a recurring stream of new sets of strings over time" use cases.

(And if you're not doing this anymore, now you have a reference to share with the folks who still are!)

#PasswordCracking

Cyclonecyclone@infosec.exchange
2025-04-17

🚀 Spider v0.8.0

New features include:

"-file" to generate n-grams from local plaintext files

"-timeout" for URL crawling

"-sort" to output n-grams by frequency

forum.hashpwn.net/post/52

#spider #webcrawler #wordlist #ngram #infosec #hashcracking #golang #hashpwn

Cyclonecyclone@infosec.exchange
2025-04-17

CISA Warns: 2021 SonicWall SMA 100 VPN Bug (CVE‑2021‑20035) Now Weaponized for Remote Code Execution

forum.hashpwn.net/post/564

#CISA #SonicWall #CVE #RCE #infosec #exploit #hashpwn

Cyclonecyclone@infosec.exchange
2025-04-16

4chan Hit by Major Breach: Alleged Hacker Leaks Source Code, Moderator Identities, and Disrupts Site

forum.hashpwn.net/post/563

#4chan #forum #infosec #hashpwn #hack #breach

Cyclonecyclone@infosec.exchange
2025-04-16

ProtectEU threatens End-to-End-Encryption across VPNs, messaging apps, and secure email services.

This is part of a growing global trend where governments push for backdoors under the guise of national security. While aimed at combating crime, these proposals risk eroding digital privacy, weakening cybersecurity, and potentially driving privacy-focused services out of EU jurisdictions altogether.

forum.hashpwn.net/post/562

#ProtectEU #vpn #backdoor #infosec #privacy #hashpwn

Cyclonecyclone@infosec.exchange
2025-04-11

With a significant number of CVEs stemming from memory safety issues in C systems programming, what is the best path forward?

#memorysafety #systemsprogramming #rust #zig #c

Cyclone boosted:
BleepingComputerBleepingComputer@infosec.exchange
2025-04-09

Threat actors are abusing SourceForge to distribute fake Microsoft add-ins that install malware on victims' computers to both mine and steal cryptocurrency.

bleepingcomputer.com/news/secu

Cyclonecyclone@infosec.exchange
2025-04-08

hashgen v1.1.2 update

In the spirit of keeping hashgen blazingly fast, I published an optimized Base58 package:
pkg.go.dev/github.com/cyclone-

Switching to cyclone/base58 boosted hashgen's Base58 encode/decode performance by 500%.

Key features:

Familiar API, modeled after Go’s stdlib encoding/base64

Pure Go, no external deps

Fast, byte-slice optimized encoding/decoding

More details:
forum.hashpwn.net/post/542

#golang #infosec #hashgen #base58 #hashpwn #opensource

Cyclonecyclone@infosec.exchange
2025-04-04

What a great Crack the Con #contest put on by #CsP! Congrats to Team #Hashmob for 1st, #Unmuddlers for 2nd, and #UNSHADE for 3rd!

crackthecon.com/leaderboard.php
forum.hashpwn.net/topic/119/cr

#CtC #hashcracking #hashpwn

Cyclone boosted:
BleepingComputerBleepingComputer@infosec.exchange
2025-04-02

ChatGPT, the famous artificial intelligence chatbot that allows users to converse with various personalities and topics, has connectivity issues worldwide.

bleepingcomputer.com/news/arti

Cyclonecyclone@infosec.exchange
2025-03-31

If you're into infosec news, I'm posting daily articles from top sources over on hashpwn. Check it out:

forum.hashpwn.net/topic/120/in

#infosec #news #hashpwn

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst