STRLCPY(3)

A Comprehensive Analysis of the 3CX Attack

Vulkan files leak, a rare look into Russian cyberwarfare tactics

CVE-2023-21768 _ Pwning Windows Ancillary Function Driver for WinSock (afd.sys)

CVE-2022-47522 _ MacStealer: Wi-Fi Client Isolation Bypass

ARM TrustZone: pivoting to the secure world

CVE-2023-27326 _ Parallels Toolgate VM Escape

BlackLotus UEFI bootkit: Myth confirmed

CVE-2022-25664 _ The code that wasn't there: Reading memory on an Android device by accident

A Race to Report a TOCTOU: Analysis of a Bug Collision in Intel SMM

Userland exploit chain to dump the memory of any Windows PPL process

CVE-2023-1017/18 _ Vulns in TPM 2.0 reference implementation code

Defining the Cobalt Strike Reflective Loader

CVE-2023-25136 _ OpenSSH Pre-Auth Double Free

CVE-2023-23397 _ Microsoft Outlook EoP

Multiple Internet to Baseband RCE Vulns in Exynos Modems

CVE-2022-44268/7 _ ImageMagick: The hidden vulnerability behind your online images

CVE-2023-21608 _ Adobe Acrobat Reader resetForm RCE

VMSA-2023-0001 _ VMware vRealize Log Insight Multiple Vulns

CVE-2022-34689 _ Exploiting a Critical Spoofing Vuln in Windows CryptoAPI

how to completely own an airline in 3 easy steps

CVE-2023-23504 _ XNU Heap Underwrite in dlil.c

CVE-2022-38181 _ yet another Arm Mali GPU Android exploit

CVE-2022-42864 _ Diabolical Cookies on iOS/MacOS

CVE-2023-24068/69 _ Abusing Signal Desktop for fun & Espionage

CVE-2023-0179 _ Linux kernel stack buffer overflow in nftables

making malware with VX-API

Prototype Pollution in Python

Unlocking LockBit, a Ransomware story

Xdr33, A Variant Of CIA’s HIVE Attack Kit

The OWASSRF + TabShell exploit chain

Game Of Active Directory, PWNING is coming!

Blindside: EDR Evasion with Hardware Breakpoints

Precious Gemstones: The New Generation of Kerberos Attacks

Netcomm Unauthenticated RCE Vuln

CVE-2022-46169 _ Cacti Unauthenticated Command Injection

Exciting approaches to memory safety

CVE-2022-41082/80 _ OWASSRF, Bypassing ProxyNotShell Mitigations

MeshyJSON, A TP-Link tdpServer JSON Stack Overflow

VLAN Hopping techniques

Spice up your persistence loading PHP extensions from memory

Firebase is Insecure by Default

SilentMoonwalk: Implementing a dynamic Call Stack Spoofer

CVE-2022-28672 _ Foxit PDF Reader UAF RCE

CVE-2022-4543 _ EntryBleed: Breaking KASLR under KPTI with Prefetch

Huawei Secure Monitor Vulnerabilities

FOISted, remote exploit for MikroTik’s RouterOS 6

IIS modules: The evolution of web shells

Atlassian Session Hijacking (& 2FA bypass) using stolen JWTs

CVE-2022-42703 _ Bringing back the stack attack to Linux (kernel)

Fuzzing ping(8)… and finding a 24 year old bug.

{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF

CVE-2022-4059/42 _ Supply Chain Vulns Put Server Ecosystem At Risk

Multiple Zero-Day Vulnerabilities in Leading EDRs and AVs

CVE-2022-3328 _ Snapd Race condition in snap-confine

CVE-2022-41057 _ Windows 11 HTTP.SYS Kerberos PAC EoP

CVE-2022-41034 _ Visual Studio Code RCE

CVE-2022-41120 _ Sysmon EoP Abusing Arbitrary File Deletes

6G - The Sixth Generation Mobile Network

In The Box - Mobile Malware Webinjects Marketplace

Cobalt Strike Memory Analysis

The Defender’s Guide to the Windows Registry

The Intel PPAM attack story

CVE-2022-25765 _ Command Injection in pdfkit

Discover Redigo — New Redis Backdoor Malware

Dumping and extracting the SpaceX Starlink User Terminal firmware

TP-Link WR940N N-Day turns into a 0day

CVE-2022-44721 _ Crowdstrike Falcon Uninstaller

CVE-2022-31358 _ Multiple Vulns in Proxmox VE & Mail Gateway

Hitching a ride with Mustang Panda

HTTP Desync Attack (Request Smuggling)

CVE-2022-4116 _ zero-day flaw in Quarkus Java framework

Hacking Smartwatches for Spear Phishing

Blasting Event-Driven Cornucopia - WMI edition

Huawei Security Hypervisor Vulnerability

Hell’s Keychain: Supply-chain vuln in IBM Cloud PostgreSQL

CVE-2022-42895/6 _ Linux Kernel Infoleak & UAF in Bluetooth L2CAP

chip-to-cloud 'eID' logic vulnerabilities

Xiongmai IoT Exploitation

Bypass Android SSL Pinning & Intercept Proxy Unaware apps

Linux & Windows Password Mining

Zero-to-Hero Dom Clobbering

Exploiting an N-day vBulletin PHP Object Injection Vulnerability

APT41’s New Subgroup: Earth Longzhi

REcollapse - Fuzzing the web for mysterious bugs

CVE-2022-33942 _ Bypassing Intel DCM’s Auth by Spoofing Kerberos and LDAP

PNG Steganography Hides Backdoor

Userspace exploitation under Android

NETGEAR R7800 AFPD PreAuth

CVE-2022-41924 _ RCE in Tailscale, DNS Rebinding, and You

The State of Exploit Development

Chrome Browser Exploitation

kmem_guard_t in iOS 16 / macOS 13

Remote Command Execution in a Bank Server

CVE-2022-41622/41800 _ F5 BIG-IP and iControl REST Vuln

CVE-2022-20868/7 _ Cisco SMA JWT EoP & SQLi RCE

CVE-2022-45163 _ NXP i.MX SDP_READ_DISABLE Fuse Bypass

Pixel 6 Bootloader Exploitation writeup

DeimosC2 C&C Framework brief-analysis

CVE-2022-41082 _ RCE in Exchange PowerShell Backend

CVE-2022-32932 _ ZinComputeProgramUpdateMutables() OOB write due to double fetch

CVE-2022-36067 _ SandBreak vm2 Unauth’ed RCE in Backstage

CVE-2022-32895 _ CVE-2019-8561 _ A Hard-to-Banish PackageKit Vuln

Cloning Windows Binaries and Code Signing Implants

Practical fault attacks against SM4

CVE-2022-40303/4 _ on MacOS <13.0.1 & iOS/iPadOS <16.1.1

CVE-2022-35914 _ GLPI htmlawed

Inside the V1 Raccoon Stealer

weightBufs 🔥 exploit ⛓️ chain

On-Chain Insights From the FTX Implosion

Hosting Malware on IPFS for fun & profit!

Does OpenSea Shared Storefront have a backdoor?

Web3 Decoder Burp Suite Extension

Using SystemFunction032 for shellcode decryption

Intel Boot Guard keys leak analysis

Design and setup of C2 traffic redirectors

AppSec Ezine #455

Fodcha Is Coming Back, Raising A Wave of Ransom DDoS

CVE-2022-26730 _ ColorSync

DevSecOps-Playbook: step-by-step implementation guide

Build a Self-Destructing USB Drive

Checkmk RCE Chain

Hardware Trojans Under a Microscope

More Evil Markets to buy Initial Access

CVE-2022-33679 _ One-Day Kerberos EoP

urlscan.io's SOAR spot: Chatty security tools leaking private data

CVE-2022-3602 _ OpenSSL punycode vulnerability

CVE-2022-40146 _ Apache Batik SSRF and RCE

Exploited Windows “Mark-of-the-Web” Zero-Day

The Drone Cyberattack That Breached a Corporate Network

Abusing tokens to compromise AD w/o touching lsass

That’s No Honey Badger. It’s A Brute Ratel. A Look At BRC4.

LNK file-based Attacks Are on The Rise

CVE-2022-32250 _ Exploit Linux Kernel Exploit with mqueue

From Shared Dash to Root Bash :: Pre-Auth’ed RCE in VMWare vROps

Eat What You Kill :: Pre-Auth’ed RCE in VMWare NSX Manager

CVE-2022-34918 _ A crack in the Linux firewall

In the potato family, I want ‘em all

Android One-Click exploiting XSS on Samsung Galaxy Store

CVE-2022-32946 _ SiriSpy, eavesdrop conversations with Siri

CVE-2022-37981 _ The Logging Dead

CVE-2022–34718 _ Windows TCP/IP RCE PoC & Analysis

APT techniques: Access Token manipulation/theft

CVE-2022-35737 _ Stranger Strings: An exploitable flaw in SQLite

CVE-2022-22954 _ Mirai, RAR1 & GuardMiner target a well-known VMware RCE

SharePoint Post-Authentication Server-Side Request Forgery (SSRF)

SS7 устарел, long life to SS7

Client Side De-Sync and Synch0le

Black Basta and the Unnoticed Delivery

Thousands Of Unsecured Kubernetes Clusters Exposed On The Internet

Authentication Bypass & File Upload & Arbitrary File Overwrite

Темные Рынки в Телеграмме

Reverse Engineering the Apple MultiPeer Connectivity Framework

Steganography: Creating a digital microdot

AppSec Ezine #453

SpaceX Starlink User Terminal Modchip

CVE-2022-3236 _ Sophos Firewall Code Injection

BlueBleed - The Largest B2B Leak

Fantastic Rootkits: And Where to Find Them

Exploit Deserialization Vulnerabilities in PHP

Wireless PenTest Methodologies

CVE-2022-22980 _ Spring Data MongoDB SpEL ExpInjection

Discovering _ CVE-2022–22980 real exploitable path

Memory corruption vulnerabilities in Edge

CVE-2022–42889 _ Text4Shell Vuln Technical Analysis

CVE-2022-27502 _ RealVNC Server 6.8.0 PrivEsc

CVE-2022-39197 _ Cobalt Strike 4.7.1 RCE

iOS Native Code Obfuscation and Syscall Hooking

SingPass RASP Analysis

Relaying YubiKeys 

Replicant: Fault Injection Attack on Trezor One

CVE-2022-41852 _ RCE in JXPath Library

CVE-2022-41352 _ Zimbra 0-day

CVE-2022-37042 _ Zimbra Email Vulnerability

CVE-2022-40684 _ FortiOS/Proxy/SwitchManager AuthBypass

CVE-2022-37969 _ Windows CLFS Zero-Day

Analysing LastPass Chrome Extension

Disposable Root Servers

L.E.J Mashup 80s

Attacking Titan M with Only One Byte

Attacking Android kernel (ab)using Qualcomm TrustZone

Exploring the REF2731 Intrusion Set

Bumblebee: increasing its capacity and evolving its TTPs

CVE-2022-29464 _ detailed analysis of a ShadowPad intrusion

Beginner's Guide to Sliver C2

CVE-2022-41040/41082 _ 0-day RCE on Microsoft Exchange

Bad VIB(E)s // Novel Malware in ESXi Hypervisors

Automating C2 Infrastructure with Terraform, Nebula, Caddy and Cobalt Strike

Exploiting Flipper Zero’s NFC file loader

A FormBook Matryoshka

CVE-2022-36804 _ Bitbucket Pre Auth Remote Command Execution

The Crypto Revolution

Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat

обзор на rizin

CVE-2022-30190 _ Overview of Bears Cyberespionage

Hacking Ham Radio for Texting

The Sound of Malware

Tracking Joker with Medusa, static analysis (and patience)

CVE-2022-26809 _ Reaching Vulnerable Point

APT groups carried out highly targeted attack on Sophos

Stablecoins Are Products

Emulating Phineas Phisher Attacks in Modern EDR Environments

GhostTouch: Contactless attack with Electromagnetic Signals

How to Make $800m in Crypto, Soros Style - Breaking $UST

KAX17 de-anonymization against Tor

Android/BianLian payload

DarkFi

Attacking ARM Pointer Authentication with Speculative Execution

Aoqin Dragon

reNgine - More than just a recon!

HOP Token Airdrop

The Magic of ХYЙ

Russia’s certificate authority for sanctioned organizations

Self Hosted Roundup #7

Automated Malware Analysis - Joe Sandbox

The Surreal Case of a C.I.A. Hacker’s Revenge

Meet Logseq, 'stores data like a brain'

Francesca Bria on Decentralisation, Sovereignty, and Web3

Xenomorph: Hatched Banking Trojan

Guerre di Rete - Ucraina, cronache dai cyber fronti

CVE-2022-0847 _ The Dirty Pipe

Perché è il momento di fare (e informare) Guerre di Rete

The state of music/Web3 tools for artists

NSO zero-click iMessage RCE exploit

Threat Thursday: BoratRAT