STRLCPY(3)

🤖
Userspace exploitation under Android
JNIAndroid
📡
NETGEAR R7800 AFPD PreAuth
Netgear R7800Heap Overflow
🧑‍🚀
CVE-2022-41924 _ RCE in Tailscale, DNS Rebinding, and You
TailscaleRCE
💣
The State of Exploit Development
ExploitDevelopment
🌏
Chrome Browser Exploitation
V8Chrome
🛡️
kmem_guard_t in iOS 16 / macOS 13
xnuMacOSiOS
🎩
Remote Command Execution in a Bank Server
RCERemote Banking
🔥
CVE-2022-41622/41800 _ F5 BIG-IP and iControl REST Vuln
F5 Big-IPiControl
🌐
CVE-2022-20868/7 _ Cisco SMA JWT EoP & SQLi RCE
Cisco SMACVE-2022-20868/7
🧇
CVE-2022-45163 _ NXP i.MX SDP_READ_DISABLE Fuse Bypass
i.MXHardware
📱
Pixel 6 Bootloader Exploitation writeup
AndroidHardware
🎛️
DeimosC2 C&C Framework brief-analysis
C2C&C
📧
CVE-2022-41082 _ RCE in Exchange PowerShell Backend
ExchangeCVE-2022-41082CVE-2022-41040
‼️
CVE-2022-32932 _ ZinComputeProgramUpdateMutables() OOB write due to double fetch
Neural EngineweightBufs
🏖️
CVE-2022-36067 _ SandBreak vm2 Unauth’ed RCE in Backstage
Backstagevm2
📦
CVE-2022-32895 _ CVE-2019-8561 _ A Hard-to-Banish PackageKit Vuln
MacOS
🔏
Cloning Windows Binaries and Code Signing Implants
EvasionWindows
🔓
Practical fault attacks against SM4
SM4HardwareGlitch
⚡
CVE-2022-40303/4 _ on MacOS <13.0.1 & iOS/iPadOS <16.1.1
libxml2iOSMacOS
💉
CVE-2022-35914 _ GLPI htmlawed
GLPICVE-2022-35914
🦝
Inside the V1 Raccoon Stealer
MalwareStealerRaccoon
🤯
weightBufs 🔥 exploit ⛓️ chain
iOSMacOSNeural Engine
📉
On-Chain Insights From the FTX Implosion
CryptoFinance
🕸️
Hosting Malware on IPFS for fun & profit!
IPFSMalwareWeb3
⛵
Does OpenSea Shared Storefront have a backdoor?
NFTOpenSeaWeb3
🔍
Web3 Decoder Burp Suite Extension
dAppWeb3
🧐
Using SystemFunction032 for shellcode decryption
WindowsShellcodeObf
🔑
Intel Boot Guard keys leak analysis
IntelLeakBios
🔀
Design and setup of C2 traffic redirectors
C2HTTP
🗞️
AppSec Ezine #455
AppSecEzine
🌊
Fodcha Is Coming Back, Raising A Wave of Ransom DDoS
DDoSBotNet
🩸
CVE-2022-26730 _ ColorSync
CVE-2022-26730MacOS
👩🏿‍💻
DevSecOps-Playbook: step-by-step implementation guide
DevSecOps
💥
Build a Self-Destructing USB Drive
HardwareTactical
⛓️
Checkmk RCE Chain
CheckmkRCE
🔬
Hardware Trojans Under a Microscope
RATHardware
🏬
More Evil Markets to buy Initial Access
Dark MarketsInitial Access
🌐
CVE-2022-33679 _ One-Day Kerberos EoP
KerberosWindows
🔗
urlscan.io's SOAR spot: Chatty security tools leaking private data
Leakdorks
🔏
CVE-2022-3602 _ OpenSSL punycode vulnerability
CVE-2022-3602CVE-2022-3786OpenSSL
🖼️
CVE-2022-40146 _ Apache Batik SSRF and RCE
Apache BatikJava
〽️
Exploited Windows “Mark-of-the-Web” Zero-Day
MoTWWindows
🚁
The Drone Cyberattack That Breached a Corporate Network
WiFiDrone
🪙
Abusing tokens to compromise AD w/o touching lsass
Token TheftActive Directory
🪖
That’s No Honey Badger. It’s A Brute Ratel. A Look At BRC4.
C2BRC4
🔗
LNK file-based Attacks Are on The Rise
LNKPhishingWindows
🌰
CVE-2022-32250 _ Exploit Linux Kernel Exploit with mqueue
CVE-2022-32250LINUXLPE
➕
From Shared Dash to Root Bash :: Pre-Auth’ed RCE in VMWare vROps
CVE-2022-31675CVE-2022-31674CVE-2022-31672
♻️
Eat What You Kill :: Pre-Auth’ed RCE in VMWare NSX Manager
VMSA-2022-0027VMWareNSX
💥
CVE-2022-34918 _ A crack in the Linux firewall
CVE-2022-34918LINUX
🥔
In the potato family, I want ‘em all
LPEWindows
📱
Android One-Click exploiting XSS on Samsung Galaxy Store
XSSAndroidSamsung
🎤
CVE-2022-32946 _ SiriSpy, eavesdrop conversations with Siri
iOSappleSiri
🪓
CVE-2022-37981 _ The Logging Dead
CVE-2022-37981Windows
💀
CVE-2022–34718 _ Windows TCP/IP RCE PoC & Analysis
CVE-2022–34718RCEWindows
🥷
APT techniques: Access Token manipulation/theft
Win32APIToken Theft
🧵
CVE-2022-35737 _ Stranger Strings: An exploitable flaw in SQLite
SQLiteCVE-2022-35737
🎯
CVE-2022-22954 _ Mirai, RAR1 & GuardMiner target a well-known VMware RCE
VMWareCVE-2022-22954
🪟
SharePoint Post-Authentication Server-Side Request Forgery (SSRF)
SharePointSSRF
🗼
SS7 устарел, long life to SS7
SS7GSMMobileРоссия
👯‍♀️
Client Side De-Sync and Synch0le
client-side desyncSynch0le
🏴
Black Basta and the Unnoticed Delivery
RansomwareBlack BastaCTI
☸️
Thousands Of Unsecured Kubernetes Clusters Exposed On The Internet
KubernetesK8SKubeStalk
🐰
Authentication Bypass & File Upload & Arbitrary File Overwrite
JWTS3BugBounty
🛍️
Темные Рынки в Телеграмме
TelegramDarkNetРоссия
⏪
Reverse Engineering the Apple MultiPeer Connectivity Framework
appleReversemcpeer
🕵️
Steganography: Creating a digital microdot
SteganographyMicrodot
📰
AppSec Ezine #453
AppSecEzine
💉
CVE-2022-3236 _ Sophos Firewall Code Injection
SophosJSONCVE-2022-3236
💧
BlueBleed - The Largest B2B Leak
BlueBleedAzureLeak
🔪
Fantastic Rootkits: And Where to Find Them
SSDTRootKitWindows
🧶
Exploit Deserialization Vulnerabilities in PHP
DeserializationPHP Filter Chain
📡
Wireless PenTest Methodologies
WirelessProximityTactical
🌿
CVE-2022-22980 _ Spring Data MongoDB SpEL ExpInjection
CVE-2022–22980VMWareSpring Data MongoDB
🛣️
Discovering _ CVE-2022–22980 real exploitable path
CVE-2022–22980CodeQL
🌍
Memory corruption vulnerabilities in Edge
EdgexplorerVULN
🔥
CVE-2022–42889 _ Text4Shell Vuln Technical Analysis
CVE-2022–42889Text4ShellApache Commons Text
🖥️
CVE-2022-27502 _ RealVNC Server 6.8.0 PrivEsc
CVE-2022-27502RealVNC
🎳
CVE-2022-39197 _ Cobalt Strike 4.7.1 RCE
CVE-2022-39197Cobalt-Strike
🪝
iOS Native Code Obfuscation and Syscall Hooking
iOSReverse
🛡️
SingPass RASP Analysis
ReverseiOS
🔑
Relaying YubiKeys 
YubiKeyFIDO2
💸
Replicant: Fault Injection Attack on Trezor One
TrezorCryptoChipFail
🧨
CVE-2022-41852 _ RCE in JXPath Library
CVE-2022-41852JXPath
🦓
CVE-2022-41352 _ Zimbra 0-day
ZimbraCVE-2022-41352
🦓
CVE-2022-37042 _ Zimbra Email Vulnerability
ZimbraCVE-2022-37042
🧱
CVE-2022-40684 _ FortiOS/Proxy/SwitchManager AuthBypass
CVE-2022-40684Fortinet
♟️
CVE-2022-37969 _ Windows CLFS Zero-Day
CVE-2022-37969Windows
🗝️
Analysing LastPass Chrome Extension
LastPassChrome Remote Debugging
❤️‍🔥
Disposable Root Servers
SegfaultFree
🔊
L.E.J Mashup 80s
SPKRWRITE
🔓
Attacking Titan M with Only One Byte
CVE-2022-20233Titan M
🤖
Attacking Android kernel (ab)using Qualcomm TrustZone
TrustZoneCVE-2021-1961
🕸️
Exploring the REF2731 Intrusion Set
MaldocParallaxNetwire
🐝
Bumblebee: increasing its capacity and evolving its TTPs
BumblebeeMalware
🕳️
CVE-2022-29464 _ detailed analysis of a ShadowPad intrusion
ShadowPadCVE-2022-29464
🪙
Beginner's Guide to Sliver C2
C2Sliver
📨
CVE-2022-41040/41082 _ 0-day RCE on Microsoft Exchange
ExchangeCVE-2022-41040CVE-2022-41082
🚪
Bad VIB(E)s // Novel Malware in ESXi Hypervisors
MalwareVMWare
🎳
Automating C2 Infrastructure with Terraform, Nebula, Caddy and Cobalt Strike
C2
🐬
Exploiting Flipper Zero’s NFC file loader
Flipper-ZeroNFCBuffer Overflow
🪆
A FormBook Matryoshka
MaldocWindows
🪣
CVE-2022-36804 _ Bitbucket Pre Auth Remote Command Execution
CVE-2022-36804
🏦
The Crypto Revolution
CryptoGovernancebankless
🥷🏿
Symbiote: A New, Nearly-Impossible-to-Detect Linux Threat
MalwareLINUX
⏪
обзор на rizin
РоссияReverse
🐻
CVE-2022-30190 _ Overview of Bears Cyberespionage
APT28APT29CVE-2022-30190
📡
Hacking Ham Radio for Texting
HamRadioSpectrum
🔊
The Sound of Malware
MalwareSPKRWRITE
🃏
Tracking Joker with Medusa, static analysis (and patience)
AndroidMalwareJoker
🪲
CVE-2022-26809 _ Reaching Vulnerable Point
CVE-2022-26809Windows
🧱
APT groups carried out highly targeted attack on Sophos
CVE-2022-1040GoMetGh0stCTI
🤑
Stablecoins Are Products
CryptoStablecoins
👊
Emulating Phineas Phisher Attacks in Modern EDR Environments
C2TTPDEFRA
👻
GhostTouch: Contactless attack with Electromagnetic Signals
TAOEMITTRY
🌚
How to Make $800m in Crypto, Soros Style - Breaking $UST
CryptoUST
🧅
KAX17 de-anonymization against Tor
TorDe-anonKAX17
🦠
Android/BianLian payload
AndroidMalware
🌑
DarkFi
CryptoBlockchainZK
💔
Attacking ARM Pointer Authentication with Speculative Execution
VULNM1TTRY
🐛
Aoqin Dragon
WindowsMalware
🌐
reNgine - More than just a recon!
ReconScanVATTRY
💸
HOP Token Airdrop
DropCatcher
🌵
The Magic of ХYЙ
SPKRWRITEРоссия
🔏
Russia’s certificate authority for sanctioned organizations
Россия
💾
Self Hosted Roundup #7
SelfHosted
🤬
Automated Malware Analysis - Joe Sandbox
MalwareSandbox
👀
The Surreal Case of a C.I.A. Hacker’s Revenge
Enota
🧠
Meet Logseq, 'stores data like a brain'
SubstaTTRYKNWLDG
🕸️
Francesca Bria on Decentralisation, Sovereignty, and Web3
Web3Decentralisation
🎠
Xenomorph: Hatched Banking Trojan
Malware
🪖
Guerre di Rete - Ucraina, cronache dai cyber fronti
GuerreDiRete
🧪
CVE-2022-0847 _ The Dirty Pipe
CVE-2022-0847LINUXAndroidKERNEL
💣
Perché è il momento di fare (e informare) Guerre di Rete
GuerreDiRete
🎶
The state of music/Web3 tools for artists
Web3NFT
📱
NSO zero-click iMessage RCE exploit
VULNCVE-2021-30860
🎗️
Threat Thursday: BoratRAT
RATWindowsMalware