Posted by MarsR0ver_ - 1 vote and 0 comments

An organization's core credentials sat in public repositories for years. The security industry's answer: "Out of scope."

Angreifer können die NTLMv1-Gruppenrichtlinie umgehen in Active Directory. Entdecken SilverfortDie Forschung von [Name] befasst sich mit dieser kritischen Sicherheitslücke und damit, wie Sie Ihre Organisation schützen können.

How we replaced a Falco sidecar with an embedded eBPF sensor, built a five-stage event pipeline, and learned the hard way why namespace scoping matters for enforcement.

Sandbox escape and WhatsApp integration incident found during red-team testing of Minimus OpenClaw. Full attack chain breakdown and remediation.

AI is starting to find real vulnerabilities on its own. But every time it runs without a human in the loop, things go sideways. The future of security research is human-guided AI, not AI alone.

We’re on a journey to advance and democratize artificial intelligence through open source and open science.

One zero-byte QUIC packet is enough to desynchronize HAProxy’s backend connection pool and smuggle HTTP requests across unrelated users — even users on a completely different frontend protocol.

A technical teardown of the RedSun zero-day — the second Defender escalation in two weeks from the same researcher — grounded in the actual source code.

Two phase intrusion: RDP brute force, privacy.sexy defense kill, Cobalt Strike, SoftPerfect Network Scanner, custom Rust exfiltration tool across 6,900+ Cloudflare IPs, personalized ransom notes addressed by name to every employee. Full negotiation chats…

The most important line in CVE-2026-33825's hundred-kilobyte proof of concept is two comment characters. A line-by-line walk of FunnyApp.cpp — the batch oplock, the object namespace redirect, the Cloud Files freeze, and what the author chose not to ship.

The third zero-day from the same researcher makes Defender permanently blind from a standard user account — no elevation required. A line-by-line walk of UnDefend.cpp, and the one mechanism that didn't ship.

This is the second in a series of posts about anonymous credentials. You can find this first part here. In the previous post, we introduced the notion of anonymous credentials as a technique that a…

AI is changing how vulnerabilities are found, not how they’re fixed. Defenders need a new approach: shrinking the attack surface before vulnerabilities exist.

Turning "cat readme.txt" into arbitrary code execution in iTerm2.

Bright Data's residential proxy SDK ships a public partner manifest listing the publishers it relays traffic through. CTV distributors reaching Comcast, Sky, LG, Samsung, Roku, and 125+ other TV brands are on the list. The SDK's 200 GB/month bandwidth budget…

How I went from dismissing TPM as a Windows 11 annoyance to using it as a hardware trust anchor for CodSpeed's bare-metal runners.

A prototype pollution attack in Adobe Acrobat ≤26.001.21367 makes every object in the JavaScript engine report that it's trusted. The PoC on GitHub isn't a scanner. It's a cross-platform, lure-merged, environment-keyed, campaign-tracked PDF weaponizer that…

A high frequency gravitational wave generator including a gas filled shell with an outer shell surface, microwave emitters, sound generators, and acoustic vibration resonant gas-filled cavities. The outer shell surface is electrically charged and vibrated…