Famous Deepfake Scandals: Look at how governments and companies responded to deepfake incidents, such as the use of deepfakes in disinformation campaigns or political manipulation.
Bug Reports and Security Audits: Explore past bug bounty reports related to deepfakes or AI systems. Learning from these cases will sharpen your skills in identifying similar vulnerabilities.
9. Report Findings Responsibly
If you find vulnerabilities related to deepfakes in a bug bounty program, be sure to:

Provide Detailed Evidence: Document your findings with clear, reproducible steps. For example, if a facial recognition system can be bypassed with a deepfake, include details on how the attack works.
Ethical Considerations: Always follow ethical guidelines. Do not exploit deepfake vulnerabilities maliciously—use them solely to improve security.

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Search for Leaked Zoom Meeting Links via Wayback Machine

1. Target URL:

Use Wayback Machine to search for archived Zoom meeting links of the target, e.g., target.zoom.us.



2. Wayback Machine URL:

Visit archive links like:

https://web(.)archive(.)org/web/*/https://target(.)zoom(.)us/*




3. Find Meeting Links:

Look for URLs with meeting IDs and passwords, such as: http://target(.)zoom(.)us/j/3122529044?pwd=xxxxxx



4. Check Activity:

If the link contains pwd=xxxx, test if it is still active.

Active links grant access to private meetings.




Risk: This can expose sensitive company information, leading to significant security breaches.

You can also find a shared link to the recorded video to demonstrate greater impact.

Risks Highlighted in the Report:

1. Unauthorized Access:

Leaked Zoom links allow attackers to join private LinkedIn meetings without authorization.

2. Anonymity of Attackers:

The anonymity option in Zoom enables malicious actors to participate undetected.

3. Sensitive Information Exposure:

Attackers can gain access to confidential LinkedIn discussions and sensitive data.

4. Impersonation Threat:

Malicious actors can impersonate LinkedIn for phishing, fraudulent recruitment, or advertising scams.

5. Content Hijacking:

Attackers with knowledge of meeting times can claim host privileges and disrupt meetings by sharing obscene or inappropriate content.

6. Scalability of Attack:

LinkedIn’s enterprise Zoom plan allows attackers to add numerous unauthorized participants, amplifying the potential damage.

7. Reputational & Financial Damage:

Breach of internal meetings can harm LinkedIn’s reputation and result in financial exploitation.

https://x.com/MrRajputHacker/status/1879423022769336570?t=57L3i_dLYPUbH2Mgagohbw&s=19
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑More Free Cybersecurity Certificates

added to

https://undercodenews.com/top-2025-free-certified-cybersecurity-courses-recommended-by-undercode/

🦑Disabling EDRs by File Rename Junctions (Crowdstrike)

PendingFileRenameOperations allows applications to create file rename operations by creating a registry entry under the HKLM\SYSTEM\CurrentControlSet\Control\Session Manager. Initially I attempted to create this entry, pointing it towards the EDR binary as such in PowerShell, based on the StackOverflow thread.

➡️ Powershell start :

new-ItemProperty -path "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" -Name "PendingFileRenameOperations" -Value $($((Get-ItemProperty "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager" -Name PendingFileRenameOperations -ErrorAction SilentlyContinue).PendingFileRenameOperations) + "\??\C:\Program Files\<EDR_PATH>.exe`0`0") -type MultiString -Force | Out-Null

➡️ Powershell end.

⚠️ This works for AVs/EDRs without anti-tampering. Security products with anti-tampering can use [CmRegisterCallbackEx](https://lnkd.in/dmCGSwnX) to monitor and block registry operations from the kernel. A kernel driver could block registry keys from being created if they referenced their core services.

Using a reparse point (junction) - kudos again to sixtyvividtails - we can create a junction from: C:\program-files -> C:\Program Files\

And yet again we can create our PendingFileRenameOperations, pointing the key at the EDR binary pathed through our junction, something that most EDRs do not check. All of this of course requires Admin privileges. On the next reboot, any core EDR binaries will be renamed to "", in turn being deleted.

Ref: Simon Ngoy
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HACK-RF BLUETOOTH SPAM?

Most people don’t know that before Flipper zero came, Hackrf was and is still doing Bluetooth spamming and crushing iOS devices. I’m doing this POC on my iPhone 13 with 18.2.1 update and as you can see is working even with Bluetooth is off. The HackRF is bigger than the Flipper Zero in the context of Bluetooth spoofing because it provides greater flexibility, power, and signal control for professional-grade research and exploitation. You can do on both iOS, windows and Android 🤝


Ref: Daniel Anyemedu
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑XSS Attack Simulation Using DVWA and Metasploit

In this simulation, I demonstrated how Cross-Site Scripting (XSS) attacks work using Kali Linux, Metasploit, and the Damn Vulnerable Web Application (DVWA).

Here’s a breakdown of what I did:

1. Set up the target environment: DVWA was configured to demonstrate how vulnerable web apps can be.

2. Launched the attack: Using Metasploit, I injected a malicious script into a vulnerable input field on the DVWA platform.

3. Observed the impact: The script executed successfully, proving how attackers can use XSS to steal sensitive information or manipulate web content.

Attackers use XSS to hijack user sessions, steal cookies, or manipulate data, all without the user knowing. It’s one of the most common vulnerabilities in web applications.

Hence, it's important to
1. Validate and sanitize all user inputs.
2. Implement strong Content Security Policies (CSP).
3. Regularly test your web applications for vulnerabilities using tools like DVWA.
4. Educate developers and organizations on secure coding practices.

This is a reminder of why secure coding and constant vulnerability testing are critical for protecting web applications.

Ref: Kate Amarachukwu Igwilo
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to Check If Someone Is Spying On Your Computer! 🧑‍💻🥷 (Level: Basic- Mac)

1️⃣ Go to System Preferences: Open the Apple menu and click on "System Preferences."

2️⃣ Check Users & Groups: Click on "Users & Groups" to see the list of accounts on your Mac.

3️⃣ Look for Suspicious Users: Review the list and ensure all accounts are familiar. If there’s an account you don’t recognize, it could be a sign of unauthorized access.

4️⃣ Check for Sharing Settings: Go back to "System Preferences" and click on "Sharing." Ensure only the services you intentionally turned on (like file sharing) are enabled, and verify the users who have access.

5️⃣ Audit Your Applications: Open "Activity Monitor" and check the running processes. Look out for any apps or processes you don’t recognize. Google their names if you’re unsure.

Ref: Caitlin Sarian
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Proof of concept & details for Outlook RTF Vuln:

https://github.com/ynwarcs/CVE-2025-21298

🦑 After revolutionizing the cyber and tech news landscape with UndercodeNews.com and building a rapidly growing vulnerability database at DailyCVE.com, now attracting hundreds of human visitors daily, we proudly present our latest venture: UndercodeTesting.com

An AI-powered cybersecurity platform designed to monitor hacker feeds, serve as a hacker-centric search engine, and provide cutting-edge tools.

Updated and upgraded daily/weekly, it’s your go-to destination for the future of cybersecurity intelligence!

☁️ #Windows Internals: The Implementation of the #Windows Operating Environment

https://undercodetesting.com/windows-internals-the-implementation-of-the-windows-operating-environment/

@Undercode_testing

🔐 Advanced Attack Scenario With Full Analysis From Both The Attacker’s Perspective And Defensive Actions

https://undercodetesting.com/advanced-attack-scenario-with-full-analysis-from-both-the-attackers-perspective-and-defensive-actions/

@Undercode_testing

The Enduring Relevance of SQL Injection: A Historical Perspective

https://undercodetesting.com/the-enduring-relevance-of-sql-injection-a-historical-perspective/

@Undercode_testing

🛡️ Understanding SQL Injection Vulnerabilities: A Timeless Cyber Security Resource

https://undercodetesting.com/understanding-sql-injection-vulnerabilities-a-timeless-cyber-security-resource/

@Undercode_testing

🛡️ Understanding the #Linux Kernel's TCP/#IP Stack for Cybersecurity

https://undercodetesting.com/understanding-the-linux-kernels-tcp-ip-stack-for-cybersecurity/

@Undercode_testing

🌐 Understanding the #Linux Kernel's Network Stack: A Deep Dive into TCP/#IP and Sockets

https://undercodetesting.com/understanding-the-linux-kernels-network-stack-a-deep-dive-into-tcp-ip-and-sockets/

@Undercode_testing

🛡️ Mastering #Linux Kernel Debugging: A Guide for Developers and Security Researchers

https://undercodetesting.com/mastering-linux-kernel-debugging-a-guide-for-developers-and-security-researchers/

@Undercode_testing

Understanding the #Linux Kernel: A Deep Dive into #OS Internals

https://undercodetesting.com/understanding-the-linux-kernel-a-deep-dive-into-os-internals/

@Undercode_testing

SQL Injection: Understanding SELECT Queries

https://undercodetesting.com/sql-injection-understanding-select-queries/

@Undercode_testing