Privescing a Laptop with BitLocker + PIN #BitLocker #TPM #PINProtection #HardwareHacking #KeyRecovery https://www.errno.fr/Bitlocker_TPM_and_PIN_privesc
LockBit Returns — and It Already Has Victims #LockBit #Ransomware #Resurgence #CyberThreat #LockBit5.0 https://blog.checkpoint.com/research/lockbit-returns-and-it-already-has-victims/
TARmageddon (CVE-2025-62518): RCE Vulnerability Highlights the Challenges of Open Source Abandonware #TARmageddon #CVE202562518 #OpenSourceSecurity #Abandonware #RCEVulnerability https://edera.dev/stories/tarmageddon
Edera
CVE-2025-62518 Shows the Cost of Open Source Abandonware
Edera uncovers TARmageddon (CVE-2025-62518), a Rust async-tar RCE flaw exposing the real dangers of open-source abandonware and supply chain security.
Hacking the World Poker Tour: Inside ClubWPT Gold’s Back Office #ClubWPTHack #DataExposure #BackOfficeCompromise #Vulnerability #2FABypass https://samcurry.net/hacking-clubwpt-gold
samcurry.net
Hacking the World Poker Tour: Inside ClubWPT Gold’s Back Office
In June, 2025, Shubs Shah and I discovered a vulnerability in the online poker website ClubWPT Gold which would have allowed an attacker to fully access the core back office application that is used for all administrative site functionality.
WSO2 #1: 404 to arbitrary file read #WSO2 #XXE #FileRead #CVE20252905 #APIManager https://crnkovic.dev/wso2-404-to-arbitrary-file-read/
Hack-cessibility: When DLL Hijacks Meet Windows Helpers #DLLHijacking #WindowsPersistence #AccessibilityAbuse #LateralMovement #RedTeaming https://trustedsec.com/blog/hack-cessibility-when-dll-hijacks-meet-windows-helpers
TrustedSec
Hack-cessibility: When DLL Hijacks Meet Windows Helpers
Desktop Window Manager Array Out Of Bounds LPE #DWM #OutOfBounds #LPE #WindowsVulnerability #CVE202555681 https://ssd-disclosure.com/desktop-window-manager-array-out-of-bounds-lpe/
SSD Secure Disclosure
Desktop Window Manager Array Out Of Bounds LPE - SSD Secure Disclosure
Vendor Response The vendor has released a patch for Windows that addresses this vulnerability: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-55681 CVE CVE-2025-55681 Credit The vulnerability was disclosed during our TyphoonPWN Windows category…
🔥2
How SOC Teams Operationalize Real-Time Defense Against Credential Replay Attacks #CredentialReplay #SOCteams #AccountTakeover #MFAbypass #RealTimeDefense https://www.memcyco.com/how-soc-teams-operationalize-real-time-defense-against-credential-replay-attacks/
Memcyco
Credential Replay Attack Defense for SOC Teams | Memcyco
Stop credential replay attacks early. See how SOC teams use real-time detection and decoy credentials to prevent escalation.
Threat Intelligence List #HelixGuard #OpenSource #SecurityResearch #CyberSecurity #InfoSec https://helixguard.ai/intelligence
We May Have Finally Fixed Python’s 25-Year-Old
Vulnerability #PythonSecurity #PickleModule #ContextTainting #Deserialization #VulnerabilityFix https://iyehuda.substack.com/p/we-may-have-finally-fixed-pythons
Vulnerability #PythonSecurity #PickleModule #ContextTainting #Deserialization #VulnerabilityFix https://iyehuda.substack.com/p/we-may-have-finally-fixed-pythons
Substack
We May Have Finally Fixed Python’s 25-Year-Old Vulnerability
A Context Tainting Approach to Mitigate Python Deserialization Attacks
Automating COM/DCOM vulnerability research #COM #DCOM #Fuzzing #VulnerabilityResearch #Automation https://www.incendium.rocks/posts/Automating-COM-Vulnerability-Research/
Remco van der Meer
Automating COM/DCOM vulnerability research
Diving into COM/DCOM and how to automate vulnerability research using a fuzzing approach.
A Deep Dive Into Warlock Ransomware Deployed Via ToolShell SharePoint Chained Vulnerabilities #WarlockRansomware #SharePointVulnerabilities #MalwareAnalysis #DefenseEvasion #HybridEncryption https://hybrid-analysis.blogspot.com/2025/10/a-deep-dive-into-warlock-ransomware.html
Blogspot
A Deep Dive Into Warlock Ransomware Deployed Via ToolShell SharePoint Chained Vulnerabilities
Author(s): Vlad Pasca Warlock ransomware was deployed by exploiting the SharePoint vulnerabilities CVE-2025-53770 and CVE-2025-53771 The ma...
GlobalCVE: A unified, open-source hub for global vulnerability intelligence. Built for clarity, collaboration, and security https://globalcve.xyz/
Updating Exploit Likelihood with Control Effectiveness https://stephenshaffer.io/quantifying-swiss-cheese-the-bayesian-way-b2b512472d85
Medium
Updating Exploit Likelihood with Control Effectiveness
Updating Exploitation Likelihood with Control Effectiveness
EDR-Redir V2: Blind EDR With Fake Program Files #BlindEDR #EDRRedirV2 #BindLinkExploit #FolderRedirection #DefenseEvasion https://www.zerosalarium.com/2025/11/EDR-Redir-V2-Blind-EDR-With-Fake-Program-Files.html
Zerosalarium
EDR-Redir V2: Blind EDR With Fake Program Files
EDR-Redir V2 uses bind link technique with Program Files folder. Create bind link for folder points to itself to break, bypass, block Antivirus, EDRs
Sniffing established BLE connections with HackRF One #BLESniffing #SoftwareDefinedRadio #HackRFOne #ChannelHopping #IoTSecurity https://blog.lexfo.fr/sniffing-ble-sdr.html
blog.lexfo.fr
Sniffing established BLE connections with HackRF One
<p>Tracking already-established BLE connections using SDR has its own challenges. With custom firmware and multi-channel listening, the presented approach quickly deduces the hidden hopping parameters needed to follow the connection.</p>
Unvalidated Trust: Cross-Stage Vulnerabilities in Large Language Model Architectures #LLMVulnerabilities #CrossStageSecurity #UnvalidatedTrust #ZeroTrustAI #AIArchitecture https://arxiv.org/abs/2510.27190
arXiv.org
Unvalidated Trust: Cross-Stage Vulnerabilities in Large Language...
As Large Language Models (LLMs) are increasingly integrated into automated, multi-stage pipelines, risk patterns that arise from unvalidated trust between processing stages become a practical...
RondoDox v2: Evolution of RondoDox Botnet with 650% More Exploits #RondoDoxV2 #BotnetEvolution #MassExploitation #IoTSecurity #CybersecurityThreat https://beelzebub.ai/blog/rondo-dox-v2/
Beelzebub
RondoDox v2: Evolution of RondoDox Botnet with 650% More Exploits | AI-Native security platform
AI-Native security platform: Deceive, Detect, Respond. “You can’t defend. You can’t prevent. The only thing you can do is detect and respond.” Bruce Schneier. We turn that hard truth into your tactical advantage. Our AI-based decoys, built using our open…
LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices #LANDFALL #AndroidSpyware #SamsungExploit #ZeroDay #DNGImages https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/
Unit 42
LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices
Commercial-grade LANDFALL spyware exploits CVE-2025-21042 in Samsung Android’s image processing library. The spyware was embedded in malicious DNG files.