Author | Lightnews

Rishi @rxerium.com · 18d

**No patch is available yet, but affected organisations should implement the mitigation immediately**

huntress.com/blog/gladine...

Active Exploitation of Gladinet CentreStack and Triofox Local File Inclusion Flaw | Huntress

Huntress has observed in-the-wild exploitation of a Local File Inclusion vulnerability in Gladinet CentreStack and Triofox products.

huntress.com

Rishi @rxerium.com · 18d

🚨 Active Exploitation of Gladinet CentreStack and Triofox Local File Inclusion Flaw (CVE-2025-11371)

I've created a vulnerability detection script here: github.com/rxerium/CVE-...

As reported by Huntress this is an unauthenticated Local File Inclusion flaw in Gladinet CentreStack and Triofox.

1 1

Rishi @rxerium.com · 24d

Here is the current exposure for E-Business Suite (via Shodan):
shodan.io/search?query...

shodan.io

Rishi @rxerium.com · 24d

Patches are available as per Oracle's Security Advisory:
oracle.com/security-ale...

oracle.com

1

Rishi @rxerium.com · 24d

🚨 Critical zero-day tagged as CVE-2025-61882 (CVSS 9.8) affecting Oracle E-Business Suite

I've created a vulnerability detection script here:
github.com/rxerium/CVE-...

This vulnerability is remotely exploitable without authentication.

GitHub - rxerium/CVE-2025-61882: Detection for CVE-2025-61882

Detection for CVE-2025-61882. Contribute to rxerium/CVE-2025-61882 development by creating an account on GitHub.

github.com

1 3

Rishi @rxerium.com · Sep 23

Solarwinds critical vuln - CVE-2025-26399

"Given SolarWinds’ past, in-the-wild exploitation is highly likely" as being reported by WatchTowr Labs

I've created a detection script for this vuln:
github.com/rxerium/CVE-...

128 currently vulnerable across 22 countries / 90 cities:

github.com

2

Rishi @rxerium.com · Sep 20

Security Advisory suggests upgrading to 7.8.4, or the Sustain Release 7.6.3:
www.fortra.com/security/adv...

Deserialization Vulnerability in GoAnywhere MFT's License Servlet

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object,…

www.fortra.com

Rishi @rxerium.com · Sep 20

🚨 Critical — CVE-2025-10035 (CVSS 10.0): Fortra has disclosed a deserialization flaw in the GoAnywhere MFT License Servlet that can allow remote command-injection.

I've created a #nuclei script to detect vulnerable instances at scale:
github.com/rxerium/CVE-...

1

Rishi @rxerium.com · Sep 11

Detection for critical SAP Netweaver vulnerability (CVE-2025-42944):
github.com/rxerium/CVE-...

Reposted by Rishi

UK OSINT Community @osint-community.bsky.social · Sep 8

🕵️‍♂️ New OSINT training drop: Learn how to use X (Twitter) Advanced Search to trace usernames, map networks & uncover hidden accounts.

Presented by @rxerium.com for the UK OSINT Community.

🎥 Watch here: www.youtube.com/watch?v=Yj2m...

Using OSINT to Investigate on Twitter/X

YouTube video by UK OSINT Community

www.youtube.com

2 3

Rishi @rxerium.com · Sep 4

🚨 New zero day added to the CISA KEV under an hour ago and is actively being exploited in the wild - CVE-2025-53690; CVSS 9.0 (Critical)

Check to see if you're vulnerable:
github.com/rxerium/CVE-...

Patches / workarounds are available:
support.sitecore.com/kb?id=kb_art...

1 2

Rishi @rxerium.com · Aug 28

🚨 Undiscolsed zero day affecting FreePBX servers:

- No patches are available at the time of this post.
- Workarounds are to limit access to your FreePBX instance
- I've created a detection template here to check if you're vulnerable:
github.com/rxerium/free...

#freepbx #zeroday #cybersecurity

GitHub - rxerium/freepbx-zeroday-detection: Zero day detection script for recent zero day affecting FreePBX instances - August 2025

Zero day detection script for recent zero day affecting FreePBX instances - August 2025 - GitHub - rxerium/freepbx-zeroday-detection: Zero day detection script for recent zero day affecting FreePB...

github.com

1

Rishi @rxerium.com · Aug 17

I've created a vulnerability script for CVE-2025-8875 and CVE-2025-8876 - both currently being actively exploited in the wild as reported by @cisacyber.

Detection script:
github.com/rxerium/CVE-...

Patches are available:
status.n-able.com/2025/08/13/a...

1

Rishi @rxerium.com · Aug 1

Catch me at #BSidesVegas or #DEFCON - I’ll be handing out exclusive UK OSINT swag. Come say hi and snag some before its all gone! 👋

1 2 5

Rishi @rxerium.com · Jul 25

Detection script for Micollab SQL injection vulnerability, tagged CVE-2025-52914 (high severity):
github.com/rxerium/CVE-...

www.mitel.com/support/secu...

1

Rishi @rxerium.com · Jul 21

🗣️ DNS-Based OSINT Tactics for Product and Service Discovery
📍 Red Team Village
⏰ Saturday 9th August from 11am - 4:50pm

Hope you see you there :wave:

#hackersummercamp #nuclei #amass #defcon33 #redteamvillage

Rishi @rxerium.com · Jul 21

I’m thrilled to be speaking at DEFCON in Las Vegas this year!

I’ll be sharing insights from my recent contributions to the OWASP Amass project and Project Discovery’s Nuclei, focusing on DNS-based techniques for Product and Service Discovery. More details below:

1

Rishi @rxerium.com · Jul 19

🚨 new zero day affecting crushFTP instances (CVE-2025-54309) being exploited in the wild:
~291,903 exposed devices running crushFTP (as of 19.07.25) according to @shodanhq:
`http.html:"crushftp"`

Patch now:
www.crushftp.com/crush11wiki/...

Rishi @rxerium.com · Jul 16

I've created a passive detection script to detect instances that are vulnerable to critical RCE tagged as CVE-2025-47812:
github.com/rxerium/CVE-...

Around ~4000 instances exposed to the internet as of 25.07.16
`http.favicon.hash:963565804`

Rishi @rxerium.com · Jun 23

Want to detect the internal security posture of an organisation without contacting them or installing agents on their local network?

I created a detection script in my spare time which takes advantage of exposed Safebase portals
github.com/rxerium/inte...

#osint #nuclei

GitHub - rxerium/internal-security-detect: The detection of internal security controls at a company

The detection of internal security controls at a company - rxerium/internal-security-detect

github.com

Rishi @rxerium.com · Jun 10

I've created a passive detection script for this Wazuh vulnerability. It is currently being exploited in the wild (as reported by CISA). The script can be found here:
github.com/rxerium/CVE-...

Original article:
thehackernews.com/2025/06/botn...

GitHub - rxerium/CVE-2025-24016: Deserialization of Untrusted Data Vulnerability in the Wazuh software

Deserialization of Untrusted Data Vulnerability in the Wazuh software - rxerium/CVE-2025-24016

t.co

Rishi @rxerium.com · Jun 9

Hey Bluesky! I’m less active here but more engaged on Twitter and GitHub. My socials can be found on my website: rxerium.com 🤝

Rishi

rxerium.com

1

Rishi @rxerium.com · Jun 3

I've created a script to detect CVE-2025-49113 based on versions exposed in the html body:
github.com/rxerium/CVE-...

Use at your own risk.

1

Reposted by Rishi

UK OSINT Community @osint-community.bsky.social · Apr 28

🔍 Swipe a stranger’s selfie—are you already over the ethical line?

In the latest article from the UK OSINT Community, Rishi Chudasama shows why “public” doesn’t mean “permissible,” urging OSINT pros to match technical skill with empathy and respect for privacy.

📖 Read: www.osint.uk/content/ethi...

Ethical Implications of OSINT in Personal Data Collection

Exploring the ethical limits of collecting personal data during investigations.

www.osint.uk

3 4

Rishi @rxerium.com · Apr 26

2,968 instances exposed to the internet according to
t.co/y1LwY9Ybss

x.com

1