Modernizing LDAP with Keycloak: Build a Scalable, Secure IAM Architecture #ModernizeLDAP #Keycloak #SecureIAM #ScalableArchitecture #EasyIntegration https://www.cloud-iam.com/post/ldap-idp-broker
Cloud-Iam
Modernizing LDAP with Keycloak: Build a Scalable, Secure IAM Architecture
Learn how to extend your existing LDAP infrastructure using Keycloak—without replatforming. This guide covers integration strategies, SSO, MFA, and identity federation best practices.
Stateful Connection With Spoofed Source IP — NetImpostor #StatefulConnection #SpoofedSourceIP #ARPpoisoning #NetImpostor #NetworkImpersonation https://tastypepperoni.medium.com/stateful-connection-with-spoofed-source-ip-netimpostor-ece8b950a981
Medium
Stateful Connection With Spoofed Source IP — NetImpostor
Overview
Eclipse on Next.js: Conditioned exploitation of an intended race-condition #NextJsEclipseExploitation #RaceConditionResearch #RaceConditionExploit #CachePoisoning #WebSecurityResearch https://zhero-web-sec.github.io/research-and-things/eclipse-on-nextjs-conditioned-exploitation-of-an-intended-race-condition
zhero_web_security
Eclipse on Next.js: Conditioned exploitation of an intended race-condition
CVE-2025-32421
Finding Heap Overflows with AFL++ Unicorn Mode #HeapOverflow #Fuzzing #UnicornMode #MemorySafety #BlackHatUSA https://medium.com/@cy1337/finding-heap-overflows-with-afl-unicorn-mode-18e85d571c0f
Medium
Finding Heap Overflows with AFL++ Unicorn Mode
In my last post, I demonstrated a basic approach to fuzzing an RTOS firmware using AFL++’s Unicorn mode. The provided firmware for that…
Malvertising’s New Threat: Exploiting Trusted Google Domains #Malvertising #GoogleAPIs https://www.geoedge.com/malvertisings-new-threat-exploiting-trusted-google-domains/
GeoEdge
Malvertising's New Threat: Exploiting Trusted Google Domains
A new malvertising scheme is turning legitimate e-commerce sites into phishing traps without the knowledge of site owners or advertisers. By exploiting the integrations with Google APIs, they are injecting malicious scripts into ecommerce sites using JSONP…
Red Team Gold: Extracting Credentials from MDT Shares #TrustedSec #RedTeamGold #MDTShares #CredentialsExtraction #EnterpriseSecurity https://trustedsec.com/blog/red-team-gold-extracting-credentials-from-mdt-shares
TrustedSec
Red Team Gold: Extracting Credentials from MDT Shares
EvilWorker #EvilWorker #AiTMattack #ServiceWorkers #CredentialPhishing #InnovativeApproach https://medium.com/@ahaz1701/evilworker-da94ae171249
Medium
EvilWorker: a new AiTM attack framework based on leveraging service workers
EvilWorker is a new AiTM attack framework designed to conduct credential phishing campaigns.
Branch Privilege Injection: Exploiting Branch Predictor Race Conditions #BranchPrivilegeInjection #RaceCondition #Intel #Vulnerability #SecurityMitigations https://comsec.ethz.ch/research/microarch/branch-privilege-injection/
Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817) #CVE2025 #Netwrix #RCE #PasswordSecure #RemoteCodeExecution https://www.8com.de/cyber-security-blog/authenticated-remote-code-execution-in-netwrix-password-secure-cve-2025-26817
www.8com.de
cve-2025-26817 netwrix rce
Authenticated Remote Code Execution Vulnerability in Netwrix Password Secure
Automating MS-RPC vulnerability research #AutomatingVulnerabilityResearch #MS-RPCProtocol #FuzzingApproach #NTObjectManager #SecurityResearch https://www.incendium.rocks/posts/Automating-MS-RPC-Vulnerability-Research/
Remco van der Meer
Automating MS-RPC vulnerability research
Diving into the MS-RPC protocol and how to automate vulnerability research using a fuzzing approach.
Live Forensic Collection from Ivanti EPMM Appliances (CVE-2025-4427 & CVE-2025-4428) #LiveForensicCollection #IvantiEPMMAppliances #CVE20254427 #CVE20254428 #ProferoInsights https://profero.io/blog/ivanti-epmm-attacks
profero.io
Live Forensic Collection from Ivanti EPMM Appliances (CVE-2025-4427 & CVE-2025-4428)
Two newly discovered vulnerabilities (CVE-2025-4427 CVE-2025-4428) in Ivanti Endpoint Mobile Manager are being actively exploited leading to severe data breach
CVE-2025-32756: Low-Rise Jeans are Back and so are Buffer Overflows #CVE-2025-32756 #NodeZero #RCE #BufferOverflow #Fortinet https://horizon3.ai/attack-research/attack-blogs/cve-2025-32756-low-rise-jeans-are-back-and-so-are-buffer-overflows/
Horizon3.ai
CVE-2025-32756: Fortinet RCE Exploited in the Wild
Analyze CVE-2025-32756, a Fortinet buffer overflow flaw under active attack, and see how NodeZero can validate exposure now.
BadUSB Attack Explained: From Principles to Practice and Defense #BadUSBAttack #USBsecurity #ArduinoHack #DefenseStrategy #CybersecurityTips https://insbug.medium.com/badusb-attack-explained-from-principles-to-practice-and-defense-3bfe88ec2eeb
Medium
BadUSB Attack Explained: From Principles to Practice and Defense
Discover how to implement it with Arduino UNO, and what security measures can protect your system.
How I ruined my vacation by reverse engineering WSC #ReverseEngineering #WindowsDefender #PainfulResearch #DebuggingWSC https://blog.es3n1n.eu/posts/how-i-ruined-my-vacation/
blog.es3n1n.eu
How I ruined my vacation by reverse engineering WSC
In this post I will briefly describe the journey I went through while implementing defendnot, a tool that disables Windows Defender by using the Windows Security Center (WSC) service API directly.
Even though this is most likely not what you expected to see…
Even though this is most likely not what you expected to see…
🔥1😢1
Threat of TCC Bypasses on macOS #TCCBypass #macOSThreat #AFINECybersecurity #DigitallySecure #PrivacyProtection https://afine.com/threat-of-tcc-bypasses-on-macos/
AFINE - digitally secure
Threat of TCC Bypasses on macOS - AFINE - digitally secure
TCC bypass on macOS isn't just an annoying prompt—it's the last line of defense between malware and your private data. Learn why.
Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008) #SecurityAdvisory #RemoteCommandExecution #CVE20254008 #ONEKEYResearch #EUcyberresilienceact https://www.onekey.com/resource/security-advisory-remote-command-execution-on-smartbedded-meteobridge-cve-2025-4008
Onekey
Security Advisory: Remote Command Execution on Smartbedded MeteoBridge (CVE-2025-4008) | ONEKEY Research | Research | ONEKEY
Explore ONEKEY Research Lab's security advisory detailing a critical vulnerability in Smartbedded MeteoBridge. Learn about the risks and recommended actions.
The Single-Packet Shovel: Digging for Desync-Powered Request Tunnelling #RequestTunnelling #DetectionTechnique #WebSecurityResearch #HTTPDesyncAttacks #SinglePacketAttack https://www.assured.se/posts/the-single-packet-shovel-desync-powered-request-tunnelling
Assured AB
The Single-Packet Shovel: Digging for Desync-Powered Request Tunnelling
In this paper I will reveal the discovery of wide-spread cases of request tunnelling in applications powered by popular servers including IIS, Azure Front Door and AWS' application load balancer including the creation of a novel detection technique that combined…
Remote Prompt Injection in GitLab Duo Leads to Source Code Theft #RemotePromptInjection #GitLabDuo #SourceCodeTheft #LegitPrevention #OWASPTop10 https://www.legitsecurity.com/blog/remote-prompt-injection-in-gitlab-duo
Legitsecurity
Remote Prompt Injection in GitLab Duo Leads to Source Code Theft
The Legit research team unearthed vulnerabilities in GitLab Duo.