Stealthy Persistence With Non-Existent Executable File #StealthyPersistence #NonExistentExec #CreateProcessExploit #EDREvasion #RedTeamTactics https://www.zerosalarium.com/2025/09/Stealthy-Persistence-With-Non-Existent-Executable-File.html
Zerosalarium
Stealthy Persistence With Non-Existent Executable File
Exploiting the mechanism that automatically searches for additional executable files when Windows detects that the requested file does not exist
Worldcoin Advances Quantum-Secure AMPC with UTEC Peru https://blockchainreporter.net/worldcoin-advances-quantum-secure-ampc-with-utec-peru/
blockchainreporter
Worldcoin Advances Quantum-Secure AMPC With UTEC Peru
Worldcoin joins UTEC Peru to advance AMPC-driven quantum-secure technology to enhance privacy and academic validation for decentralized digital identity.
iOS/macOS Critical DNG Image Processing Memory Corruption Exploitation #DNGExploit #iOSmacOS #RCE #MemoryCorruption #CVE202543300 https://pwn.guide/free/hardware/cve202543300
pwn.guide
iOS/macOS Critical DNG Image Processing Memory Corruption Exploitation
Learn about the new critical CVE-2025-43300 vulnerability that allows RCE on iOS & macOS.
Beacon Object File (BOF) to kill a process by specifying its PID #RedTeaming #BOF #ProcessKill #CookieHarvest #AWSSSO https://tierzerosecurity.co.nz/2025/09/08/killerPID-BOF.html
Tier Zero Security
Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team
Break The Protective Shell Of Windows Defender With The Folder Redirect Technique #WindowsDefender #FolderRedirect #AVBypass #SymlinkExploit #RedTeaming https://www.zerosalarium.com/2025/09/Break-Protective-Shell-Windows-Defender-Folder-Redirect-Technique-Symlink.html
Zerosalarium
Break The Protective Shell Of Windows Defender With The Folder Redirect Technique
Exploiting vulnerability in the update mechanism of Windows Defender by using a symbolic link folder. Destroying or injecting code into Defender
Department of War Doesn’t Defend its Web Streams From Hackers #DepartmentOfWar #StreamKeyLeak #LivestreamHack #CyberSecurityFail #DisinformationRisk https://theintercept.com/2025/09/08/department-of-war-defense-stream-keys-hackers-livestream-hack-security/
The Intercept
Department of War Doesn’t Defend its Web Streams From Hackers
The Pentagon publicly posts the stream keys to its Facebook, YouTube, and X channels, exposing livestreams to account takeovers.
Memory Integrity Enforcement: A complete vision for memory safety in Apple devices #MemorySafety #AppleSecurity #MIE #AppleSilicon #ExploitPrevention https://security.apple.com/blog/memory-integrity-enforcement/
Memory Integrity Enforcement: A complete vision for memory safety in Apple devices - Apple Security Research
Memory Integrity Enforcement (MIE) is the culmination of an unprecedented design and engineering effort spanning half a decade that combines the unique strengths of Apple silicon hardware with our advanced operating system security to provide industry-first…
Pwn My Ride: Exploring the CarPlay Attack Surface #CarPlayHacking #CVE202524132 #AirPlayVulnerability #ConnectedCarSecurity #AutomotiveCybersecurity https://www.oligo.security/blog/pwn-my-ride-exploring-the-carplay-attack-surface
www.oligo.security
Apple CarPlay Hacking Risks: CVE-2025-24132 Explained | Oligo Security
At DefCon, Oligo Security revealed critical Apple CarPlay vulnerabilities, including CVE-2025-24132 in the AirPlay SDK. Learn how attackers exploit iAP2 and AirPlay to compromise connected cars, and why patching delays leave vehicles exposed.
Kerberoasting #Kerberoasting #ActiveDirectory #MicrosoftSecurity #WeakCrypto #PasswordCracking https://blog.cryptographyengineering.com/2025/09/10/kerberoasting/
A Few Thoughts on Cryptographic Engineering
Kerberoasting
I learn about cryptographic vulnerabilities all the time, and they generally fill me with some combination of jealousy (“oh, why didn’t I think of that”) or else they impress me w…
Blurring the Lines: Intrusion Shows Connection With Three Major Ransomware Gangs #Ransomware #CyberIntrusion #ThreatActor #MalwareAnalysis #DFIRReport https://thedfirreport.com/2025/09/08/blurring-the-lines-intrusion-shows-connection-with-three-major-ransomware-gangs/
The DFIR Report
Blurring the Lines: Intrusion Shows Connection With Three Major Ransomware Gangs
Key Takeaways The intrusion began when a user downloaded and executed a malicious file impersonating DeskSoft’s EarthTime application but instead dropped SectopRAT malware. The threat actor d…
You Already Have Our Personal Data, Take Our Phone Calls Too (FreePBX CVE-2025-57819) #FreePBX #ZeroDay #CVE202557819 #SQLInjection #VoIPSecurity https://labs.watchtowr.com/you-already-have-our-personal-data-take-our-phone-calls-too-freepbx-cve-2025-57819/
watchTowr Labs
You Already Have Our Personal Data, Take Our Phone Calls Too (FreePBX CVE-2025-57819)
We’re back - it’s a day, in a month, in a year - and once again, something has happened.
In this week’s episode of “the Internet is made of string and there is literally no evidence to suggest otherwise”, we present even further evidence that as a
In this week’s episode of “the Internet is made of string and there is literally no evidence to suggest otherwise”, we present even further evidence that as a
NT OS Kernel Information Disclosure Vulnerability – CVE-2025-53136 #CVE202553136 #KernelLeak #WindowsVulnerability #RaceCondition #KASLRBypass https://www.crowdfense.com/nt-os-kernel-information-disclosure-vulnerability-cve-2025-53136/
Crowdfense
NT OS Kernel Information Disclosure Vulnerability - CVE-2025-53136 - Crowdfense
Bidding farewell to one of the last kernel address leaks, CVE-2025-53136. Even patches can open new doors for exploitation.
Fine-grained HTTP filtering for Claude Code #AIAgentSecurity #HTTPFiltering #EgressControl #DevToolSecurity #NetworkIsolation https://ammar.io/blog/httpjail
ammar.io
Fine-grained HTTP filtering for Claude Code
Default‑deny HTTP(S) for dev tools and AI agents. Script rules in JS or shell, log every request, and keep egress within your policy.