Sandman: NTP based backdoor for red team engagements
Sandman Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a stager and leverages NTP (a protocol to sync time & date) to get...
Monthly Archive: July 2025
Windows 11 Beta Unleashes Copilot+ AI Assistant, Redesigned Settings, & Enhanced Recall for Insiders
Microsoft has unveiled a new preview build of Windows 11, version 26120.5722, for participants in the Windows Insider Beta Channel. This update, aimed at users running version 24H2, delivers a suite of enhancements, fixes,...
AI is Flooding Bug Bounty Programs with Fake Vulnerability Reports: A New “Trust Trap” Emerges
In recent years, the internet has become inundated with content of questionable value—much of it entirely fabricated—generated by large language models. This deluge extends far beyond low-quality text, images, and videos; it now includes...
SharpSCCM: post-exploitation tool designed to leverage SCCM for lateral movement
SharpSCCM SharpSCCM is a post-exploitation tool designed to leverage Microsoft Endpoint Configuration Manager (a.k.a. ConfigMgr, formerly SCCM) for lateral movement without requiring access to the SCCM administration console GUI. SharpSCCM was initially created to...
Ubuntu 25.04 on Snapdragon X Still Plagued by Endless Boot Loops, Despite Latest Build
Canonical has released updated test builds of Ubuntu 25.04 for laptops powered by Snapdragon X, integrating support for the Linux 6.16 kernel and expanding hardware compatibility. However, in practice, system stability and functionality remain...
Linux Kernel Set to Remove Obscure 31-Year-Old ELF Header Limitation in Version 6.17
The Linux kernel may soon see the removal of one of its oldest and most enigmatic limitations, a constraint that has persisted since 1993. A developer from Alibaba discovered that a script generating an...
Your “Smart” Devices are Open Doors: Critical Flaws in Thermostats, Cameras, & Smart TVs Expose Networks to Attack
Smart devices within a network are no longer mere assistants — they are potential adversaries. With every internet-connected thermostat or television, a new fissure emerges in the digital infrastructure. This truth is underscored by...
Scattered Spider Unleashes VMware ESXi Ransomware on US Retail, Transport & Insurance via Social Engineering
The Scattered Spider group has intensified its assaults on corporate IT environments, concentrating its efforts on VMware ESXi hypervisors within U.S. companies across the retail, transportation, and insurance sectors. Rather than exploiting conventional software...
rekono: Execute complete pentesting processes
Rekono combines other hacking tools and its results to execute complete pentesting processes against a target in an automated way. The findings obtained during the executions will be sent to the user via email...
Microsoft: SharePoint Zero-Day Exploit Leaked, Bypassed Patch, and Actively Attacked By China-Linked APTs
Microsoft has acknowledged that its July security updates failed to fully address vulnerabilities in on-premises versions of SharePoint, leaving systems susceptible to remote code execution. As a result, targeted attacks have continued, with experts...