Potrebbero piacerti
🔴 𝗡𝗲𝘄 𝗥𝗲𝘀𝗲𝗮𝗿𝗰𝗵: 𝗛𝘂𝗻𝘁𝗶𝗻𝗴 𝗔𝗱𝗮𝗽𝘁𝗶𝘅𝗖𝟮 – 𝗧𝗿𝗮𝗰𝗶𝗻𝗴 𝗼𝘃𝗲𝗿 𝟭𝟬𝟬 𝗟𝗶𝘃𝗲 𝗖𝟮 𝗦𝗲𝗿𝘃𝗲𝗿𝘀 𝗶𝗻 𝘁𝗵𝗲 𝗪𝗶𝗹𝗱 Our team investigated AdaptixC2, an open-source command and control framework that’s being used in real attacks. Using HuntSQL™,…
I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…
Analysis of Windows CLFS #EoP vuln (#CVE-2025-29824) in-the-wild exploitation sample and root cause Report: ti.qianxin.com/blog/articles/… ITW sample: virustotal.com/gui/file/808cb…
Exciting times. I'm publishing Dittobytes today after presenting it at @OrangeCon_nl ! Dittobytes is a true metamorphic cross-compiler aimed at evasion. Use Dittobytes to compile your malware. Each compilation produces unique, functional shellcode. github.com/tijme/dittobyt…
Announcing our whitepaper on the future of endpoint security. preludesecurity.com/runtime-memory…
blog.malicious.group/the-quiet-side… This is a living document at the moment, but here it is for now. 😅As mentioned in the paper, if you are a researcher and have questions after reading, just reach out to me and I will answer everything I can.
Wintel is coming for your SMEP bypasses! No more flipping the U/S bit in a PTE to mark a user-mode page as supervisor-mode on Intel Arrow Lake CPUs :) (note: this is meant for protection against speculative attacks, with the side effect of becoming SMEP 2.0)
We’re cooked, guys. A new vulnerability has been discovered in sudo and you don’t even need to be in the sudo group to get root. I just tried it 👇
Published the third part of my blog series about Hydroph0bia (CVE-2025-4275) vulnerability, this one is about the fix as Insyde applied it, and my thoughts on improvements for it. coderush.me/hydroph0bia-pa…
Releasing this fun tool Golem based on @0xdea, LLVM, LLM and @semgrep Golem automates C/C++ vulnerability discovery by combining Semgrep rule scans, LLVM call-graph & CFG slicing, and AI-driven context analysis. Tool: github.com/20urc3/golem Article: bushido-sec.com/index.php/2025…
Here's our new blog on hiding your implant in VTL1, where even an EDR's kernel sensor can't see it.🧑🦯 Post includes full operational details. Plus our OST offering has been updated with a Cobalt Strike sleep mask exploiting secure enclaves. Full read ➡️ outflank.nl/blog/2025/06/1…
Dive deep into malware detection with the latest article by John Uhlmann: "Call Stacks: No More Free Passes for Malware." Discover how call stacks provide vital insights into malware behavior. Read more: go.es.io/4kDWjgr
How #PreventionEngineering is used to stop #ADCS 𝐂𝐞𝐫𝐭𝐢𝐟𝐢𝐞𝐝 𝐏𝐫𝐞-𝐎𝐰𝐧𝐞𝐝 attacks? @SagieDulce demos how attacks via #Certify and other tools are mitigated with the #RPCFirewall, #LDAPFirewall and #NetworkSegmentation. Read more here: hubs.li/Q02PlSxC0
New post: dawnslab.jd.com/%E4%B9%8B%E6%A… writeup for CVE-2025-22056, which we also found but collide with other researchers. A nice bug that can be stably exploited to get kernel privilege on Ubuntu.
🎉 It is finally time for a new blog post! 🎉 Join us on our deep dive into Windows Authentication Coercion and its current state in 2025, including some brand-new tooling ✨ #itsec #infosec #pentest #redteam blog.redteam-pentesting.de/2025/windows-c…
Good morning! Just published a deep dive into PatchGuard internals: how it works, key internal functions, context init, and possible bypasses. r0keb.github.io/posts/PatchGua…
Hypervisors for Memory Introspection and Reverse Engineering by @memn0ps secret.club/2025/06/02/hyp…
🚨 New Blog Post Read the full post to understand the risks and how to protect your systems: ow.ly/608550VZPNB #Cybersecurity #WindowsSecurity #PrivilegeEscalation #Vulnerability #InfoSec
United States Tendenze
- 1. Emiru 9,706 posts
- 2. Ohtani 225K posts
- 3. Dodgers 272K posts
- 4. Good Saturday 18.9K posts
- 5. World Series 64.1K posts
- 6. #HeartofTaehyung 40.8K posts
- 7. Carson Beck 16.9K posts
- 8. Babe Ruth 3,698 posts
- 9. Massie 33.8K posts
- 10. Louisville 28.9K posts
- 11. Sam Harris 1,242 posts
- 12. Nebraska 17.8K posts
- 13. NOCHE IS BACK 32.9K posts
- 14. Talus 15.7K posts
- 15. FDV 5min 2,946 posts
- 16. TOP CALL 9,971 posts
- 17. TwitchCon 25.8K posts
- 18. #SEVENTEEN_NEW_IN_LA 64.5K posts
- 19. Miami 102K posts
- 20. George Santos 90.4K posts
Potrebbero piacerti
-
rehackxyz
@rehackxyz -
Soumyani1
@reveng007 -
KAI
@kaisai121 -
Juuzou Suzuya
@0x255x -
Troy
@Troy_shi -
Akhmad Yudha
@Akhmad_Yudha -
bruh
@cppbruh -
Sebastian Lujan
@delegate_call -
knightmare2600
@knightmare2600 -
Рахул
@pl4y_m4k3r -
Adrian Luca (infosec.exchange/@adrian_luca)
@adrian__luca -
Karl
@cargalco -
Christian {tty503}
@tty_503 -
Sanan Hasanov
@s4nsec -
Yota
@yota0x86
Something went wrong.
Something went wrong.