SysOwned, Your Friendly Support Ticket - SysAid On-Premise Pre-Auth RCE Chain (CVE-2025-2775 And Friends) #SysOwned #SysAid #Vulnerabilities #PreAuthRCE #CVE20252775 https://labs.watchtowr.com/sysowned-your-friendly-rce-support-ticket/
watchTowr Labs
SysOwned, Your Friendly Support Ticket - SysAid On-Premise Pre-Auth RCE Chain (CVE-2025-2775 And Friends)
It’s… another week, and another vendor who is apparently experienced with ransomware gangs but yet struggles with email.
In what we've seen others term "the watchTowr treatment", we are once again (surprise, surprise) disclosing vulnerability research that…
In what we've seen others term "the watchTowr treatment", we are once again (surprise, surprise) disclosing vulnerability research that…
Drag and Pwnd: Leverage ASCII characters to exploit VS Code #ASCIIexploitation #ControlCharacters #VSCodeVulnerabilities #NodePty #TerminalSecurity https://portswigger.net/research/drag-and-pwnd-leverage-ascii-characters-to-exploit-vs-code
PortSwigger Research
Drag and Pwnd: Leverage ASCII characters to exploit VS Code
Control characters like SOH, STX, EOT and ETX were never meant to run your code - but in the world of modern terminal emulators, they sometimes do. In this post, I'll dive into the forgotten mechanics
Tracing malloc calls with PCode #BlackHatUSA #bughunting #Ghidra #malloccalls #PCode https://medium.com/@cy1337/tracing-data-flow-with-pcode-f879278d9fc1
Medium
Tracing malloc calls with PCode
It’s that time of the year again, Black Hat USA is just a few months away and I’m honored to be back again for another year teaching about…
The Path to Memory Safety is Inevitable #MemorySafety #OpenSource #GNU #Linux https://hardenedlinux.org/blog/2025-05-07-the-path-to-memory-safety-is-inevitable/
hardenedlinux.org
The Path to Memory Safety is Inevitable
Santizer is the most effective way to enhance the memory safety. Fuzzer helps as well! Fil-C...
CVE-2024-11477- 7-Zip ZSTD Buffer Overflow Vulnerability #CVE-2024-11477 #7zip #ZSTD #BufferOverflow #Crowdfense https://www.crowdfense.com/cve-2024-11477-7zip-zstd-buffer-overflow/
Crowdfense
CVE-2024-11477- 7-Zip ZSTD Buffer Overflow Vulnerability - Crowdfense
CVE-2024-11477, a buffer overflow vulnerability in 7-Zip's ZSTD decompression algorithm; explore the technical details.
Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources #StealthyMalware #HidingPayloads #BitmapResources #ObfuscationTechniques #ThreatResearch https://unit42.paloaltonetworks.com/malicious-payloads-as-bitmap-resources-hide-net-malware/
Unit 42
Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources
Unit 42 details a new malware obfuscation technique where threat actors hide malware in bitmap resources within .NET applications. These deliver payloads like Agent Tesla or XLoader. Unit 42 details a new malware obfuscation technique where threat actors…
One-Click RCE in ASUS’s Preinstalled Driver Software #ASUS #RCE #SecurityVulnerability #BugBounty #CVE-2025-3462 https://mrbruh.com/asusdriverhub/
Mrbruh
One-Click RCE in ASUS's Preinstalled Driver Software
One-Click RCE in ASUS’s Preinstalled Driver Software Part Two of the ASUS series is out, read it here.
Introduction This story begins with a conversation about new PC parts.
After ignoring the advice from my friend, I bought a new ASUS motherboard for my…
Introduction This story begins with a conversation about new PC parts.
After ignoring the advice from my friend, I bought a new ASUS motherboard for my…
Modernizing LDAP with Keycloak: Build a Scalable, Secure IAM Architecture #ModernizeLDAP #Keycloak #SecureIAM #ScalableArchitecture #EasyIntegration https://www.cloud-iam.com/post/ldap-idp-broker
Cloud-Iam
Modernizing LDAP with Keycloak: Build a Scalable, Secure IAM Architecture
Learn how to extend your existing LDAP infrastructure using Keycloak—without replatforming. This guide covers integration strategies, SSO, MFA, and identity federation best practices.
Stateful Connection With Spoofed Source IP — NetImpostor #StatefulConnection #SpoofedSourceIP #ARPpoisoning #NetImpostor #NetworkImpersonation https://tastypepperoni.medium.com/stateful-connection-with-spoofed-source-ip-netimpostor-ece8b950a981
Medium
Stateful Connection With Spoofed Source IP — NetImpostor
Overview
Eclipse on Next.js: Conditioned exploitation of an intended race-condition #NextJsEclipseExploitation #RaceConditionResearch #RaceConditionExploit #CachePoisoning #WebSecurityResearch https://zhero-web-sec.github.io/research-and-things/eclipse-on-nextjs-conditioned-exploitation-of-an-intended-race-condition
zhero_web_security
Eclipse on Next.js: Conditioned exploitation of an intended race-condition
CVE-2025-32421
Finding Heap Overflows with AFL++ Unicorn Mode #HeapOverflow #Fuzzing #UnicornMode #MemorySafety #BlackHatUSA https://medium.com/@cy1337/finding-heap-overflows-with-afl-unicorn-mode-18e85d571c0f
Medium
Finding Heap Overflows with AFL++ Unicorn Mode
In my last post, I demonstrated a basic approach to fuzzing an RTOS firmware using AFL++’s Unicorn mode. The provided firmware for that…
Malvertising’s New Threat: Exploiting Trusted Google Domains #Malvertising #GoogleAPIs https://www.geoedge.com/malvertisings-new-threat-exploiting-trusted-google-domains/
GeoEdge
Malvertising's New Threat: Exploiting Trusted Google Domains
A new malvertising scheme is turning legitimate e-commerce sites into phishing traps without the knowledge of site owners or advertisers. By exploiting the integrations with Google APIs, they are injecting malicious scripts into ecommerce sites using JSONP…
Red Team Gold: Extracting Credentials from MDT Shares #TrustedSec #RedTeamGold #MDTShares #CredentialsExtraction #EnterpriseSecurity https://trustedsec.com/blog/red-team-gold-extracting-credentials-from-mdt-shares
TrustedSec
Red Team Gold: Extracting Credentials from MDT Shares
EvilWorker #EvilWorker #AiTMattack #ServiceWorkers #CredentialPhishing #InnovativeApproach https://medium.com/@ahaz1701/evilworker-da94ae171249
Medium
EvilWorker: a new AiTM attack framework based on leveraging service workers
EvilWorker is a new AiTM attack framework designed to conduct credential phishing campaigns.
Branch Privilege Injection: Exploiting Branch Predictor Race Conditions #BranchPrivilegeInjection #RaceCondition #Intel #Vulnerability #SecurityMitigations https://comsec.ethz.ch/research/microarch/branch-privilege-injection/
Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817) #CVE2025 #Netwrix #RCE #PasswordSecure #RemoteCodeExecution https://www.8com.de/cyber-security-blog/authenticated-remote-code-execution-in-netwrix-password-secure-cve-2025-26817
www.8com.de
cve-2025-26817 netwrix rce
Authenticated Remote Code Execution Vulnerability in Netwrix Password Secure
Automating MS-RPC vulnerability research #AutomatingVulnerabilityResearch #MS-RPCProtocol #FuzzingApproach #NTObjectManager #SecurityResearch https://www.incendium.rocks/posts/Automating-MS-RPC-Vulnerability-Research/
Remco van der Meer
Automating MS-RPC vulnerability research
Diving into the MS-RPC protocol and how to automate vulnerability research using a fuzzing approach.
Live Forensic Collection from Ivanti EPMM Appliances (CVE-2025-4427 & CVE-2025-4428) #LiveForensicCollection #IvantiEPMMAppliances #CVE20254427 #CVE20254428 #ProferoInsights https://profero.io/blog/ivanti-epmm-attacks
profero.io
Live Forensic Collection from Ivanti EPMM Appliances (CVE-2025-4427 & CVE-2025-4428)
Two newly discovered vulnerabilities (CVE-2025-4427 CVE-2025-4428) in Ivanti Endpoint Mobile Manager are being actively exploited leading to severe data breach