Interested in Anti-Cheat analysis? I highly recommend checking out Guided Hacking’s Anti-Cheat section. I’ve been reversing Black Ops Cold War for a while now, and I’ve finally decided to share my research regarding the user-mode anti-cheat inside the game.…

Technical blog by Stephan Berger (@malmoeb)

Team82 investigated what CISA labeled a backdoor in the Contec CMS8000 patient monitoring system and concluded that instead, the decision to include a hardcoded IP address is instead an insecure and risky design choice on the part of the vendor.

Summary A vulnerability in Palo Alto Expedition allows remote attackers who can reach the web interface to execute arbitrary code. Credit An independent security researcher working with SSD Secure Disclosure. Vendor Response Palo Alto has released the following…

In this post, I will introduce the "cookie sandwich" technique which lets you bypass the HttpOnly flag on certain servers. This research follows on from Bypassing WAFs with the phantom $Version cookie

Are you like me, struggling to get your head around terms like symmetric encryption, asymmetric encryption, public key, private key…

Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform - research.md

The Oligo research team has discovered a critical vulnerability in meta-llama, an open source framework from Meta for building and deploying GenAI applications.

Yesterday we discovered another client-side JavaScript attack targeting +500 websites, including governments and universities. The injected scripts create hidden links in the Document Object Model (DOM), pointing to external websites, a programming interface…

WinVisor is a hypervisor-based emulator for Windows x64 user-mode executables that leverages the Windows Hypervisor Platform API to provide a virtualized environment for logging syscalls and enabling memory introspection.

Accuracy, Coverage & Integration: A Comprehensive Benchmark for Modern SAST Tools

Non-Human Identities (NHIs) are essential for automation but pose unique security challenges requiring tailored management and protection strategies. Know more!

The research unveils a new attack surface in Windows by exploiting Best-Fit, an internal charset conversion feature. Through our work, we successfully transformed this feature into several practical attacks, including Path Traversal, Argument Injection, and…

A new way to use BYOVD technique. By combining the file-writing capabilities of a driver with Windows symbolic links

A newly discovered VPN backdoor uses some interesting tactics to avoid detection: When threat actors use backdoor malware to gain access to a network, they want to make sure all their hard work can’t be leveraged by competing groups or detected by defenders.…

Process Hollowing (a.k.a. RunPE) is probably the oldest, and the most popular process impersonation technique (it allows to run a malicious executable under the cover of a benign process). It is us…

Welcome to Monday, and what an excitingly fresh start to the week we're all having.

Grab your coffee, grab your vodka - we're diving into a currently exploited-in-the-wild critical Authentication Bypass affecting foRtinet's (we are returning the misspelling…

The security of embedded systems running Real-Time Operating Systems (RTOS) like Wind River VxWorks is vital in high stakes sectors such as OT, defense, and aviation.

leveraging AiTM and the OAuth 2.0 authorization code flow to steal access and refresh tokens. Modified AITMWorker for steal refreshtokens.

Yeti is a Forensic Intelligence platform and pipeline for DFIR teams. Rhino Security Labs will detail 2 security flaws that, combined, lead to unauthenticated RCE.