你可能會喜歡
ShellExec using msgbox.exe => in my C2 Facility. Bypassing EDR's. a cool new way = ) Actually tg is just an sample, you can use calendar, teams or whatever that can communicate with apis. to uplaod & exec your custom agents !
🚨 New APT26 IOCs were just dropped by Chinese researchers at 360. Turns out they’re using a new RAT developed in Golang. MD5(Linux) e1b4572ea0780c963043819016f4c7a8 aff4b4f121aba5046f781fc6aafe8de2 10b7139952e3daae8f9d7ee407696ccf 311f9894297fb1624a2c99ac5c8d8abf…
CVE-2025-33073: PoC Exploit for the NTLM reflection SMB flaw. Check: github.com/mverschu/CVE-2…
Something BIG is coming next week 🤫 50+ pages of game-changing insights, prepared for the ongoing #CybersecurityAwarenessMonth! I can't say more yet, but if cybersecurity is on your radar, you'll want to see this. Stay tuned 👀 #CyberSecurityReport #InfoSec #ThreatIntelligence…
Quick wins: How to use deception in real-life when you have no budget - an example that took only a few minutes tu provide realistic #IOC from an ongoing "in the wild" campaign 👇🏻 linkedin.com/posts/bourbon-…
Banana Pi BPI-CM6 design with SpacemiT K1 8 core RISC-V chip, CPU integrates 2.0 TOPs AI computing power. 8/16G DDR and 8/16/32/128G eMMC. support DeepX AI. will comming soon. docs.banana-pi.org/en/BPI-CM6/Ban… #riscv #EdgeComputing #bananapi #raspberrypi
🚨 We taught LLMs to write bug-finding tools instead of just finding bugs! KNighter synthesizes static analysis checkers from patches & discovered 92 new, long-lived bugs in Linux (77 confirmed, 30 CVEs) 🐛 Paper: arxiv.org/abs/2503.09002 Code: github.com/ise-uiuc/KNigh……
Here are the slides for my talk yesterday at Objective By the Sea! Tons of incredible research and researchers here in Ibiza :) dillonfrankesecurity.com/Objective-By-t…
As promised, a blog post on Diffing 7-Zip for CVE-2025-11001. Enjoy :) pacbypass.github.io/2025/10/16/dif…
Wrote an exploit for CVE-2025-11001 in 7-zip Pretty cool bug, had fun diffing it. Blog post coming soon github.com/pacbypass/CVE-…
Just posted a write-up on a DC hang traced to a deadlock inside LSASS. I break down call stacks, the blocked threads, and how doing LDAP work in DllMain triggered the issue. medium.com/@Debugger/serv…
Beginners introduction to Linux kernel rootkits inferi.club/post/the-art-o… #Linux #infosec
Serious bugs often occur in third-party components integrated by other software. @ifsecure and I found this vulnerability in the Dolby Unified Decoder. It affects Android, iOS and Windows among other platforms, sometimes 0-click. project-zero.issues.chromium.org/issues/4280754…
Interesting read. Using blockchain and smart contracts to host and load part of the JS payload delivery. cloud.google.com/blog/topics/th…
I spent some time exploring browser cache smuggling, where visiting a webpage can lead to malware delivery. Surprisingly, it is possible to execute Chrome’s original cache file without renaming it, while also achieving persistence. More details below: medium.com/@danemeth90/re…
The following vulnerabilities have been added to our feed: - CVE-2025-33053: Microsoft Windows Internet Shortcut Files RCE - CVE-2025-25257: Fortinet FortiWeb RCE - CVE-2025-50154: Microsoft Windows File Explorer NTLM Leak crowdfense.com/n-day-feed/
crowdfense.com
N-day Vulnerability Intelligence Feed - Crowdfense
Boost Red Team exercises with our N-Day Feed: real-time, high-risk vulnerabilities, PoC code, and insights for advanced threat simulation.
One‑Click Memory Corruption in Alibaba’s UC Browser: Exploiting patch-gap V8 vulnerabilities to steal your data interruptlabs.co.uk/articles/one-c… by @InterruptLabs #MobileSecurity #Browser #exploit #infosec
Forgive me if I am wrong (developer.arm.com/documentation/…): On my machine both T0SZ and T1SZ specify a value of 17. This means 48-bit VAs are in use. According to this psuedo-code from ARM documentation the "bottom" PAC bit is defined as 64 - TXSZ, which would be bit 47.
Trend Micro's Dove Chiu & Lucien Chuang uncovered an attack campaign exploiting the Cisco SNMP vulnerability CVE-2025-20352, allowing remote code execution and rootkit deployment on unprotected devices. trendmicro.com/en_us/research…
United States 趨勢
- 1. Carson Beck 12.5K posts
- 2. Miami 90.2K posts
- 3. Louisville 19.2K posts
- 4. Ohtani 65.1K posts
- 5. #SmackDown 46.8K posts
- 6. #BostonBlue 5,553 posts
- 7. Jeff Brohm 1,643 posts
- 8. Malachi Toney 2,331 posts
- 9. George Santos 62.6K posts
- 10. Mario Cristobal N/A
- 11. Chris Bell 1,935 posts
- 12. #OPLive 2,110 posts
- 13. Geno 9,201 posts
- 14. Nebraska 12.7K posts
- 15. 4 INTs N/A
- 16. Ilja 19K posts
- 17. The U 565K posts
- 18. Raiola 2,196 posts
- 19. Suarez 29K posts
- 20. Minnesota 46.1K posts
你可能會喜歡
-
Chevy Phillip
@chevyphillip -
XSS Payloads
@XssPayloads -
xer0dayz
@xer0dayz -
Cliff Vazquez
@cliffvazquez -
Jason Lang
@curi0usJack -
nikhil(niks)
@niksthehacker -
Ashish Kunwar
@D0rkerDevil -
Securityblog
@Securityblog -
PentesterLab
@PentesterLab -
m0z
@LooseSecurity -
Rakesh Mane
@RakeshMane10 -
Dominic Chell 👻
@domchell -
Chintan 'Frogy' Gurjar
@iamthefrogy -
Patrick Fussell
@capt_red_beardz -
Sanoop Thomas ⠵
@s4n7h0
Something went wrong.
Something went wrong.