CVE-2024-11477- 7-Zip ZSTD Buffer Overflow Vulnerability #CVE-2024-11477 #7zip #ZSTD #BufferOverflow #Crowdfense https://www.crowdfense.com/cve-2024-11477-7zip-zstd-buffer-overflow/
Crowdfense
CVE-2024-11477- 7-Zip ZSTD Buffer Overflow Vulnerability - Crowdfense
CVE-2024-11477, a buffer overflow vulnerability in 7-Zip's ZSTD decompression algorithm; explore the technical details.
Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources #StealthyMalware #HidingPayloads #BitmapResources #ObfuscationTechniques #ThreatResearch https://unit42.paloaltonetworks.com/malicious-payloads-as-bitmap-resources-hide-net-malware/
Unit 42
Stealthy .NET Malware: Hiding Malicious Payloads as Bitmap Resources
Unit 42 details a new malware obfuscation technique where threat actors hide malware in bitmap resources within .NET applications. These deliver payloads like Agent Tesla or XLoader. Unit 42 details a new malware obfuscation technique where threat actors…
One-Click RCE in ASUS’s Preinstalled Driver Software #ASUS #RCE #SecurityVulnerability #BugBounty #CVE-2025-3462 https://mrbruh.com/asusdriverhub/
Mrbruh
One-Click RCE in ASUS's Preinstalled Driver Software
One-Click RCE in ASUS’s Preinstalled Driver Software Part Two of the ASUS series is out, read it here.
Introduction This story begins with a conversation about new PC parts.
After ignoring the advice from my friend, I bought a new ASUS motherboard for my…
Introduction This story begins with a conversation about new PC parts.
After ignoring the advice from my friend, I bought a new ASUS motherboard for my…
Modernizing LDAP with Keycloak: Build a Scalable, Secure IAM Architecture #ModernizeLDAP #Keycloak #SecureIAM #ScalableArchitecture #EasyIntegration https://www.cloud-iam.com/post/ldap-idp-broker
Cloud-Iam
Modernizing LDAP with Keycloak: Build a Scalable, Secure IAM Architecture
Learn how to extend your existing LDAP infrastructure using Keycloak—without replatforming. This guide covers integration strategies, SSO, MFA, and identity federation best practices.
Stateful Connection With Spoofed Source IP — NetImpostor #StatefulConnection #SpoofedSourceIP #ARPpoisoning #NetImpostor #NetworkImpersonation https://tastypepperoni.medium.com/stateful-connection-with-spoofed-source-ip-netimpostor-ece8b950a981
Medium
Stateful Connection With Spoofed Source IP — NetImpostor
Overview
Eclipse on Next.js: Conditioned exploitation of an intended race-condition #NextJsEclipseExploitation #RaceConditionResearch #RaceConditionExploit #CachePoisoning #WebSecurityResearch https://zhero-web-sec.github.io/research-and-things/eclipse-on-nextjs-conditioned-exploitation-of-an-intended-race-condition
zhero_web_security
Eclipse on Next.js: Conditioned exploitation of an intended race-condition
CVE-2025-32421
Finding Heap Overflows with AFL++ Unicorn Mode #HeapOverflow #Fuzzing #UnicornMode #MemorySafety #BlackHatUSA https://medium.com/@cy1337/finding-heap-overflows-with-afl-unicorn-mode-18e85d571c0f
Medium
Finding Heap Overflows with AFL++ Unicorn Mode
In my last post, I demonstrated a basic approach to fuzzing an RTOS firmware using AFL++’s Unicorn mode. The provided firmware for that…
Malvertising’s New Threat: Exploiting Trusted Google Domains #Malvertising #GoogleAPIs https://www.geoedge.com/malvertisings-new-threat-exploiting-trusted-google-domains/
GeoEdge
Malvertising's New Threat: Exploiting Trusted Google Domains
A new malvertising scheme is turning legitimate e-commerce sites into phishing traps without the knowledge of site owners or advertisers. By exploiting the integrations with Google APIs, they are injecting malicious scripts into ecommerce sites using JSONP…
Red Team Gold: Extracting Credentials from MDT Shares #TrustedSec #RedTeamGold #MDTShares #CredentialsExtraction #EnterpriseSecurity https://trustedsec.com/blog/red-team-gold-extracting-credentials-from-mdt-shares
TrustedSec
Red Team Gold: Extracting Credentials from MDT Shares
EvilWorker #EvilWorker #AiTMattack #ServiceWorkers #CredentialPhishing #InnovativeApproach https://medium.com/@ahaz1701/evilworker-da94ae171249
Medium
EvilWorker: a new AiTM attack framework based on leveraging service workers
EvilWorker is a new AiTM attack framework designed to conduct credential phishing campaigns.
Branch Privilege Injection: Exploiting Branch Predictor Race Conditions #BranchPrivilegeInjection #RaceCondition #Intel #Vulnerability #SecurityMitigations https://comsec.ethz.ch/research/microarch/branch-privilege-injection/
Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817) #CVE2025 #Netwrix #RCE #PasswordSecure #RemoteCodeExecution https://www.8com.de/cyber-security-blog/authenticated-remote-code-execution-in-netwrix-password-secure-cve-2025-26817
www.8com.de
cve-2025-26817 netwrix rce
Authenticated Remote Code Execution Vulnerability in Netwrix Password Secure
Automating MS-RPC vulnerability research #AutomatingVulnerabilityResearch #MS-RPCProtocol #FuzzingApproach #NTObjectManager #SecurityResearch https://www.incendium.rocks/posts/Automating-MS-RPC-Vulnerability-Research/
Remco van der Meer
Automating MS-RPC vulnerability research
Diving into the MS-RPC protocol and how to automate vulnerability research using a fuzzing approach.
Live Forensic Collection from Ivanti EPMM Appliances (CVE-2025-4427 & CVE-2025-4428) #LiveForensicCollection #IvantiEPMMAppliances #CVE20254427 #CVE20254428 #ProferoInsights https://profero.io/blog/ivanti-epmm-attacks
profero.io
Live Forensic Collection from Ivanti EPMM Appliances (CVE-2025-4427 & CVE-2025-4428)
Two newly discovered vulnerabilities (CVE-2025-4427 CVE-2025-4428) in Ivanti Endpoint Mobile Manager are being actively exploited leading to severe data breach
CVE-2025-32756: Low-Rise Jeans are Back and so are Buffer Overflows #CVE-2025-32756 #NodeZero #RCE #BufferOverflow #Fortinet https://horizon3.ai/attack-research/attack-blogs/cve-2025-32756-low-rise-jeans-are-back-and-so-are-buffer-overflows/
Horizon3.ai
CVE-2025-32756: Fortinet RCE Exploited in the Wild
Analyze CVE-2025-32756, a Fortinet buffer overflow flaw under active attack, and see how NodeZero can validate exposure now.
BadUSB Attack Explained: From Principles to Practice and Defense #BadUSBAttack #USBsecurity #ArduinoHack #DefenseStrategy #CybersecurityTips https://insbug.medium.com/badusb-attack-explained-from-principles-to-practice-and-defense-3bfe88ec2eeb
Medium
BadUSB Attack Explained: From Principles to Practice and Defense
Discover how to implement it with Arduino UNO, and what security measures can protect your system.
How I ruined my vacation by reverse engineering WSC #ReverseEngineering #WindowsDefender #PainfulResearch #DebuggingWSC https://blog.es3n1n.eu/posts/how-i-ruined-my-vacation/
blog.es3n1n.eu
How I ruined my vacation by reverse engineering WSC
In this post I will briefly describe the journey I went through while implementing defendnot, a tool that disables Windows Defender by using the Windows Security Center (WSC) service API directly.
Even though this is most likely not what you expected to see…
Even though this is most likely not what you expected to see…
🔥1😢1
Threat of TCC Bypasses on macOS #TCCBypass #macOSThreat #AFINECybersecurity #DigitallySecure #PrivacyProtection https://afine.com/threat-of-tcc-bypasses-on-macos/
AFINE - digitally secure
Threat of TCC Bypasses on macOS - AFINE - digitally secure
TCC bypass on macOS isn't just an annoying prompt—it's the last line of defense between malware and your private data. Learn why.