Dit vind je misschien leuk
Now in private beta: Aardvark, an agent that finds and fixes security bugs using GPT-5. openai.com/index/introduc…
Credential Guard was supposed to end credential dumping. It didn't. @bytewreck just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️ ghst.ly/4qtl2rm
Chinese authorities allege a 27-month NSA operation against the China's National Time Service Center. Initial credential theft apparently via a smartphone-messaging exploit. They relese technical details, including information about 80+ remote logins between April 11 and August…
Operation Triangulation + #DanderSpritz Come back … #iphone -> Windows mp.weixin.qq.com/s/XPjT0BVOJPJx…
🔴 𝗡𝗲𝘄 𝗥𝗲𝘀𝗲𝗮𝗿𝗰𝗵: 𝗛𝘂𝗻𝘁𝗶𝗻𝗴 𝗔𝗱𝗮𝗽𝘁𝗶𝘅𝗖𝟮 – 𝗧𝗿𝗮𝗰𝗶𝗻𝗴 𝗼𝘃𝗲𝗿 𝟭𝟬𝟬 𝗟𝗶𝘃𝗲 𝗖𝟮 𝗦𝗲𝗿𝘃𝗲𝗿𝘀 𝗶𝗻 𝘁𝗵𝗲 𝗪𝗶𝗹𝗱 Our team investigated AdaptixC2, an open-source command and control framework that’s being used in real attacks. Using HuntSQL™,…
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…
Analysis of Windows CLFS #EoP vuln (#CVE-2025-29824) in-the-wild exploitation sample and root cause Report: ti.qianxin.com/blog/articles/… ITW sample: virustotal.com/gui/file/808cb…
Exciting times. I'm publishing Dittobytes today after presenting it at @OrangeCon_nl ! Dittobytes is a true metamorphic cross-compiler aimed at evasion. Use Dittobytes to compile your malware. Each compilation produces unique, functional shellcode. github.com/tijme/dittobyt…
Announcing our whitepaper on the future of endpoint security. preludesecurity.com/runtime-memory…
blog.malicious.group/the-quiet-side… This is a living document at the moment, but here it is for now. 😅As mentioned in the paper, if you are a researcher and have questions after reading, just reach out to me and I will answer everything I can.
Wintel is coming for your SMEP bypasses! No more flipping the U/S bit in a PTE to mark a user-mode page as supervisor-mode on Intel Arrow Lake CPUs :) (note: this is meant for protection against speculative attacks, with the side effect of becoming SMEP 2.0)
We’re cooked, guys. A new vulnerability has been discovered in sudo and you don’t even need to be in the sudo group to get root. I just tried it 👇
Published the third part of my blog series about Hydroph0bia (CVE-2025-4275) vulnerability, this one is about the fix as Insyde applied it, and my thoughts on improvements for it. coderush.me/hydroph0bia-pa…
Weekly summary is out.. ctoatncsc.substack.com/p/cto-at-ncsc-…
Releasing this fun tool Golem based on @0xdea, LLVM, LLM and @semgrep Golem automates C/C++ vulnerability discovery by combining Semgrep rule scans, LLVM call-graph & CFG slicing, and AI-driven context analysis. Tool: github.com/20urc3/golem Article: bushido-sec.com/index.php/2025…
Here's our new blog on hiding your implant in VTL1, where even an EDR's kernel sensor can't see it.🧑🦯 Post includes full operational details. Plus our OST offering has been updated with a Cobalt Strike sleep mask exploiting secure enclaves. Full read ➡️ outflank.nl/blog/2025/06/1…
Dive deep into malware detection with the latest article by John Uhlmann: "Call Stacks: No More Free Passes for Malware." Discover how call stacks provide vital insights into malware behavior. Read more: go.es.io/4kDWjgr
How #PreventionEngineering is used to stop #ADCS 𝐂𝐞𝐫𝐭𝐢𝐟𝐢𝐞𝐝 𝐏𝐫𝐞-𝐎𝐰𝐧𝐞𝐝 attacks? @SagieDulce demos how attacks via #Certify and other tools are mitigated with the #RPCFirewall, #LDAPFirewall and #NetworkSegmentation. Read more here: hubs.li/Q02PlSxC0
zeronetworks.com
Preventing “Certified Pre-Owned” Attacks, using RPC-Firewall, LDAP-Firewall and Network Segmentation
Learn how to prevent Certified Pre-Owned attacks on Active Directory Certificate Services using RPC Firewall, LDAP Firewall and network segmentation. Protect your PKI infrastructure from certificate...
New post: dawnslab.jd.com/%E4%B9%8B%E6%A… writeup for CVE-2025-22056, which we also found but collide with other researchers. A nice bug that can be stably exploited to get kernel privilege on Ubuntu.
United States Trends
- 1. Kilmar Abrego Garcia 2,423 posts
- 2. Godzilla 29.2K posts
- 3. #thursdayvibes 2,591 posts
- 4. NASCAR 9,027 posts
- 5. Sora 48.5K posts
- 6. Johnny Morris 1,042 posts
- 7. Usher 4,262 posts
- 8. Good Thursday 39.8K posts
- 9. Michigan Man 7,146 posts
- 10. Person of the Year 11.7K posts
- 11. Algorhythm Holdings 1,200 posts
- 12. #RIME_AIlogistics N/A
- 13. #NXXT_NEWS N/A
- 14. #PiratasDelImperio 3,278 posts
- 15. #thursdaymotivation 3,056 posts
- 16. JUNGKOOK FOR CHANEL BEAUTY 170K posts
- 17. Dolly 16.8K posts
- 18. Shaggy 2,554 posts
- 19. Trey Songz N/A
- 20. Cam Newton 1,932 posts
Dit vind je misschien leuk
-
rehackxyz
@rehackxyz -
Soumyani1
@reveng007 -
KAI
@kaisai121 -
Juuzou Suzuya
@0x255x -
BitFre4k
@BiteFre4k -
Troy
@Troy_shi -
Akhmad Yudha
@Akhmad_Yudha -
bruh
@cppbruh -
Sebastian Lujan
@delegate_call -
knightmare2600
@knightmare2600 -
Evangelos
@lex0tanil -
Рахул
@pl4y_m4k3r -
Adrian Luca (infosec.exchange/@adrian_luca)
@adrian__luca -
rv
@rvikrant09 -
Christian {tty503}
@tty_503
Something went wrong.
Something went wrong.