Metasploit
Coverage of Metasploit in the Nexus archive.
- Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore
The webinar 'Beyond the Zero-Day' with HD Moore highlights the inevitability of cyber breaches due to zero-day exploits and AI-driven attacks. It emphasizes shifting focus from patching vulnerabilities to controlling network architecture to limit attack reach.
- No fix yet for critical RCE bug in open-source Git service Gogs - exploit module is out
A critical remote code execution (RCE) vulnerability in Gogs, a self-hosted Git service, remains unpatched despite being reported in March. The flaw allows authenticated users to exploit default installations, steal credentials, and execute arbitrary code. Rapid7 researcher Jonah Burgess disclosed the issue (GHSA-qf6p-p7ww-cwr9) and submitted a proposed fix, but Gogs maintainers have not released a patch, prompting a Metasploit module to be published.