New RoadK1ll WebSocket implant used to pivot on breached networks

A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to ...
GitHub

Node-API addon for writing high-performance multi-threaded WebSocket servers.

WebSocket connections are accepted and managed by WSBroker's multi-threaded Rust code. Incoming WebSocket messages (and other events) are handed off to JavaScript callback methods, allowing you to ...
GitHub

Bun WebSocket implementation drops/fragments ~564-byte SSH KEX reply (works in Node)

Clone the repository and run the setup script: This script generates the necessary P-256 SSH keys and builds a Docker container running a Dropbear SSH server. git ...
Bleeping Computer

Fortinet warns of auth bypass zero-day exploited to hijack firewalls

Attackers are exploiting a new authentication bypass zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. This security flaw (tracked as ...