Hidden in Plain Sight: A Misconfigured Upload Path That Invited Trouble #MisconfiguredPath #WebServerBreach #WebShellDetected #FileUploadRisk #CybersecurityIncident https://www.varonis.com/blog/misconfigured-upload-path
Varonis
Hidden in Plain Sight: A Misconfigured Upload Path That Invited Trouble
A misconfigured upload path exposed a Linux web server to attack. Varonis Threat Labs reveals how it happened and how to prevent future breaches.
Advisory - Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309) Please provide the text you would like me to summarize in 5 hashtags! https://blog.amberwolf.com/blog/2025/august/advisory---netskope-client-for-windows---local-privilege-escalation-via-rogue-server/
Amberwolf
Advisory - Netskope Client for Windows - Local Privilege Escalation via Rogue Server (CVE-2025-0309)
AmberWolf Security Research Blog
👍1
Papers and code are great, but our team is what makes it happen. ❤️
Reflecting on 2025: A year of hard work, sleepless nights, and incredible success.
A huge thank you to everyone involved. Here's to 2026! 🥂 #Research #Awards #2025Summary https://reversea.me/index.php/a-year-of-breakthroughs-reflecting-on-2025/
Reflecting on 2025: A year of hard work, sleepless nights, and incredible success.
A huge thank you to everyone involved. Here's to 2026! 🥂 #Research #Awards #2025Summary https://reversea.me/index.php/a-year-of-breakthroughs-reflecting-on-2025/
🎉6
Happy New Year, folks! Happy 2026 vulnerability hunting season to all!🍾🥂
🍾3
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers https://blog.byteray.co.uk/zero-day-alert-automated-discovery-of-critical-cwmp-stack-overflow-in-tp-link-routers-0bc495a08679
Medium
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers
ZERO-DAY ALERT: Automated Discovery of Critical CWMP Stack Overflow in TP-Link Routers Update CVE assigned: CVE-2025–9961 NVD Awaiting Analysis This CVE record has been marked for NVD enrichment …
anti-patterns and patterns for achieving secure generation of code via AI #AICodeGeneration #SecureDevelopment #AIAgents #AntiPatterns #FutureOfCoding https://ghuntley.com/secure-codegen/
Geoffrey Huntley
anti-patterns and patterns for achieving secure generation of code via AI
I just finished up a phone call with a "stealth startup" that was pitching an idea that agents could generate code securely via an MCP server. Needless to say, the phone call did not go well. What follows is a recap of the conversation where I just shot down…
Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel #CVE202450264 #LinuxKernel #UAFExploitation #RaceCondition #KernelHacking https://a13xp0p0v.github.io/2025/09/02/kernel-hack-drill-and-CVE-2024-50264.html
Alexander Popov
Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel
Some memory corruption bugs are much harder to exploit than others. They can involve race conditions, crash the system, and impose limitations that make a researcher's life difficult. Working with such fragile vulnerabilities demands significant time and…
Inline Style Exfiltration: leaking data with chained CSS conditionals #CSSExfiltration #InlineStyles #CSSInjection #AttributeData #CSSConditionals https://portswigger.net/research/inline-style-exfiltration
PortSwigger Research
Inline Style Exfiltration: leaking data with chained CSS conditionals
I discovered how to use CSS to steal attribute data without selectors and stylesheet imports! This means you can now exploit CSS injection via style attributes! Learn how below: Someone asked if you c
Marshal madness: A brief history of Ruby deserialization exploits #Ruby #Deserialization #Exploits #Security #MarshalMadness https://blog.trailofbits.com/2025/08/20/marshal-madness-a-brief-history-of-ruby-deserialization-exploits/
The Trail of Bits Blog
Marshal madness: A brief history of Ruby deserialization exploits
This post traces the decade-long evolution of Ruby Marshal deserialization exploits, demonstrating how security researchers have repeatedly bypassed patches and why fundamental changes to the Ruby ecosystem are needed rather than continued patch-and-hope…
Leveraging Raw Disk Reads to Bypass EDR https://medium.com/workday-engineering/leveraging-raw-disk-reads-to-bypass-edr-f145838b0e6d
Medium
Leveraging Raw Disk Reads to Bypass EDR
Drivers are a common part of every Windows environment, and many of them provide low-level functionality. This blog details how to connect…
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver – CVE-2025-53149 #CVE202553149 #BufferOverflow #KernelStreaming #WindowsVulnerability #Crowdfense https://www.crowdfense.com/cve-2025-53149-windows-ksthunk-heap-overflow/
Crowdfense
Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver - CVE-2025-53149 - Crowdfense
Technical deep-dive into CVE-2025-53149, a heap-based buffer overflow in the Windows Kernel Streaming WOW Thunk Service driver (ksthunk.sys).
Subverting code integrity checks to locally backdoor Signal, 1Password, Slack, and more #ElectronVulnerability #CodeIntegrityBypass #HeapSnapshotAttack #ChromiumSecurity #AppBackdoor https://blog.trailofbits.com/2025/09/03/subverting-code-integrity-checks-to-locally-backdoor-signal-1password-slack-and-more/
The Trail of Bits Blog
Subverting code integrity checks to locally backdoor Signal, 1Password, Slack, and more
A vulnerability in Electron applications allows attackers to bypass code integrity checks by tampering with V8 heap snapshot files, enabling local backdoors in applications like Signal, 1Password, and Slack.
Intercepting Thick Client TCP and TLS Traffic https://infosecwriteups.com/intercepting-thick-client-tcp-and-tls-traffic-72fab07fffe7
Medium
Intercepting Thick Client TCP and TLS Traffic
Intercepting and analysing the traffic is one of the important parts of the pentest, whether it’s a mobile, web or desktop application. On…
TLS NoVerify: Bypass All The Things #TLSBypass #LD_PRELOAD #SecurityResearch #EmbeddedSecurity #CertificateValidation https://f0rw4rd.github.io/posts/tls-noverify-bypass-all-the-things/
f0rw4rd
TLS NoVerify: Bypass All The Things
Learn how to bypass TLS certificate validation on Linux using LD_PRELOAD for security research and debugging of embedded systems and native applications
Stealthy Persistence With Non-Existent Executable File #StealthyPersistence #NonExistentExec #CreateProcessExploit #EDREvasion #RedTeamTactics https://www.zerosalarium.com/2025/09/Stealthy-Persistence-With-Non-Existent-Executable-File.html
Zerosalarium
Stealthy Persistence With Non-Existent Executable File
Exploiting the mechanism that automatically searches for additional executable files when Windows detects that the requested file does not exist
Worldcoin Advances Quantum-Secure AMPC with UTEC Peru https://blockchainreporter.net/worldcoin-advances-quantum-secure-ampc-with-utec-peru/
blockchainreporter
Worldcoin Advances Quantum-Secure AMPC With UTEC Peru
Worldcoin joins UTEC Peru to advance AMPC-driven quantum-secure technology to enhance privacy and academic validation for decentralized digital identity.
iOS/macOS Critical DNG Image Processing Memory Corruption Exploitation #DNGExploit #iOSmacOS #RCE #MemoryCorruption #CVE202543300 https://pwn.guide/free/hardware/cve202543300
pwn.guide
iOS/macOS Critical DNG Image Processing Memory Corruption Exploitation
Learn about the new critical CVE-2025-43300 vulnerability that allows RCE on iOS & macOS.
Beacon Object File (BOF) to kill a process by specifying its PID #RedTeaming #BOF #ProcessKill #CookieHarvest #AWSSSO https://tierzerosecurity.co.nz/2025/09/08/killerPID-BOF.html
Tier Zero Security
Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team