CVE-2026-35273 is a serious vulnerability affecting Oracle PeopleSoft PeopleTools. It involves a server-side request forgery weakness that allows an attacker to make the PeopleSoft system send requests internally, including to sensitive components that are not normally exposed to outside users.
Impacket 0.13.1 is almost ready to land. This release keeps the momentum from 0.13 going with new relay surfaces, stronger support for modern Windows and SQL Server environments, and a set of practical improvements across the examples scripts.
Core Impact Exploit Library Additions
One of Core Impact’s most valuable features is its certified exploit library, maintained by a team (formerly Core Labs) within the Fortra Intelligence & Research Experts (FIRE) group.
Fortra Intelligence and Research Experts (FIRE) have conducted a detailed analysis of RedSun, the latest proof-of-concept by "Chaotic Eclipse", the same researcher responsible for disclosing BlueHammer. Published in April 2026, RedSun is related to BlueHammer both in origin and technique, abusing Microsoft Defender logic and filesystem timing/path confusion to achieve privilege escalation.
Pagination
- Page 1
- Next page