Post ArwXWiYVNX7Typfyj2 by [email protected] | |
More posts by [email protected] | |
Post #ArsXMTmYfokMdKWm5g by [email protected] | |
0 likes, 0 repeats | |
New by me - No, there isn’t a world ending Apache Camel vulnerabilityhttps://… | |
Post #ArsZoWkNRZMPqT0dzE by [email protected] | |
0 likes, 0 repeats | |
If anybody is wondering where the posts online are about this, we had most of t… | |
Post #ArtKv7ovDMmSPQmcMK by [email protected] | |
0 likes, 1 repeats | |
Apache have updated their Camel advisory, it is really a particular and limited… | |
Post #ArtLFJdWzXaMqf5CQS by [email protected] | |
0 likes, 0 repeats | |
Apache credit AT&T for the find - who are also listed as the source of the … | |
Post #ArtYHNd6PnmnDSCHNg by [email protected] | |
0 likes, 1 repeats | |
@GossiTheDog there are some significant humps to reliable exploitation, I'm… | |
Post #Aruqk7V5SHD5vHGHlg by [email protected] | |
0 likes, 0 repeats | |
Apache have modified the Camel vuln description again. The attack surface obvi… | |
Post #Arv2utkM88mvtyJFTs by [email protected] | |
0 likes, 0 repeats | |
Akamai have released a PoC for the Camel thing, which introduces a deliberately… | |
Post #Arv3PLm4ULydW1dHH6 by [email protected] | |
0 likes, 0 repeats | |
In b4 people start spraying coin miners at the URI /vulnerable after seeing tha… | |
Post #Arv4NKM6tNyWUT5YdU by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog can't wait for copilot to add this repo to its corpus! | |
Post #ArwOJMhCRTkmpbIjC4 by [email protected] | |
0 likes, 0 repeats | |
As if by magic, the function in the Akamai PoC is being sprayed online at any o… | |
Post #ArwUMWkI8IuaatddJI by [email protected] | |
0 likes, 0 repeats | |
Updated El Bloggo with some prevention and detection suggestions, and noting pr… | |
Post #ArwW346iaKkQBEyYYS by [email protected] | |
0 likes, 1 repeats | |
@GossiTheDog Well, "is being sprayed randomly" does not contradict &q… | |
Post #ArwXWiYVNX7Typfyj2 by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog ok, but can we quickly talk about how the Description section read… | |
Post #ArweMW7lRUT8CzFe4G by [email protected] | |
0 likes, 1 repeats | |
@GossiTheDog I did not even know what Apache Camel up until this weekend. | |
Post #Arygf1j8Rp665cjkxc by [email protected] | |
0 likes, 0 repeats | |
Qualys' blog about CVE-2025-27636 shows a proof of concept which isn't … | |
Post #AryhNqy7IHJXkq7SdM by [email protected] | |
0 likes, 0 repeats | |
In the latest with the Camel CVE-2025-27636 saga - the attempted exploitation a… | |
Post #AryoDSLweuOEC4FpUe by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog They probably think it could be a log4j situation. thx for keeping… | |
Post #Arz1vL82B9WLvw0Fvs by [email protected] | |
0 likes, 0 repeats | |
Apache issued another CVE - CVE-2025-29891 - but it's effectively the same … | |
Post #As2lxDwJ3dMna7EYNc by [email protected] | |
0 likes, 0 repeats | |
Akamai did a blog on the Apache Camel vulns. It’s been marketing polished up … | |
Post #As2mGKcmQWqzoiDBxo by [email protected] | |
0 likes, 0 repeats | |
In summary | |
Post #As2p2FnzqaDWgAR9mq by [email protected] | |
0 likes, 1 repeats | |
@GossiTheDog Reminds me of the time that GreyNoise published a fake PoC exploit… | |
Post #As2physj9w9SLzXxpI by [email protected] | |
0 likes, 1 repeats | |
@wdormann @GossiTheDog "We created a PoC and tested it, then saw active ex… | |
Post #As2rTFAKX9DyQDsfjM by [email protected] | |
0 likes, 0 repeats | |
Qualys went back and fixed their blog, kudos - no longer says zero day and they… | |
Post #As3ATQDtJwK1qSLSFM by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog People need to justify their salaries | |
Post #As3Mia0sP0tS0CFfdY by [email protected] | |
0 likes, 1 repeats | |
Redhat have scored the Camel vuln CVE-2025–27636 as CVSS 6.3, CISA-ADP have s… | |
Post #As3NsRJhgq2JsgK6zY by [email protected] | |
0 likes, 0 repeats | |
Another fun one from this saga - the Twitter 'dark web' accounts which … | |
Post #As3OZzYGHVySVhtrXM by [email protected] | |
0 likes, 0 repeats | |
Critical... 9.8 CVSS score we made up... RED ALERT!!!!!!!!!!!!!!!!!!!!!!!!!!!!… | |
Post #As3Oh1cwxkmuyVRlNQ by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog maybe a negative indicator on the reliability of those sources | |
Post #As3PPO0n6BrP8nkdKi by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog CISA-ADP is a godsent, istg,if they ever let me rewrite our securi… | |
Post #As3Pcju11MQKnYwujA by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog this reminds me of something mentioned by the Youtuber Lazerpig on… | |
Post #As3PggnQVnjCK4kbyK by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog there's gotta be a much better way to make a name for yourself… | |
Post #As3Pik835mgXEoNNFQ by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog so, essentially, most of these are (possibly semi-automated) conte… | |
Post #As3T1tAdzzAUe4PXdI by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog we need spanning-tree for CVE | |
Post #As3T9kPMShJ7mk2fgW by [email protected] | |
0 likes, 0 repeats | |
Btw - this thread isn't to downplay the two Apache Camel vulns. They'r… | |
Post #As3WLjCh45lTO5WNdY by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog "If you use Apache Camel for something like a Jetty based web… | |
Post #As3aOT7ZiQpcC4gnz6 by [email protected] | |
0 likes, 0 repeats | |
@GossiTheDog isn’t the CVSS only useful if you have multiple „problems“ a… |