Privilege Escalation

Attackers Exploit ICTBroadcast Cookie Flaw to Obtain Remote Shell Access

Cybersecurity researchers have reported an active exploitation of a serious security flaw in ICTBroadcast, the autodialer software developed by ICT Innovations. The vulnerability, tracked as CVE-2025-2611 and assigned a CVSS score of 9.3, arises from insufficient input validation. This flaw allows unauthenticated remote code execution, as the call center application improperly passes session cookie data […]

Attackers Exploit ICTBroadcast Cookie Flaw to Obtain Remote Shell Access Read More »

Researchers Reveal Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation

Windows RPC Vulnerability CVE-2025-49760 Enables EPM Poisoning and Privilege Escalation Attacks Cybersecurity experts have revealed fresh details about a now-patched flaw in Microsoft Windows Remote Procedure Call (RPC) that could allow attackers to spoof legitimate services and impersonate trusted servers. The issue, tracked as CVE-2025-49760 with a CVSS score of 3.5, was described by Microsoft as a Windows

Researchers Reveal Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation Read More »