{"vulnerability": "CVE-2023-28303", "sightings": [{"uuid": "a4ed4a21-6418-46af-a33a-42955be0ef2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-28303", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=997", "content": "", "creation_timestamp": "2023-03-27T04:00:00.000000Z"}, {"uuid": "910c00fe-8f20-4eab-98c6-0627ff73adab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28303", "type": "published-proof-of-concept", "source": "https://t.me/writeup_ctf/15", "content": "\u041e\u0441\u0442\u043e\u0440\u043e\u0436\u043d\u0435\u0435 \u0441 \u0434\u043e\u0432\u0435\u0440\u0438\u0435\u043c \u043e\u0442 @Vampir_Gosha\n\n\u0418\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u0441\u0438\u0441\u0430\u0434\u043c\u0438\u043d \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u043e\u0431\u0440\u0435\u0437\u0430\u043d (\u0442\u0430\u043a \u043a\u0430\u043a \u0435\u0441\u0442\u044c \u043e\u0440\u0438\u0433\u0438\u043d\u0430\u043b, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u0437\u0430\u0442\u0435\u0440\u0442\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f). \n\n\u041d\u0430 \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u0435 \u0432\u0438\u0434\u0438\u043c, \u0447\u0442\u043e \u041e\u0421 Windows, \u0437\u043d\u0430\u0447\u0438\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u041d\u043e\u0436\u043d\u0438\u0446\u044b.\n \n\u041f\u0443\u0442\u0435\u043c \u043d\u0435\u0434\u043e\u043b\u0433\u043e\u0433\u043e \u043f\u043e\u0438\u0441\u043a\u0430 \"\u043d\u043e\u0436\u043d\u0438\u0446\u044b windows vulnetrable\" \u043d\u0430\u0445\u043e\u0434\u0438\u043c \u0441\u0432\u0435\u0436\u0443\u044e CVE-2023-28303.\n\n\u041f\u0443\u0442\u0435\u043c \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u0442\u043e\u0433\u043e \u043f\u043e\u0438\u0441\u043a\u0430 \"cve-2023-28303 exploit\" \u043d\u0430\u0445\u043e\u0434\u0438\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043d\u0430 Github.\nhttps://github.com/frankthetank-music/Acropalypse-Multi-Tool\n\n\u0421\u043a\u0430\u0436\u0438\u0432\u0430\u0435\u043c \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439, \u0438\u043c\u043f\u043e\u0440\u0442\u0438\u0440\u0443\u0435\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u044e\u0449\u0438\u0435 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 python ./gui.py\n\n\u0414\u0430\u043b\u0435\u0435 \u0432\u044b\u0431\u0438\u0440\u0430\u0435\u043c RestoreTool, \u043f\u043e\u0434\u0433\u0440\u0443\u0436\u0430\u0435\u043c \u043e\u0431\u0440\u0435\u0437\u0430\u043d\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442, \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u043c \u0440\u0430\u0437\u043c\u0435\u0440\u044b, \u0432\u0437\u044f\u0432 \u0438\u0445 \u0438\u0437 \u0431\u043e\u043b\u044c\u0448\u043e\u0433\u043e \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f, \u0438 \u043f\u043e\u043b\u0443\u0447\u0430\u0435\u043c \u043e\u0431\u0440\u0435\u0437\u0430\u043d\u043d\u0443\u044e \u0447\u0430\u0441\u0442\u044c, \u0433\u0434\u0435 \u0432\u0438\u0434\u0438\u043c \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0443\u044e \u043a\u0430\u0440\u0442\u0443!\n\n\ud83d\udea9https://codeby.games\n\n#codebygames", "creation_timestamp": "2024-11-21T19:45:02.000000Z"}, {"uuid": "b7481762-1455-49aa-a78a-f6e8c2146249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28303", "type": "seen", "source": "https://t.me/habr_com_news/16273", "content": "24 \u043c\u0430\u0440\u0442\u0430 Microsoft \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-28303 \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u00ab\u041d\u043e\u0436\u043d\u0438\u0446\u044b\u00bb (Snipping Tool) \u0434\u043b\u044f Windows 10/11. \u0412 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u044d\u0442\u043e\u0442 \u0431\u0430\u0433 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS \u0432 3.3 \u0431\u0430\u043b\u043b\u0430 (\u043d\u0438\u0437\u043a\u0430\u044f \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438). \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043d\u0430\u043e\u0431\u043e\u0440\u043e\u0442 \u0441\u0447\u0438\u0442\u0430\u044e\u0442, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0432 \u00ab\u041d\u043e\u0436\u043d\u0438\u0446\u0430\u0445\u00bb \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u0434\u0430\u043d\u043d\u044b\u0445. \n\n#Microsoft #\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c", "creation_timestamp": "2023-03-27T12:42:50.000000Z"}, {"uuid": "edd451c0-c3df-4e28-a534-df5f69f59086", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28303", "type": "published-proof-of-concept", "source": "https://t.me/NinjaSec/218", "content": "1. 4w4k3 tools\nhttps://github.com/4w4k3\n\n\n2. Wifiphisher\nhttps://github.com/wifiphisher/wifiphisher.git\n\n\n3. EasY_HaCk\nhttps://github.com/sabri-zaki/EasY_HaCk\n\n\n4. WishFish\nhttps://github.com/kinghacker0/WishFish\n\n\n5. BlackPhish\nhttps://github.com/iinc0gnit0/BlackPhish\n\n\n6. XLR8_BOMBER\nhttps://github.com/khansaad1275/XLR8_BOMBER\n\n\n7. BossAdv\nhttps://github.com/The-Boss-Hacker/BossAdv.git\n\n\n8. Lazymux\nhttps://github.com/Gameye98/Lazymux\n\n\n9. Infect\nhttps://github.com/noob-hackers/infect\n\n\n10. m-bomber2.O\nhttps://github.com/jatinkalwar/m-bomber2.O\n\n\n11. Phishing by lovehacker404\nhttps://github.com/lovehacker404/Phishing\n\n\n12. AsyncRAT Dark Mode\nhttps://github.com/MonsterCadd/AsyncRAT-Dark-Mode\n\n\n13. KitHack\nhttps://github.com/AdrMXR/KitHack\n\n\n14. ElfDoor (GCC)\nhttps://github.com/MatheuZSecurity/ElfDoor-gcc\n\n\n15. Dh-All\nhttps://github.com/DH-AL/Dh-All\n\n\n16. RedTiger Tools\nhttps://github.com/loxy0dev/RedTiger-Tools\n\n\n17. LazyXSS\nhttps://github.com/iamunixtz/LazyXss\n\n\n18. FinalRecon\nhttps://github.com/thewhiteh4t/finalrecon\n\n\n19. UFONet\nhttps://github.com/epsylon/ufonet.git\n\n\n20. Brutegram\nhttps://github.com/Err0r-ICA/Brutegram\n\n\n21. Commix (Command Injection)\nhttps://github.com/commixproject/commix.git\n\n\n22. Bbot (Recon tool)\nhttps://github.com/blacklanternsecurity/bbot\n\n\n23. Exploit CVE-2025-24799\nhttps://github.com/MatheuZSecurity/Exploit-CVE-2025-24799\n\n\n24. LFI_Racer\nhttps://github.com/OssamaN7/LFI_Racer\n\n\n25. Counter OSINT Guide (RU)\nhttps://github.com/soxoj/counter-osint-guide-ru\n\n\n26. YouTube OSINT\nhttps://github.com/cqcore/YouTube-Video-OSINT\n\n\n27. Web Check\nhttps://github.com/Lissy93/web-check\n\n\n28. Sherlock OSINT VM\nhttps://github.com/4m3rr0r/Sherlock\n\n\n29. DFW1N-OSINT Tools\nhttps://github.com/DFW1N/DFW1N-OSINT\n\n\n30. Netlas Cookbook\nhttps://github.com/netlas-io/netlas-cookbook\n\n\n31. OSINT Stuff Tool Collection\nhttps://github.com/cipher387/osint_stuff_tool_collection\n\n\n32. Nuclei SQLi/XSS Templates\nhttps://github.com/HackingTeamOficial/Nucleisqlixss\n\n\n33. urx (OSINT URL Extractor)\nhttps://github.com/hahwul/urx\n\n\n34. Koneko Shellcode Loader\nhttps://github.com/Meowmycks/koneko\n\n\n35. PANO (OSINT Platform)\nhttps://github.com/ALW1EZ/PANO.git\n\n\n36. SMWYG - Show Me What You Got\nhttps://github.com/Viralmaniar/SMWYG-Show-Me-What-You-Got.git\n\n\n37. SocialFish\nhttps://github.com/UndeadSec/SocialFish\n\n\n38. SnipRecover-CL (CVE-2023-28303)\nhttps://github.com/m31r0n/SnipRecover-CL\n\n\n39. Go Secdump (Windows SAM/LSA Extractor)\nhttps://github.com/jfjallid/go-secdump\n\n\n40. BlueSpy (Bluetooth Audio Recording)\nhttps://github.com/TarlogicSecurity/BlueSpy\n\n\n41. T-Remix\nhttps://github.com/Bhaviktutorials/T-Remix\n\n\n42. Ubuntu Tools\nhttps://github.com/tahmidrayat/ubuntu\n\n\n43. bash2mp4\nhttps://github.com/htr-tech/bash2mp4\n\n\n44. Insta_report_eyes\nhttps://github.com/z6il/Insta_report_eyes\n\n\n45. OSEP (Pentesting)\nhttps://github.com/In3x0rabl3/OSEP\n\n\n46. Snoop\nhttps://github.com/AnkhCorp/Snoop\n\n\n47. Radar (Recon)\nhttps://github.com/Elite-Security-Systems/radar\n\n\n48. cheat.sh (Command line cheats)\nhttps://github.com/chubin/cheat.sh?tab=readme-ov-file\n\n\n49. Cybersecurity AI (CAI)\nhttps://github.com/aliasrobotics/cai\n\n#GrayHats", "creation_timestamp": "2025-04-19T16:26:39.000000Z"}, {"uuid": "bdcfe063-a765-4d44-8de6-c8eb7826bd51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28303", "type": "seen", "source": "https://t.me/kasperskyb2b/534", "content": "\ud83d\udc68\u200d\ud83d\udcbb \u0412\u0430\u0436\u043d\u044b\u0435 APT-\u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0435\u0434\u0435\u043b\u0438\n\n\u041d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f APT \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435, \u0442\u0440\u0430\u043d\u0441\u043f\u043e\u0440\u0442\u043d\u044b\u0435 \u0438 \u0441\u0435\u043b\u044c\u0441\u043a\u043e\u0445\u043e\u0437\u044f\u0439\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u041a\u0440\u044b\u043c\u0443, \u041b\u0443\u0433\u0430\u043d\u0441\u043a\u0435 \u0438 \u0414\u043e\u043d\u0435\u0446\u043a\u0435. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043f\u0430\u0440\u0430 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u043e\u0432: PowerMagic, \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u043d\u044b\u0439 \u043d\u0430 Powershell \u0438 \u043c\u043e\u0434\u0443\u043b\u044c\u043d\u044b\u0439 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a CommonMagic, \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u0439 \u0432 \u0447\u0438\u0441\u043b\u0435 \u043f\u0440\u043e\u0447\u0435\u0433\u043e \u0434\u0435\u043b\u0430\u0442\u044c \u0441\u043a\u0440\u0438\u043d\u0448\u043e\u0442\u044b \u0438 \u0432\u043e\u0440\u043e\u0432\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0441\u043e \u0441\u044a\u0435\u043c\u043d\u044b\u0445 \u043d\u043e\u0441\u0438\u0442\u0435\u043b\u0435\u0439. \u0418\u0437 \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439 \u2013 \u0434\u043b\u044f C2 \u0438 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f Dropbox \u0438 OneDrive. IOC \u0438 \u0434\u0435\u0442\u0430\u043b\u0438 \u043d\u0430 Securelist.\n\nAPT-\u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0438\u0437 \u043a\u043b\u0430\u0441\u0442\u0435\u0440\u0430 APT41/Gallium \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0442\u0435\u043b\u0435\u043a\u043e\u043c-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u043e\u0432 \u0441 \u0446\u0435\u043b\u044c\u044e \u043a\u0440\u0430\u0436\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.  \u0412\u0435\u043a\u0442\u043e\u0440\u043e\u043c \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u043e\u0432\u0435\u043d\u0438\u044f \u043e\u0431\u044b\u0447\u043d\u043e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0439 \u0441\u0435\u0440\u0432\u0435\u0440 MS Exchange, \u043e\u043d \u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043f\u0435\u0440\u0435\u0432\u0430\u043b\u043e\u0447\u043d\u043e\u0433\u043e \u043f\u0443\u043d\u043a\u0442\u0430 \u043f\u0440\u0438 \u044d\u043a\u0441\u0444\u0438\u043b\u044c\u0442\u0440\u0430\u0446\u0438\u0438 \u0434\u0430\u043d\u043d\u044b\u0445. \u0414\u0430\u043b\u0435\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0435 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u044e\u0442 \u0441\u0432\u043e\u0439 \u0438\u043c\u043f\u043b\u0430\u043d\u0442 \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0443\u0447\u0451\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445. \u041e\u043d \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0441\u0438\u043b\u044c\u043d\u043e \u0434\u043e\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u043c mimikatz, \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0442\u0435\u0445\u043d\u0438\u043a \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u0441\u043a\u0440\u044b\u0442\u043d\u043e\u0441\u0442\u0438 \u0438 \u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u044f\u043c\u043e \u0432 LSASS.\n\n\u041d\u043e\u0432\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e \u0440\u0430\u0431\u043e\u0442\u0435 \u04212 \u0438 TTP APT37/Scarcruft/Reaper \u2013 \u0440\u0430\u0437, \u0434\u0432\u0430 \u2013 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u044b \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u0433\u0440\u0443\u043f\u043f\u0430 \u043d\u0435\u0447\u0430\u044f\u043d\u043d\u043e \u0441\u043b\u0438\u043b\u0430 \u0441\u0432\u043e\u0439 Github-\u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439\ud83e\udd26\u200d\u2642\ufe0f. \u0421\u0440\u0435\u0434\u0438 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0445 \u043d\u0430\u0445\u043e\u0434\u043e\u043a \u2013 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0448\u0438\u0440\u043e\u043a\u043e\u0433\u043e \u0441\u043f\u0435\u043a\u0442\u0440\u0430 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 CHM, HTA, HWP (Hancom office), XLL (MS Excel Add-in).\n\n\u041f\u0435\u0440\u0435\u0445\u043e\u0434\u044f \u043e\u0442 \u0448\u043f\u0438\u043e\u043d\u043e\u0432 \u043a \u043a\u043e\u043c\u043c\u0435\u0440\u0441\u0430\u043d\u0442\u0430\u043c, \u0441\u0435\u043c\u0435\u0439\u0441\u0442\u0432\u043e Magecart \u043e\u0431\u0437\u0430\u0432\u0435\u043b\u043e\u0441\u044c \u043d\u043e\u0432\u044b\u043c \u0432\u0435\u0431-\u0441\u043a\u0438\u043c\u043c\u0435\u0440\u043e\u043c Kritec, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 Websockets \u0438 \u043f\u0440\u0438\u043a\u0438\u0434\u044b\u0432\u0430\u0435\u0442\u0441\u044f Google Tag Manager.  \u041f\u0430\u0440\u0430\u043b\u043b\u0435\u043b\u044c\u043d\u043e Mage\u0441art \u0432\u043e\u043e\u0440\u0443\u0436\u0438\u043b\u0438\u0441\u044c \u043e\u0431\u0444\u0443\u0441\u043a\u0430\u0442\u043e\u0440\u043e\u043c Hunter, \u043f\u043e\u0438\u0441\u043a \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0441\u0430\u0439\u0442\u043e\u0432 \u0441\u0442\u0430\u043d\u0435\u0442 \u043d\u0435\u043c\u043d\u043e\u0433\u043e \u0441\u043b\u043e\u0436\u043d\u0435\u0435. \n\n\u0414\u0440\u0443\u0433\u0438\u0435 \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411:\nMicrosoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0433\u0438\u0434 \u043f\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432 \u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 CVE-2023-23397 \u0432 Outlook.  \u041a\u0440\u043e\u043c\u0435 \u043e\u0431\u044b\u0447\u043d\u043e\u0433\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0438 \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438, \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u044e\u0442 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u043e\u0441\u0442-\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 TTP \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0425\u0430\u043a\u0435\u0440\u044b \u043d\u0430 Pwn2Own \u0432 \u0412\u0430\u043d\u043a\u0443\u0432\u0435\u0440\u0435 \u0437\u0430\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0438 \u0447\u0443\u0442\u044c \u0431\u043e\u043b\u044c\u0448\u0435 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u0430 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432 \u0438 \u043e\u0434\u043d\u0443 \u00ab\u0422\u0435\u0441\u043b\u0443\u00bb. \u041b\u0438\u0434\u0435\u0440\u043e\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0433\u043e \u0437\u0430\u0447\u0451\u0442\u0430 \u0441\u0442\u0430\u043b\u0438 \u0440\u0435\u0441\u0451\u0440\u0447\u0435\u0440\u044b Synacktiv, \u0437\u0430\u0440\u0430\u0431\u043e\u0442\u0430\u0432\u0448\u0438\u0435 \u043e\u043a\u043e\u043b\u043e \u043f\u043e\u043b\u043e\u0432\u0438\u043d\u044b \u043e\u0431\u0449\u0435\u0439 \u0441\u0443\u043c\u043c\u044b \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 27 \u0431\u0430\u0433\u043e\u0432,  \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0432 Tesla \u0438 Windows 11.\n\n\u0422\u0440\u0438\u043e \u0434\u0435\u0444\u0435\u043a\u0442\u043e\u0432 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u0440\u0435\u0448\u0435\u043d\u0438\u0438 \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0445\u043e\u0441\u0442\u0438\u043d\u0433\u043e\u043c CloudPanel \u0434\u0435\u043b\u0430\u0435\u0442 \u043b\u044e\u0431\u044b\u0435 \u043f\u0440\u043e\u0435\u043a\u0442\u044b \u043f\u043e\u0434 \u0435\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u043c\u0438 \u043a \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0443 \u043f\u0430\u0440\u043e\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u2013 \u0432 \u0441\u043e\u0447\u0435\u0442\u0430\u043d\u0438\u0438 \u043e\u0431\u0449\u0435\u0433\u043e \u043f\u0440\u0438\u0432\u0430\u0442\u043d\u043e\u0433\u043e SSL-\u043a\u043b\u044e\u0447\u0430 \u0434\u043b\u044f \u0432\u0441\u0435\u0445 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0439 CloudPanel \u0438 \u043e\u043f\u0430\u0441\u043d\u044b\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u0445 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0442\u0441\u044f \u043f\u0440\u0438 \u0438\u043d\u0441\u0442\u0430\u043b\u043b\u044f\u0446\u0438\u0438 CloudPanel, \u0434\u0430\u0436\u0435 \u0435\u0441\u043b\u0438 \u0440\u0430\u043d\u044c\u0448\u0435 \u0444\u0430\u0439\u0440\u0432\u043e\u043b \u0431\u044b\u043b \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e. \u041f\u043e\u043b\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043e\u0442 \u0432\u0435\u043d\u0434\u043e\u0440\u0430 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0430\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 \u0441 CloudPanel \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0437\u0430\u043c\u0435\u043d\u0430 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0432, \u043f\u0435\u0440\u0435\u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430 \u0444\u0430\u0439\u0440\u0432\u043e\u043b\u0430 \u0438 \u0437\u0430\u043c\u0435\u043d\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u043f\u0430\u0440\u043e\u043b\u0435\u0439. \n\n\u0415\u0449\u0451 \u0440\u0430\u0437 \u0438\u043b\u043b\u044e\u0441\u0442\u0440\u0438\u0440\u0443\u044f \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u043a\u0443 \u00ab\u0437\u0430 \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u043e\u043c \u043f\u0430\u0442\u0447\u0435\u0439 \u043d\u0430\u0441\u0442\u0443\u043f\u0430\u0435\u0442 \u0441\u0440\u0435\u0434\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432\u00bb, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 IBM \u043c\u0435\u043d\u0435\u0435 \u0447\u0435\u043c \u0437\u0430 \u0441\u0443\u0442\u043a\u0438 \u0440\u0435\u043a\u043e\u043d\u0441\u0442\u0440\u0443\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0440\u0430\u0431\u043e\u0442\u043e\u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f CVE-2023-21768 \u0432 Winsock, \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0439 Microsoft \u0432 \u044f\u043d\u0432\u0430\u0440\u0441\u043a\u043e\u043c \u043f\u0430\u043a\u0435\u0442\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0418, \u043d\u0435 \u043e\u0442\u043f\u0443\u0441\u043a\u0430\u044f \u0442\u0435\u043c\u0443 Microsoft, \u0434\u043b\u044f Windows 11 \u0431\u044b\u043b \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u0441\u0440\u043e\u0447\u043d\u044b\u0439 \u043f\u0430\u0442\u0447, \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0438\u0439 aCropalypse (CVE-2023-28303), \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0447\u0430\u0441\u0442\u044c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043d\u0430 \u043e\u0431\u0440\u0435\u0437\u0430\u043d\u043d\u044b\u0445 (cropped) \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f\u0445 PNG, \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u0430\u043d\u043d\u044b\u0445 \u00ab\u043d\u043e\u0436\u043d\u0438\u0446\u0430\u043c\u0438\u00bb Windows. \u0410\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u044b\u0439 \u0431\u0430\u0433 \u0432 Google Pixel \u0437\u0430\u043a\u0440\u044b\u0442 \u043c\u0430\u0440\u0442\u043e\u0432\u0441\u043a\u0438\u043c\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0442 Google.\n\n@\u041f2\u0422 #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442", "creation_timestamp": "2023-03-27T10:59:28.000000Z"}, {"uuid": "e3fdb7f3-0901-45e7-bc61-cf6cb6dfe72d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28303", "type": "published-proof-of-concept", "source": "Telegram/qXNJslxnjXKDbzbWFeNXVVlsVlMU-pUg_AIiSpeMi9y1jSI", "content": "", "creation_timestamp": "2025-04-18T05:00:06.000000Z"}, {"uuid": "3e0f8837-9dbf-4270-a91d-f85334d93f58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28303", "type": "published-proof-of-concept", "source": "https://t.me/NinjaSec/28343", "content": "media.io\n\nThe easiest to use free online video editor. Allows you to quickly edit a video from several video and audio files, add text, graphics, subtitles and voiceover. Almost all functions are free (except for voiceovers over 2000 characters), but a watermark is added to the finished video (small and in the corner).\n\nAn online tool for visualizing connections between various investigation entry points (domains, phone numbers, emails, people's names, etc.). It can be called a simplified analogue of Maltego.\n\nFree (requests to netlas.io are partially paid, but you can benefit from the tool without them)\n\nhttps://app.netlas.io/asd/\n\nhttps://ohmyswift.ru/\n\nA huge database of Swift transfers (collected mostly by Russian and Russian-speaking users). There you can check whether transfers are currently successful in a specific bank, between two banks, what working methods there are to transfer money between two countries, etc. The site also has a blog with articles on solving various problems related to Swift transfers.\n\nOne of the most comprehensive collections of resources and tools for gathering information in Australia (archives, dating sites, car registration information, webcams and much more) \n\nhttps://github.com/DFW1N/DFW1N-OSINT\n\nA large selection of Python code examples using the Netlas API (50 requests per day for free) to automate various tasks related to OSINT and pentesting.\n\nhttps://github.com/netlas-io/netlas-cookbook\n\nIt will also be useful for automating work with other IP search engines (Shodan, Censys, Fofa), and, in general, with a wide variety of REST APIs.\n\n\u2014 This repository includes around a thousand Unix/Linux commands and 55 programming languages.\n\nhttps://github.com/chubin/cheat.sh?tab=readme-ov-file\n\nRepository: RedTiger - Penetration Testing and Hacking Tool\n\nRedTiger is a free multi-tool with a variety of cybersecurity and hacking features.\n\n\u2014 This tool allows you to carry out and implement various attacks, such as SQL injections, extract information via email, etc.\n\nhttps://github.com/loxy0dev/RedTiger-Tools\n\nLazyXss - Cross site scriptiong Testing Automation Tool v1.2\n\nhttp://github.com/iamunixtz/LazyXss\n\nPANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data\n\nGetting Started\n\ngit clone https://github.com/ALW1EZ/PANO.git\n\nFinalRecon | All-in-one #OSINT web reconnaissance tool\n\nFinalRecon is an automated web reconnaissance tool written in Python. The goal of FinalRecon is to provide an overview of the target in a short period while maintaining result accuracy. Instead of running multiple tools one after another, it can provide similar results while keeping dependencies small and simple.\nhttps://github.com/thewhiteh4t/finalrecon\n\nSnipRecover CLI\n\nDetection and restoration of Windows Snipping Tool PNG captures vulnerable to CVE-2023-28303\n\nSnipRecover CLI is a minimal, dependency-free command-line utility designed to:\n\nDetect PNG files modified by the Windows Snipping Tool vulnerability (CVE-2023\u201128303).\n\nRestore the original image by recovering compressed data appended after the IEND chunk.\n\nBy default, restored images use RGBA and a resolution of 1920 \u00d7 1080, and if no output path is specified, the tool writes to restored-.png.\n\nLink: https://github.com/m31r0n/SnipRecover-CL\n\nA tool to remotely extract and copy sensitive Windows files (SAM, LSA) without saving a disk\n\nip\n-Target-IP\n-aes -key\n-DUMP\n-Sam\n--lsa\n-DCC2\n--relay\n-Relay-port\n\nhttps://github.com/jfjallid/go-secdump\nhttps://github.com/jfjallid/go-secdump/releases\n\n#soft #golang #redteam #gosecdump\n\nPoC to record audio from a Bluetooth device\nhttps://github.com/TarlogicSecurity/BlueSpy\n\nSSRFUtility - SSRF Exploitation Tool\n\nhttps://ssrf.cvssadvisor.com\n\nNuclei Templates for a Custom Scanner\nHere you can download the templates for the nuclei tool with more than 1244 files focused on finding SQLi and XSS vulnerabilities \u2014 templates commonly used by bug bounty hunters.\n\n#GrayHats", "creation_timestamp": "2025-04-18T20:05:59.000000Z"}, {"uuid": "31a327e0-eb9d-4751-9baa-7e3d0693b51f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28303", "type": "seen", "source": "https://t.me/true_secator/4218", "content": "\u041f\u043e\u0441\u043b\u0435 \u043f\u0440\u0435\u0434\u0432\u0430\u0440\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u043c \u043c\u044b \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u0438 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435, Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Snipping Tool \u0434\u043b\u044f Windows 10 \u0438 Windows 11 c \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0435\u0439 \u043d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 Acropalypse.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2023-28303 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0442\u0435\u043c, \u0447\u0442\u043e \u0440\u0435\u0434\u0430\u043a\u0442\u043e\u0440\u044b \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u0443\u0434\u0430\u043b\u044f\u043b\u0438 \u043e\u0431\u0440\u0435\u0437\u0430\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043f\u0440\u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0438 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430.\n\n\u041e\u043d\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u0440\u0430\u0437\u043c\u0435\u0442\u043a\u0438 Google Pixel, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0442\u0430\u043a\u0436\u0435 \u043e\u0441\u0442\u0430\u0432\u043b\u044f\u043b \u043e\u0431\u0440\u0435\u0437\u0430\u043d\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u0438\u0441\u0445\u043e\u0434\u043d\u043e\u043c \u0444\u0430\u0439\u043b\u0435.\n\n\u041e\u0441\u0442\u0430\u0432\u0448\u0438\u0435\u0441\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0447\u0430\u0441\u0442\u0438\u0447\u043d\u043e\u0433\u043e \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0433\u043e \u043e\u0431\u0440\u0435\u0437\u0430\u043d\u043d\u043e\u0433\u043e \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044e \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0445\u043e\u0442\u0435\u043b \u0441\u043a\u0440\u044b\u0442\u044c.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0438\u0437\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u043f\u043e\u0434\u0441\u0447\u0435\u0442\u0430\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0438\u0437\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u0439, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 Acropalypse, \u043c\u043e\u0436\u0435\u0442 \u043e\u043a\u0430\u0437\u0430\u0442\u044c\u0441\u044f \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0432\u043d\u0443\u0448\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c: \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 VirusTotal \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 4000.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0438 Windows 11 Snipping Tool - 10.2008.3001.0 \u0438 Windows 10 Snip &amp; Sketch - 11.2302.20.0.\n\n\u0418 \u0432\u0441\u0435\u0433\u0434\u0430 \u043f\u043e\u043c\u043d\u0438\u0442\u044c \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0440\u0435\u0442\u0443\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0441\u043d\u0438\u043c\u043a\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u041f\u041e.", "creation_timestamp": "2023-03-27T11:10:07.000000Z"}, {"uuid": "31b67b28-da9c-4ee6-814d-1a37ef2fdc39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28303", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8162", "content": "#exploit\n1. CVE-2023-21036,\u00a0CVE-2023-28303:\naCropalypse Vulnerability and Restoration of GIF Images\nhttps://zenn.dev/heriet/articles/acropalypse-gif\n]-&gt; https://github.com/heriet/acropalypse-gif\n\n2. CVE-2023-2017:\nShopware 6 Server-side Template Injection (SSTI) via Twig Security Extension\nhttps://starlabs.sg/advisories/23/23-2017", "creation_timestamp": "2023-04-22T12:47:01.000000Z"}]}