STRLCPY(3)

📞

A Comprehensive Analysis of the 3CX Attack

3CXSupply-chainCTILazarus

🪆

Vulkan files leak, a rare look into Russian cyberwarfare tactics

РоссияLeakCyberWarfare

🧦

CVE-2023-21768 _ Pwning Windows Ancillary Function Driver for WinSock (afd.sys)

WindowsAFDLPEWinSock

🦘

CVE-2022-47522 _ MacStealer: Wi-Fi Client Isolation Bypass

WiFiContext Override

🧿

ARM TrustZone: pivoting to the secure world

AndroidARMTrustZoneACE

🤸‍♂️

CVE-2023-27326 _ Parallels Toolgate VM Escape

MacOSParallelsVMEscape

🃏

BlackLotus UEFI bootkit: Myth confirmed

UEFIBootkitBlackLotusCTI

🤖

CVE-2022-25664 _ The code that wasn't there: Reading memory on an Android device by accident

AndroidAdrenoKASLR

💥

A Race to Report a TOCTOU: Analysis of a Bug Collision in Intel SMM

BiosSMMUEFIIntel

🪡

Userland exploit chain to dump the memory of any Windows PPL process

WindowsLSASSPPL

👀

CVE-2023-1017/18 _ Vulns in TPM 2.0 reference implementation code

TPMOOBEscape

🎳

Defining the Cobalt Strike Reflective Loader

Cobalt-StrikeReflectiveLoader

🐡

CVE-2023-25136 _ OpenSSH Pre-Auth Double Free

OpenSSHDouble-FreeOpenBSD

📪

CVE-2023-23397 _ Microsoft Outlook EoP

OutlookWindowsEoPNTLM

💣

Multiple Internet to Baseband RCE Vulns in Exynos Modems

BasebandRCEExynosAndroid

🖼️

CVE-2022-44268/7 _ ImageMagick: The hidden vulnerability behind your online images

ImageMagickRemote Leak

📄

CVE-2023-21608 _ Adobe Acrobat Reader resetForm RCE

AdobeAcrobatRCE

🪵

VMSA-2023-0001 _ VMware vRealize Log Insight Multiple Vulns

VMWarevRealize

🖖

CVE-2022-34689 _ Exploiting a Critical Spoofing Vuln in Windows CryptoAPI

WindowsMD5CryptoAPI

🛫

how to completely own an airline in 3 easy steps

jenkinsaviationnofly

🍎

CVE-2023-23504 _ XNU Heap Underwrite in dlil.c

AppleXNUMacOSiOS

💣

CVE-2022-38181 _ yet another Arm Mali GPU Android exploit

AndroidMaliARM

🍪

CVE-2022-42864 _ Diabolical Cookies on iOS/MacOS

iOSMacOSApple

💬

CVE-2023-24068/69 _ Abusing Signal Desktop for fun & Espionage

SignalDesktop

🐧

CVE-2023-0179 _ Linux kernel stack buffer overflow in nftables

LINUXKERNELNFTables

☠️

making malware with VX-API

VX-APIDevelopment

🐍

Prototype Pollution in Python

PythonPrototype

🔓

Unlocking LockBit, a Ransomware story

LockBitRansomware

🍯

Xdr33, A Variant Of CIA’s HIVE Attack Kit

XDR33HIVEC2

📧

The OWASSRF + TabShell exploit chain

ExchangeOWASSRFTabShell

🌲

Game Of Active Directory, PWNING is coming!

Active DirectoryLab

🌘

Blindside: EDR Evasion with Hardware Breakpoints

WindowsEDREvasion

💠

Precious Gemstones: The New Generation of Kerberos Attacks

KerberosWindowsAD

🕸️

Netcomm Unauthenticated RCE Vuln

NETCOMMNF20MESH

🌵

CVE-2022-46169 _ Cacti Unauthenticated Command Injection

CactiPHP

🦺

Exciting approaches to memory safety

memorysafetymitigationsarchitectures

☠️

CVE-2022-41082/80 _ OWASSRF, Bypassing ProxyNotShell Mitigations

OWASSRFExchange

🏹

MeshyJSON, A TP-Link tdpServer JSON Stack Overflow

TP-LinkArcher AX21

🦘

VLAN Hopping techniques

VLANNetworkingCISCO

🌶️

Spice up your persistence loading PHP extensions from memory

PHP ExtensionsX-C3LL

📛

Firebase is Insecure by Default

FirebaseFizz

🚶🏿‍♂️

SilentMoonwalk: Implementing a dynamic Call Stack Spoofer

WindowsStackSpoofing

🦊

CVE-2022-28672 _ Foxit PDF Reader UAF RCE

FoxitPDFWindows

🩸

CVE-2022-4543 _ EntryBleed: Breaking KASLR under KPTI with Prefetch

LINUXKASLRKPTI

🪤

Huawei Secure Monitor Vulnerabilities

AndroidHuaweiATFSecure Monitor

🧨

FOISted, remote exploit for MikroTik’s RouterOS 6

MikroTikRouterOSJailBreak

👺

IIS modules: The evolution of web shells

WindowsIISWebShell

🪣

Atlassian Session Hijacking (& 2FA bypass) using stolen JWTs

BitBucketJiraConfluence

🐧

CVE-2022-42703 _ Bringing back the stack attack to Linux (kernel)

LINUXKERNEL

🐡

Fuzzing ping(8)… and finding a 24 year old bug.

OpenBSDPingAFL

🔥

{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF

JSONSQLiAntiWAF

🥌

CVE-2022-4059/42 _ Supply Chain Vulns Put Server Ecosystem At Risk

BMC&CAMIMegaRACRedfishIPMI

🥋

Multiple Zero-Day Vulnerabilities in Leading EDRs and AVs

FUDAntiEDRAV

🚥

CVE-2022-3328 _ Snapd Race condition in snap-confine

SnapdUbuntu

🪟

CVE-2022-41057 _ Windows 11 HTTP.SYS Kerberos PAC EoP

WindowsHTTP.SYSKerberos

⚠️

CVE-2022-41034 _ Visual Studio Code RCE

VSCodeRCE

📊

CVE-2022-41120 _ Sysmon EoP Abusing Arbitrary File Deletes

EoPWindows

📡

6G - The Sixth Generation Mobile Network

6GMobileCellularNetwork

🏪

In The Box - Mobile Malware Webinjects Marketplace

Dark MarketsWebinjects

🕋

Cobalt Strike Memory Analysis

Cobalt-StrikeKoboldLithiumMagnetLoader

🛡️

The Defender’s Guide to the Windows Registry

WindowsRegistryBlue

💥

The Intel PPAM attack story

PPAMSMMAMIFirmware

📄

CVE-2022-25765 _ Command Injection in pdfkit

pdfkitruby

⭐

Discover Redigo — New Redis Backdoor Malware

RedisRedigoCVE-2022-0543

🛰️

Dumping and extracting the SpaceX Starlink User Terminal firmware

StarlinkSpaceXReverse

📶

TP-Link WR940N N-Day turns into a 0day

TP-LinkWR940N

🦅

CVE-2022-44721 _ Crowdstrike Falcon Uninstaller

CVE-2022-2841CrowdStrikeFalcon

💫

CVE-2022-31358 _ Multiple Vulns in Proxmox VE & Mail Gateway

ProxmoxXSSCRLFSSRF

🐼

Hitching a ride with Mustang Panda

APTWindows

🎰

HTTP Desync Attack (Request Smuggling)

HTTP DesyncSmuggling

⚛️

CVE-2022-4116 _ zero-day flaw in Quarkus Java framework

QuarkusCORS

⌚

Hacking Smartwatches for Spear Phishing

SmartwatchBLE

💐

Blasting Event-Driven Cornucopia - WMI edition

WMIDKOMSandbox

🤖

Huawei Security Hypervisor Vulnerability

AndroidHuaweiHypervisor

🔑

Hell’s Keychain: Supply-chain vuln in IBM Cloud PostgreSQL

IBMSupply-chain

🦷

CVE-2022-42895/6 _ Linux Kernel Infoleak & UAF in Bluetooth L2CAP

LINUX

☁️

chip-to-cloud 'eID' logic vulnerabilities

eIDReverse

📹

Xiongmai IoT Exploitation

NVRIoTXiongmai

📌

Bypass Android SSL Pinning & Intercept Proxy Unaware apps

AndroidReverseSSL

⛏️

Linux & Windows Password Mining

LateralPrivEscPassword

🥊

Zero-to-Hero Dom Clobbering

DOMJSXSS

📋

Exploiting an N-day vBulletin PHP Object Injection Vulnerability

vBulletinPOP Chain

🎠

APT41’s New Subgroup: Earth Longzhi

APT41MalwareCTI

✔️

REcollapse - Fuzzing the web for mysterious bugs

User InputFuzzing

🕴️

CVE-2022-33942 _ Bypassing Intel DCM’s Auth by Spoofing Kerberos and LDAP

IntelKerberosLDAP

🖼️

PNG Steganography Hides Backdoor

SteganographyDropboxC&C

🤖

Userspace exploitation under Android

JNIAndroid

📡

NETGEAR R7800 AFPD PreAuth

Netgear R7800Heap Overflow

🧑‍🚀

CVE-2022-41924 _ RCE in Tailscale, DNS Rebinding, and You

TailscaleRCE

💣

The State of Exploit Development

ExploitDevelopment

🌏

Chrome Browser Exploitation

V8Chrome

🛡️

kmem_guard_t in iOS 16 / macOS 13

xnuMacOSiOS

🎩

Remote Command Execution in a Bank Server

RCERemote Banking

🔥

CVE-2022-41622/41800 _ F5 BIG-IP and iControl REST Vuln

F5 Big-IPiControl

🌐

CVE-2022-20868/7 _ Cisco SMA JWT EoP & SQLi RCE

Cisco SMACVE-2022-20868/7

🧇

CVE-2022-45163 _ NXP i.MX SDP_READ_DISABLE Fuse Bypass

i.MXHardware

📱

Pixel 6 Bootloader Exploitation writeup

AndroidHardware

🎛️

DeimosC2 C&C Framework brief-analysis

C2C&C

📧

CVE-2022-41082 _ RCE in Exchange PowerShell Backend

ExchangeCVE-2022-41082CVE-2022-41040

‼️

CVE-2022-32932 _ ZinComputeProgramUpdateMutables() OOB write due to double fetch

Neural EngineweightBufs

🏖️

CVE-2022-36067 _ SandBreak vm2 Unauth’ed RCE in Backstage

Backstagevm2

📦

CVE-2022-32895 _ CVE-2019-8561 _ A Hard-to-Banish PackageKit Vuln

MacOS

🔏

Cloning Windows Binaries and Code Signing Implants

EvasionWindows

🔓

Practical fault attacks against SM4

SM4HardwareGlitch

⚡

CVE-2022-40303/4 _ on MacOS <13.0.1 & iOS/iPadOS <16.1.1

libxml2iOSMacOS

💉

CVE-2022-35914 _ GLPI htmlawed

GLPICVE-2022-35914

🦝

Inside the V1 Raccoon Stealer

MalwareStealerRaccoon

🤯

weightBufs 🔥 exploit ⛓️ chain

iOSMacOSNeural Engine

📉

On-Chain Insights From the FTX Implosion

CryptoFinance

🕸️

Hosting Malware on IPFS for fun & profit!

IPFSMalwareWeb3

⛵

Does OpenSea Shared Storefront have a backdoor?

NFTOpenSeaWeb3

🔍

Web3 Decoder Burp Suite Extension

dAppWeb3

🧐

Using SystemFunction032 for shellcode decryption

WindowsShellcodeObf

🔑

Intel Boot Guard keys leak analysis

IntelLeakBios

🔀

Design and setup of C2 traffic redirectors

C2HTTP

🗞️

AppSec Ezine #455

AppSecEzine

🌊

Fodcha Is Coming Back, Raising A Wave of Ransom DDoS

DDoSBotNet

🩸

CVE-2022-26730 _ ColorSync

CVE-2022-26730MacOS

👩🏿‍💻

DevSecOps-Playbook: step-by-step implementation guide

DevSecOps

💥

Build a Self-Destructing USB Drive

HardwareTactical

⛓️

Checkmk RCE Chain

CheckmkRCE

🔬

Hardware Trojans Under a Microscope

RATHardware

🏬

More Evil Markets to buy Initial Access

Dark MarketsInitial Access

🌐

CVE-2022-33679 _ One-Day Kerberos EoP

KerberosWindows

🔗

urlscan.io's SOAR spot: Chatty security tools leaking private data

Leakdorks

🔏

CVE-2022-3602 _ OpenSSL punycode vulnerability

CVE-2022-3602CVE-2022-3786OpenSSL

🖼️

CVE-2022-40146 _ Apache Batik SSRF and RCE

Apache BatikJava

〽️

Exploited Windows “Mark-of-the-Web” Zero-Day

MoTWWindows

🚁

The Drone Cyberattack That Breached a Corporate Network

WiFiDrone

🪙

Abusing tokens to compromise AD w/o touching lsass

Token TheftActive Directory

🪖

That’s No Honey Badger. It’s A Brute Ratel. A Look At BRC4.

C2BRC4

🔗

LNK file-based Attacks Are on The Rise

LNKPhishingWindows

🌰

CVE-2022-32250 _ Exploit Linux Kernel Exploit with mqueue

CVE-2022-32250LINUXLPE

➕

From Shared Dash to Root Bash :: Pre-Auth’ed RCE in VMWare vROps

CVE-2022-31675CVE-2022-31674CVE-2022-31672

♻️

Eat What You Kill :: Pre-Auth’ed RCE in VMWare NSX Manager

VMSA-2022-0027VMWareNSX

💥

CVE-2022-34918 _ A crack in the Linux firewall

CVE-2022-34918LINUX

🥔

In the potato family, I want ‘em all

LPEWindows

📱

Android One-Click exploiting XSS on Samsung Galaxy Store

XSSAndroidSamsung

🎤

CVE-2022-32946 _ SiriSpy, eavesdrop conversations with Siri

iOSappleSiri

🪓

CVE-2022-37981 _ The Logging Dead

CVE-2022-37981Windows

💀

CVE-2022–34718 _ Windows TCP/IP RCE PoC & Analysis

CVE-2022–34718RCEWindows

🥷

APT techniques: Access Token manipulation/theft

Win32APIToken Theft

🧵

CVE-2022-35737 _ Stranger Strings: An exploitable flaw in SQLite

SQLiteCVE-2022-35737

🎯

CVE-2022-22954 _ Mirai, RAR1 & GuardMiner target a well-known VMware RCE

VMWareCVE-2022-22954

🪟

SharePoint Post-Authentication Server-Side Request Forgery (SSRF)

SharePointSSRF

🗼

SS7 устарел, long life to SS7

SS7GSMMobileРоссия

👯‍♀️

Client Side De-Sync and Synch0le

client-side desyncSynch0le

🏴

Black Basta and the Unnoticed Delivery

RansomwareBlack BastaCTI

☸️

Thousands Of Unsecured Kubernetes Clusters Exposed On The Internet

KubernetesK8SKubeStalk

🐰

Authentication Bypass & File Upload & Arbitrary File Overwrite

JWTS3BugBounty

🛍️

Темные Рынки в Телеграмме

TelegramDarkNetРоссия

⏪

Reverse Engineering the Apple MultiPeer Connectivity Framework

appleReversemcpeer

🕵️

Steganography: Creating a digital microdot

SteganographyMicrodot

📰

AppSec Ezine #453

AppSecEzine

🛰️

SpaceX Starlink User Terminal Modchip

StarlinkDefconModchip

💉

CVE-2022-3236 _ Sophos Firewall Code Injection

SophosJSONCVE-2022-3236

💧

BlueBleed - The Largest B2B Leak

BlueBleedAzureLeak

🔪

Fantastic Rootkits: And Where to Find Them

SSDTRootKitWindows

🧶

Exploit Deserialization Vulnerabilities in PHP

DeserializationPHP Filter Chain

📡

Wireless PenTest Methodologies

WirelessProximityTactical

🌿

CVE-2022-22980 _ Spring Data MongoDB SpEL ExpInjection

CVE-2022–22980VMWareSpring Data MongoDB

🛣️

Discovering _ CVE-2022–22980 real exploitable path

CVE-2022–22980CodeQL

🌍

Memory corruption vulnerabilities in Edge

EdgexplorerVULN

🔥

CVE-2022–42889 _ Text4Shell Vuln Technical Analysis

CVE-2022–42889Text4ShellApache Commons Text

🖥️

CVE-2022-27502 _ RealVNC Server 6.8.0 PrivEsc

CVE-2022-27502RealVNC

🎳

CVE-2022-39197 _ Cobalt Strike 4.7.1 RCE

CVE-2022-39197Cobalt-Strike

🪝

iOS Native Code Obfuscation and Syscall Hooking

iOSReverse

🛡️

SingPass RASP Analysis

ReverseiOS

🔑

Relaying YubiKeys

YubiKeyFIDO2

💸

Replicant: Fault Injection Attack on Trezor One

TrezorCryptoChipFail

🧨

CVE-2022-41852 _ RCE in JXPath Library

CVE-2022-41852JXPath

🦓

CVE-2022-41352 _ Zimbra 0-day

ZimbraCVE-2022-41352

🦓

CVE-2022-37042 _ Zimbra Email Vulnerability

ZimbraCVE-2022-37042

🧱

CVE-2022-40684 _ FortiOS/Proxy/SwitchManager AuthBypass

CVE-2022-40684Fortinet

♟️

CVE-2022-37969 _ Windows CLFS Zero-Day

CVE-2022-37969Windows

🗝️

Analysing LastPass Chrome Extension

LastPassChrome Remote Debugging

❤️‍🔥

Disposable Root Servers

SegfaultFree

🔊

L.E.J Mashup 80s

SPKRWRITE

🔓

Attacking Titan M with Only One Byte

CVE-2022-20233Titan M

🤖

Attacking Android kernel (ab)using Qualcomm TrustZone

TrustZoneCVE-2021-1961

🕸️

Exploring the REF2731 Intrusion Set

MaldocParallaxNetwire

🐝

Bumblebee: increasing its capacity and evolving its TTPs

BumblebeeMalware

🕳️

CVE-2022-29464 _ detailed analysis of a ShadowPad intrusion

ShadowPadCVE-2022-29464

🪙

Beginner's Guide to Sliver C2

C2Sliver

📨

CVE-2022-41040/41082 _ 0-day RCE on Microsoft Exchange

ExchangeCVE-2022-41040CVE-2022-41082

🚪

Bad VIB(E)s // Novel Malware in ESXi Hypervisors

MalwareVMWare

🎳

Automating C2 Infrastructure with Terraform, Nebula, Caddy and Cobalt Strike

🐬

Exploiting Flipper Zero’s NFC file loader

Flipper-ZeroNFCBuffer Overflow

🪆

A FormBook Matryoshka

MaldocWindows

🪣

CVE-2022-36804 _ Bitbucket Pre Auth Remote Command Execution

CVE-2022-36804

🏦

The Crypto Revolution

CryptoGovernancebankless

🥷🏿

Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat

MalwareLINUX

⏪

обзор на rizin

РоссияReverse

🐻

CVE-2022-30190 _ Overview of Bears Cyberespionage

APT28APT29CVE-2022-30190

📡

Hacking Ham Radio for Texting

HamRadioSpectrum

🔊

The Sound of Malware

MalwareSPKRWRITE

🃏

Tracking Joker with Medusa, static analysis (and patience)

AndroidMalwareJoker

🪲

CVE-2022-26809 _ Reaching Vulnerable Point

CVE-2022-26809Windows

🧱

APT groups carried out highly targeted attack on Sophos

CVE-2022-1040GoMetGh0stCTI

🤑

Stablecoins Are Products

CryptoStablecoins

👊

Emulating Phineas Phisher Attacks in Modern EDR Environments

C2TTPDEFRA

👻

GhostTouch: Contactless attack with Electromagnetic Signals

TAOEMITTRY

🌚

How to Make $800m in Crypto, Soros Style - Breaking $UST

CryptoUST

🧅

KAX17 de-anonymization against Tor

TorDe-anonKAX17

🦠

Android/BianLian payload

AndroidMalware

🌑

DarkFi

CryptoBlockchainZK

💔

Attacking ARM Pointer Authentication with Speculative Execution

VULNM1TTRY

🐛

Aoqin Dragon

WindowsMalware

🌐

reNgine - More than just a recon!

ReconScanVATTRY

💸

HOP Token Airdrop

DropCatcher

🌵

The Magic of ХYЙ

SPKRWRITEРоссия

🔏

Russia’s certificate authority for sanctioned organizations

Россия

💾

Self Hosted Roundup #7

SelfHosted

🤬

Automated Malware Analysis - Joe Sandbox

MalwareSandbox

👀

The Surreal Case of a C.I.A. Hacker’s Revenge

Enota

🧠

Meet Logseq, 'stores data like a brain'

SubstaTTRYKNWLDG

🕸️

Francesca Bria on Decentralisation, Sovereignty, and Web3

Web3Decentralisation

🎠

Xenomorph: Hatched Banking Trojan

Malware

🪖

Guerre di Rete - Ucraina, cronache dai cyber fronti

GuerreDiRete

🧪

CVE-2022-0847 _ The Dirty Pipe

CVE-2022-0847LINUXAndroidKERNEL

💣

Perché è il momento di fare (e informare) Guerre di Rete

GuerreDiRete

🎶

The state of music/Web3 tools for artists

Web3NFT

📱

NSO zero-click iMessage RCE exploit

VULNCVE-2021-30860

🎗️

Threat Thursday: BoratRAT

RATWindowsMalware

📞

A Comprehensive Analysis of the 3CX Attack

3CXSupply-chainCTILazarus

🪆

Vulkan files leak, a rare look into Russian cyberwarfare tactics

РоссияLeakCyberWarfare

🧦

CVE-2023-21768 _ Pwning Windows Ancillary Function Driver for WinSock (afd.sys)

WindowsAFDLPEWinSock

🦘

CVE-2022-47522 _ MacStealer: Wi-Fi Client Isolation Bypass

WiFiContext Override

🧿

ARM TrustZone: pivoting to the secure world

AndroidARMTrustZoneACE

🤸‍♂️

CVE-2023-27326 _ Parallels Toolgate VM Escape

MacOSParallelsVMEscape

🃏

BlackLotus UEFI bootkit: Myth confirmed

UEFIBootkitBlackLotusCTI

🤖

CVE-2022-25664 _ The code that wasn't there: Reading memory on an Android device by accident

AndroidAdrenoKASLR

💥

A Race to Report a TOCTOU: Analysis of a Bug Collision in Intel SMM

BiosSMMUEFIIntel

🪡

Userland exploit chain to dump the memory of any Windows PPL process

WindowsLSASSPPL

👀

CVE-2023-1017/18 _ Vulns in TPM 2.0 reference implementation code

TPMOOBEscape

🎳

Defining the Cobalt Strike Reflective Loader

Cobalt-StrikeReflectiveLoader

🐡

CVE-2023-25136 _ OpenSSH Pre-Auth Double Free

OpenSSHDouble-FreeOpenBSD

📪

CVE-2023-23397 _ Microsoft Outlook EoP

OutlookWindowsEoPNTLM

💣

Multiple Internet to Baseband RCE Vulns in Exynos Modems

BasebandRCEExynosAndroid

🖼️

CVE-2022-44268/7 _ ImageMagick: The hidden vulnerability behind your online images

ImageMagickRemote Leak

📄

CVE-2023-21608 _ Adobe Acrobat Reader resetForm RCE

AdobeAcrobatRCE

🪵

VMSA-2023-0001 _ VMware vRealize Log Insight Multiple Vulns

VMWarevRealize

🖖

CVE-2022-34689 _ Exploiting a Critical Spoofing Vuln in Windows CryptoAPI

WindowsMD5CryptoAPI

🛫

how to completely own an airline in 3 easy steps

jenkinsaviationnofly

🍎

CVE-2023-23504 _ XNU Heap Underwrite in dlil.c

AppleXNUMacOSiOS

💣

CVE-2022-38181 _ yet another Arm Mali GPU Android exploit

AndroidMaliARM

🍪

CVE-2022-42864 _ Diabolical Cookies on iOS/MacOS

iOSMacOSApple

💬

CVE-2023-24068/69 _ Abusing Signal Desktop for fun & Espionage

SignalDesktop

🐧

CVE-2023-0179 _ Linux kernel stack buffer overflow in nftables

LINUXKERNELNFTables

☠️

making malware with VX-API

VX-APIDevelopment

🐍

Prototype Pollution in Python

PythonPrototype

🔓

Unlocking LockBit, a Ransomware story

LockBitRansomware

🍯

Xdr33, A Variant Of CIA’s HIVE Attack Kit

XDR33HIVEC2

📧

The OWASSRF + TabShell exploit chain

ExchangeOWASSRFTabShell

🌲

Game Of Active Directory, PWNING is coming!

Active DirectoryLab

🌘

Blindside: EDR Evasion with Hardware Breakpoints

WindowsEDREvasion

💠

Precious Gemstones: The New Generation of Kerberos Attacks

KerberosWindowsAD

🕸️

Netcomm Unauthenticated RCE Vuln

NETCOMMNF20MESH

🌵

CVE-2022-46169 _ Cacti Unauthenticated Command Injection

CactiPHP

🦺

Exciting approaches to memory safety

memorysafetymitigationsarchitectures

☠️

CVE-2022-41082/80 _ OWASSRF, Bypassing ProxyNotShell Mitigations

OWASSRFExchange

🏹

MeshyJSON, A TP-Link tdpServer JSON Stack Overflow

TP-LinkArcher AX21

🦘

VLAN Hopping techniques

VLANNetworkingCISCO

🌶️

Spice up your persistence loading PHP extensions from memory

PHP ExtensionsX-C3LL

📛

Firebase is Insecure by Default

FirebaseFizz

🚶🏿‍♂️

SilentMoonwalk: Implementing a dynamic Call Stack Spoofer

WindowsStackSpoofing

🦊

CVE-2022-28672 _ Foxit PDF Reader UAF RCE

FoxitPDFWindows

🩸

CVE-2022-4543 _ EntryBleed: Breaking KASLR under KPTI with Prefetch

LINUXKASLRKPTI

🪤

Huawei Secure Monitor Vulnerabilities

AndroidHuaweiATFSecure Monitor

🧨

FOISted, remote exploit for MikroTik’s RouterOS 6

MikroTikRouterOSJailBreak

👺

IIS modules: The evolution of web shells

WindowsIISWebShell

🪣

Atlassian Session Hijacking (& 2FA bypass) using stolen JWTs

BitBucketJiraConfluence

🐧

CVE-2022-42703 _ Bringing back the stack attack to Linux (kernel)

LINUXKERNEL

🐡

Fuzzing ping(8)… and finding a 24 year old bug.

OpenBSDPingAFL

🔥

{JS-ON: Security-OFF}: Abusing JSON-Based SQL to Bypass WAF

JSONSQLiAntiWAF

🥌

CVE-2022-4059/42 _ Supply Chain Vulns Put Server Ecosystem At Risk

BMC&CAMIMegaRACRedfishIPMI

🥋

Multiple Zero-Day Vulnerabilities in Leading EDRs and AVs

FUDAntiEDRAV

🚥

CVE-2022-3328 _ Snapd Race condition in snap-confine

SnapdUbuntu

🪟

CVE-2022-41057 _ Windows 11 HTTP.SYS Kerberos PAC EoP

WindowsHTTP.SYSKerberos

⚠️

CVE-2022-41034 _ Visual Studio Code RCE

VSCodeRCE

📊

CVE-2022-41120 _ Sysmon EoP Abusing Arbitrary File Deletes

EoPWindows

📡

6G - The Sixth Generation Mobile Network

6GMobileCellularNetwork

🏪

In The Box - Mobile Malware Webinjects Marketplace

Dark MarketsWebinjects

🕋

Cobalt Strike Memory Analysis

Cobalt-StrikeKoboldLithiumMagnetLoader

🛡️

The Defender’s Guide to the Windows Registry

WindowsRegistryBlue

💥

The Intel PPAM attack story

PPAMSMMAMIFirmware

📄

CVE-2022-25765 _ Command Injection in pdfkit

pdfkitruby

⭐

Discover Redigo — New Redis Backdoor Malware

RedisRedigoCVE-2022-0543

🛰️

Dumping and extracting the SpaceX Starlink User Terminal firmware

StarlinkSpaceXReverse

📶

TP-Link WR940N N-Day turns into a 0day

TP-LinkWR940N

🦅

CVE-2022-44721 _ Crowdstrike Falcon Uninstaller

CVE-2022-2841CrowdStrikeFalcon

💫

CVE-2022-31358 _ Multiple Vulns in Proxmox VE & Mail Gateway

ProxmoxXSSCRLFSSRF

🐼

Hitching a ride with Mustang Panda

APTWindows

🎰

HTTP Desync Attack (Request Smuggling)

HTTP DesyncSmuggling

⚛️

CVE-2022-4116 _ zero-day flaw in Quarkus Java framework

QuarkusCORS

⌚

Hacking Smartwatches for Spear Phishing

SmartwatchBLE

💐

Blasting Event-Driven Cornucopia - WMI edition

WMIDKOMSandbox

🤖

Huawei Security Hypervisor Vulnerability

AndroidHuaweiHypervisor

🔑

Hell’s Keychain: Supply-chain vuln in IBM Cloud PostgreSQL

IBMSupply-chain

🦷

CVE-2022-42895/6 _ Linux Kernel Infoleak & UAF in Bluetooth L2CAP

LINUX

☁️

chip-to-cloud 'eID' logic vulnerabilities

eIDReverse

📹

Xiongmai IoT Exploitation

NVRIoTXiongmai

📌

Bypass Android SSL Pinning & Intercept Proxy Unaware apps

AndroidReverseSSL

⛏️

Linux & Windows Password Mining

LateralPrivEscPassword

🥊

Zero-to-Hero Dom Clobbering

DOMJSXSS

📋

Exploiting an N-day vBulletin PHP Object Injection Vulnerability

vBulletinPOP Chain

🎠

APT41’s New Subgroup: Earth Longzhi

APT41MalwareCTI

✔️

REcollapse - Fuzzing the web for mysterious bugs

User InputFuzzing

🕴️

CVE-2022-33942 _ Bypassing Intel DCM’s Auth by Spoofing Kerberos and LDAP

IntelKerberosLDAP

🖼️

PNG Steganography Hides Backdoor

SteganographyDropboxC&C

🤖

Userspace exploitation under Android

JNIAndroid

📡

NETGEAR R7800 AFPD PreAuth

Netgear R7800Heap Overflow

🧑‍🚀

CVE-2022-41924 _ RCE in Tailscale, DNS Rebinding, and You

TailscaleRCE

💣

The State of Exploit Development

ExploitDevelopment

🌏

Chrome Browser Exploitation

V8Chrome

🛡️

kmem_guard_t in iOS 16 / macOS 13

xnuMacOSiOS

🎩

Remote Command Execution in a Bank Server

RCERemote Banking

🔥

CVE-2022-41622/41800 _ F5 BIG-IP and iControl REST Vuln

F5 Big-IPiControl

🌐

CVE-2022-20868/7 _ Cisco SMA JWT EoP & SQLi RCE

Cisco SMACVE-2022-20868/7

🧇

CVE-2022-45163 _ NXP i.MX SDP_READ_DISABLE Fuse Bypass

i.MXHardware

📱

Pixel 6 Bootloader Exploitation writeup

AndroidHardware

🎛️

DeimosC2 C&C Framework brief-analysis

C2C&C

📧

CVE-2022-41082 _ RCE in Exchange PowerShell Backend

ExchangeCVE-2022-41082CVE-2022-41040

‼️

CVE-2022-32932 _ ZinComputeProgramUpdateMutables() OOB write due to double fetch

Neural EngineweightBufs

🏖️

CVE-2022-36067 _ SandBreak vm2 Unauth’ed RCE in Backstage

Backstagevm2

📦

CVE-2022-32895 _ CVE-2019-8561 _ A Hard-to-Banish PackageKit Vuln

MacOS

🔏

Cloning Windows Binaries and Code Signing Implants

EvasionWindows

🔓

Practical fault attacks against SM4

SM4HardwareGlitch

⚡

CVE-2022-40303/4 _ on MacOS <13.0.1 & iOS/iPadOS <16.1.1

libxml2iOSMacOS

💉

CVE-2022-35914 _ GLPI htmlawed

GLPICVE-2022-35914

🦝

Inside the V1 Raccoon Stealer

MalwareStealerRaccoon

🤯

weightBufs 🔥 exploit ⛓️ chain

iOSMacOSNeural Engine

📉

On-Chain Insights From the FTX Implosion

CryptoFinance

🕸️

Hosting Malware on IPFS for fun & profit!

IPFSMalwareWeb3

⛵

Does OpenSea Shared Storefront have a backdoor?

NFTOpenSeaWeb3

🔍

Web3 Decoder Burp Suite Extension

dAppWeb3

🧐

Using SystemFunction032 for shellcode decryption

WindowsShellcodeObf

🔑

Intel Boot Guard keys leak analysis

IntelLeakBios

🔀

Design and setup of C2 traffic redirectors

C2HTTP

🗞️

AppSec Ezine #455

AppSecEzine

🌊

Fodcha Is Coming Back, Raising A Wave of Ransom DDoS

DDoSBotNet

🩸

CVE-2022-26730 _ ColorSync

CVE-2022-26730MacOS

👩🏿‍💻

DevSecOps-Playbook: step-by-step implementation guide

DevSecOps

💥

Build a Self-Destructing USB Drive

HardwareTactical

⛓️

Checkmk RCE Chain

CheckmkRCE

🔬

Hardware Trojans Under a Microscope

RATHardware

🏬

More Evil Markets to buy Initial Access

Dark MarketsInitial Access

🌐

CVE-2022-33679 _ One-Day Kerberos EoP

KerberosWindows

🔗

urlscan.io's SOAR spot: Chatty security tools leaking private data

Leakdorks

🔏

CVE-2022-3602 _ OpenSSL punycode vulnerability

CVE-2022-3602CVE-2022-3786OpenSSL

🖼️

CVE-2022-40146 _ Apache Batik SSRF and RCE

Apache BatikJava

〽️

Exploited Windows “Mark-of-the-Web” Zero-Day

MoTWWindows

🚁

The Drone Cyberattack That Breached a Corporate Network

WiFiDrone

🪙

Abusing tokens to compromise AD w/o touching lsass

Token TheftActive Directory

🪖

That’s No Honey Badger. It’s A Brute Ratel. A Look At BRC4.

C2BRC4

🔗

LNK file-based Attacks Are on The Rise

LNKPhishingWindows

🌰

CVE-2022-32250 _ Exploit Linux Kernel Exploit with mqueue

CVE-2022-32250LINUXLPE

➕

From Shared Dash to Root Bash :: Pre-Auth’ed RCE in VMWare vROps

CVE-2022-31675CVE-2022-31674CVE-2022-31672

♻️

Eat What You Kill :: Pre-Auth’ed RCE in VMWare NSX Manager

VMSA-2022-0027VMWareNSX

💥

CVE-2022-34918 _ A crack in the Linux firewall

CVE-2022-34918LINUX

🥔

In the potato family, I want ‘em all

LPEWindows

📱

Android One-Click exploiting XSS on Samsung Galaxy Store

XSSAndroidSamsung

🎤

CVE-2022-32946 _ SiriSpy, eavesdrop conversations with Siri

iOSappleSiri

🪓

CVE-2022-37981 _ The Logging Dead

CVE-2022-37981Windows

💀

CVE-2022–34718 _ Windows TCP/IP RCE PoC & Analysis

CVE-2022–34718RCEWindows

🥷

APT techniques: Access Token manipulation/theft

Win32APIToken Theft

🧵

CVE-2022-35737 _ Stranger Strings: An exploitable flaw in SQLite

SQLiteCVE-2022-35737

🎯

CVE-2022-22954 _ Mirai, RAR1 & GuardMiner target a well-known VMware RCE

VMWareCVE-2022-22954

🪟

SharePoint Post-Authentication Server-Side Request Forgery (SSRF)

SharePointSSRF

🗼

SS7 устарел, long life to SS7

SS7GSMMobileРоссия

👯‍♀️

Client Side De-Sync and Synch0le

client-side desyncSynch0le

🏴

Black Basta and the Unnoticed Delivery

RansomwareBlack BastaCTI

☸️

Thousands Of Unsecured Kubernetes Clusters Exposed On The Internet

KubernetesK8SKubeStalk

🐰

Authentication Bypass & File Upload & Arbitrary File Overwrite

JWTS3BugBounty

🛍️

Темные Рынки в Телеграмме

TelegramDarkNetРоссия

⏪

Reverse Engineering the Apple MultiPeer Connectivity Framework

appleReversemcpeer

🕵️

Steganography: Creating a digital microdot

SteganographyMicrodot

📰

AppSec Ezine #453

AppSecEzine

🛰️

SpaceX Starlink User Terminal Modchip

StarlinkDefconModchip

💉

CVE-2022-3236 _ Sophos Firewall Code Injection

SophosJSONCVE-2022-3236

💧

BlueBleed - The Largest B2B Leak

BlueBleedAzureLeak

🔪

Fantastic Rootkits: And Where to Find Them

SSDTRootKitWindows

🧶

Exploit Deserialization Vulnerabilities in PHP

DeserializationPHP Filter Chain

📡

Wireless PenTest Methodologies

WirelessProximityTactical

🌿

CVE-2022-22980 _ Spring Data MongoDB SpEL ExpInjection

CVE-2022–22980VMWareSpring Data MongoDB

🛣️

Discovering _ CVE-2022–22980 real exploitable path

CVE-2022–22980CodeQL

🌍

Memory corruption vulnerabilities in Edge

EdgexplorerVULN

🔥

CVE-2022–42889 _ Text4Shell Vuln Technical Analysis

CVE-2022–42889Text4ShellApache Commons Text

🖥️

CVE-2022-27502 _ RealVNC Server 6.8.0 PrivEsc

CVE-2022-27502RealVNC

🎳

CVE-2022-39197 _ Cobalt Strike 4.7.1 RCE

CVE-2022-39197Cobalt-Strike

🪝

iOS Native Code Obfuscation and Syscall Hooking

iOSReverse

🛡️

SingPass RASP Analysis

ReverseiOS

🔑

Relaying YubiKeys

YubiKeyFIDO2

💸

Replicant: Fault Injection Attack on Trezor One

TrezorCryptoChipFail

🧨

CVE-2022-41852 _ RCE in JXPath Library

CVE-2022-41852JXPath

🦓

CVE-2022-41352 _ Zimbra 0-day

ZimbraCVE-2022-41352

🦓

CVE-2022-37042 _ Zimbra Email Vulnerability

ZimbraCVE-2022-37042

🧱

CVE-2022-40684 _ FortiOS/Proxy/SwitchManager AuthBypass

CVE-2022-40684Fortinet

♟️

CVE-2022-37969 _ Windows CLFS Zero-Day

CVE-2022-37969Windows

🗝️

Analysing LastPass Chrome Extension

LastPassChrome Remote Debugging

❤️‍🔥

Disposable Root Servers

SegfaultFree

🔊

L.E.J Mashup 80s

SPKRWRITE

🔓

Attacking Titan M with Only One Byte

CVE-2022-20233Titan M

🤖

Attacking Android kernel (ab)using Qualcomm TrustZone

TrustZoneCVE-2021-1961

🕸️

Exploring the REF2731 Intrusion Set

MaldocParallaxNetwire

🐝

Bumblebee: increasing its capacity and evolving its TTPs

BumblebeeMalware

🕳️

CVE-2022-29464 _ detailed analysis of a ShadowPad intrusion

ShadowPadCVE-2022-29464

🪙

Beginner's Guide to Sliver C2

C2Sliver

📨

CVE-2022-41040/41082 _ 0-day RCE on Microsoft Exchange

ExchangeCVE-2022-41040CVE-2022-41082

🚪

Bad VIB(E)s // Novel Malware in ESXi Hypervisors

MalwareVMWare

🎳

Automating C2 Infrastructure with Terraform, Nebula, Caddy and Cobalt Strike

🐬

Exploiting Flipper Zero’s NFC file loader

Flipper-ZeroNFCBuffer Overflow

🪆

A FormBook Matryoshka

MaldocWindows

🪣

CVE-2022-36804 _ Bitbucket Pre Auth Remote Command Execution

CVE-2022-36804

🏦

The Crypto Revolution

CryptoGovernancebankless

🥷🏿

Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat

MalwareLINUX

⏪

обзор на rizin

РоссияReverse

🐻

CVE-2022-30190 _ Overview of Bears Cyberespionage

APT28APT29CVE-2022-30190

📡

Hacking Ham Radio for Texting

HamRadioSpectrum

🔊

The Sound of Malware

MalwareSPKRWRITE

🃏

Tracking Joker with Medusa, static analysis (and patience)

AndroidMalwareJoker

🪲

CVE-2022-26809 _ Reaching Vulnerable Point

CVE-2022-26809Windows

🧱

APT groups carried out highly targeted attack on Sophos

CVE-2022-1040GoMetGh0stCTI

🤑

Stablecoins Are Products

CryptoStablecoins

👊

Emulating Phineas Phisher Attacks in Modern EDR Environments

C2TTPDEFRA

👻

GhostTouch: Contactless attack with Electromagnetic Signals

TAOEMITTRY

🌚

How to Make $800m in Crypto, Soros Style - Breaking $UST

CryptoUST

🧅

KAX17 de-anonymization against Tor

TorDe-anonKAX17

🦠

Android/BianLian payload

AndroidMalware

🌑

DarkFi

CryptoBlockchainZK

💔

Attacking ARM Pointer Authentication with Speculative Execution

VULNM1TTRY

🐛

Aoqin Dragon

WindowsMalware

🌐

reNgine - More than just a recon!

ReconScanVATTRY

💸

HOP Token Airdrop

DropCatcher

🌵

The Magic of ХYЙ

SPKRWRITEРоссия

🔏

Russia’s certificate authority for sanctioned organizations

Россия

💾

Self Hosted Roundup #7

SelfHosted

🤬

Automated Malware Analysis - Joe Sandbox

MalwareSandbox

👀

The Surreal Case of a C.I.A. Hacker’s Revenge

Enota

🧠

Meet Logseq, 'stores data like a brain'

SubstaTTRYKNWLDG

🕸️

Francesca Bria on Decentralisation, Sovereignty, and Web3

Web3Decentralisation

🎠

Xenomorph: Hatched Banking Trojan

Malware

🪖

Guerre di Rete - Ucraina, cronache dai cyber fronti

GuerreDiRete

🧪

CVE-2022-0847 _ The Dirty Pipe

CVE-2022-0847LINUXAndroidKERNEL

💣

Perché è il momento di fare (e informare) Guerre di Rete

GuerreDiRete

🎶

The state of music/Web3 tools for artists

Web3NFT

📱

NSO zero-click iMessage RCE exploit

VULNCVE-2021-30860

🎗️

Threat Thursday: BoratRAT

RATWindowsMalware