Mentions & References 📰

2025

VulnCheck

ICTBroadcast: KEV / analysis

2025

The Hacker News

Hackers Target ICTBroadcast Servers via Cookie Exploit to Gain Remote Shell Access

2025

HackingBlogs

Metasploit 6.4.64 — RCE & privilege escalation exploits (2025)

2025

SecurityOnline

Craft CMS zero-day CVE-2025-32432 exploited — Metasploit module public

2025

SecurityOnline

CVSS 10 RCE in Wing FTP Server — CVE-2025-47812 (PoC released)

2025

Rapid7 Blog

Metasploit Wrap-Up — 09/26/2025

2025

Rapid7 Blog

Metasploit Wrap-Up — 08/25/2025

2025

Rapid7 Blog

Metasploit Wrap-Up — 07/11/2025

2025

Rapid7 Blog

Metasploit Wrap-Up — 06/27/2025

2025

Rapid7 Blog

Metasploit Wrap-Up — 05/22/2025

2025

Rapid7 Blog

Metasploit Wrap-Up — 05/16/2025

2025

Huntress

Wing FTP Server RCE — CVE-2025-47812 (exploited in the wild; correlated with Metasploit module — credit: Chocapikk)

2024

MyHackerTech

Interview with Valentin a.k.a. Chocapikk — Cybersecurity: it’s not just a game

2024

SCWorld

CISA flags active exploitation of critical Microsoft SharePoint bug

2024

Medium (RolandHack)

WebGuardians — Adventurous pentesting on the road to a social network under construction

2024

Medium (RolandHack)

CVE-2024-29151 — Dependency confusion on Rocket.Chat

2024

SecurityOnline

Analysis: PoC exploits released for Palo Alto zero-days CVE-2024-0012 and CVE-2024-9474

2024

SecurityOnline

CVE-2024-8517 — Critical SPIP flaw, PoC published

2024

SecurityOnline

Critical flaws found in Vicidial Contact Center Suite — CVE-2024-8503 / CVE-2024-8504

2024

SecurityOnline

CVE-2024-56145 — RCE in Craft CMS (PoC published)

2024

SecurityOnline

Critical pre-auth RCE vBulletin — full server compromise (PoC available)

2024

SecurityOnline

PSAux ransomware exploiting two max-severity flaws in CyberPanel

2024

SecurityOnline

Critical GeoServer RCE — CVE-2024-36401 (actively exploited)

2024

SecurityOnline

PoC releases for unauthorized RCE CVE-2024-29269 — 40k Telesquare routers

2024

SecurityOnline

CVE-2024-31819 — Critical flaw in AVideo (full system takeover potential)

2024

Think Love Share

Spip Preauth RCE 2024: Part 2, A Big Upload

2024

Think Love Share

Spip Preauth RCE 2024: Part 1 — The Feather

2024

Rapid7 Blog

Metasploit Wrap-Up — 12/20/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 12/13/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 11/08/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 11/01/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 10/18/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 10/04/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 09/27/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 09/13/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 08/30/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 08/23/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 06/07/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 05/23/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 03/29/2024

2024

Rapid7 Blog

Metasploit Wrap-Up — 01/26/2024

2024

AttackerKB

CVE-2024-36401 — GeoServer RCE (AttackerKB topic)

2024

AttackerKB

CVE-2024-31819 (AVideo / WWNBIndex)

2024

BleepingComputer

Massive PSAUX ransomware attack targets 22,000 CyberPanel instances

2024

LeakIX Blog

Vinchin Backup RCE chain

2023

LeMondeInformatique

Les autorités américaines alertent sur une faille sévère dans Atlassian Confluence

2023

WPScan

Vulnerability record (WPScan)

2023

DarkReading

Researchers release details of new RCE exploit chain for SharePoint

2023

SecurityOnline

CVE-2023-29357 — Privilege escalation with Microsoft SharePoint Server (PoC)

2023

SecurityOnline

CVE-2023-50917 — Majordomo RCE (PoC)

2023

SecurityOnline

Backup Migration Plugin breach — hackers target WordPress sites (public PoC)

2023

SecurityOnline

Actively exploited Atlassian 0-day CVE-2023-22515 — public PoC

2023

Rapid7 Blog

Metasploit Wrap-Up — 12/22/2023

2023

Rapid7 Blog

Metasploit Wrap-Up — 12/15/2023

2023

Rapid7 Blog

Metasploit Wrap-Up — 12/01/2023

2023

AttackerKB

Backup Migration Plugin — unauthenticated RCE via Content-Dir header