Engineering security at the undocumented layer of Windows.

Building CrowdStrike Falcon Fusion workflows with Claude Skills. What if you could just describe your security workflows?

Learn more about SafeBreach Labs discovery of CVE-2025-29969, a critical RCE vulnerability in the MS-EVEN RPC protocol in Microsoft Windows.

Jason Snitker, AKA Parmaster, has passed away. One of the sharpest and most elusive minds of the early underground hacking scene.

Most organizations run tabletop exercises and detection tests in isolation, creating blind spots that only show up during real incidents. Pairing a tabletop exercise with a TTP replay exposes the…

How a pre-installed system app turns saved locations into a persistent cross-session tracking identifier

Samsung devices ship with a weather application that issues periodic HTTP requests to The Weather Company's API (api.weather.com) at fixed intervals.…

Autonomous AI agents run 24/7 with shell access, network connectivity, and full filesystem permissions. We built Azazel, an eBPF-based…

A technical writeup on a 0day vulnerability I reported inside SpiderMonkey, Firefox's JS engine

There is a silent epidemic of ransomware attacks on commercial operational technology systems, which are mischaracterized as IT incidents even though they impact

VicK Consultoría en Tecnología - Soluciones de ciberseguridad, verificación de firmas, PKI y autenticación biométrica basadas en geometría natural.

A discussion of the recent cyber attacks against a number of targets connected to Polands electric grid.

And as I click publish on this post, the database is still, publicly exposed and has not been patched.

AI-powered stock filing analysis across 7 global markets. Upload any filing and get instant insights in plain English.

Passkeys solve the authentication problem corporate IT has been fighting for decades. But the more interesting story is what happens when every employee has a hardware-backed key generation and storage facility in their pocket.

Cross-site scripting (XSS) remains one of the most prevalent vulnerabilities on the web. The new standardized Sanitizer API provides a straightforward way for web developers to sanitize untrusted HTML before inserting it into the DOM. Firefox 148 is the first…

Monthly AI threat intelligence report with interactive analysis of attack patterns targeting AI agents and LLMs.