msLDAPDump LDAP enumeration tool implemented in Python3 msLDAPDump simplifies LDAP enumeration in a domain environment by wrapping the lpap3 library from Python in an easy-to-use interface. Like most of my tools, this one works...
ReconAIzer ReconAIzer is a powerful Jython extension for Burp Suite that leverages OpenAI to help bug bounty hunters optimize their recon process. This extension automates various tasks, making it easier and faster for security...
A new wave of phishing attacks has laid bare just how sophisticated social-engineering techniques have become. Researchers have identified an evolved variant of the FileFix attack that exploits a cache-smuggling technique to clandestinely deposit...
The Microsoft Teams messenger, widely used for corporate communication, has increasingly become a convenient arena for cyberattacks. According to the Microsoft Threat Intelligence team, malicious actors are actively exploiting the platform for a broad...
In August 2025, researchers from Huntress observed a cyberattack involving the abuse of the legitimate server-monitoring tool Nezha, which was originally designed for system performance tracking. During the campaign, threat actors — allegedly linked...
The popular design tool Figma has faced a potential security threat due to a vulnerability in the Model Context Protocol (MCP) server, the framework underpinning its integration with AI-driven agents. The issue, discovered in...
The ClamAV 1.5.0 antivirus engine has been released, introducing one of the most significant updates in recent years — FIPS mode support for verifying the authenticity of signature databases. The Freshclam and CVDUpdate tools...
A critical vulnerability has been discovered in the popular WordPress theme Service Finder, allowing attackers to gain unauthorized access to any account on affected websites — including administrative ones. The issue stems from the...
Nearly a year after the incident, a Florida-based medical company has disclosed the full scale of a major data breach that occurred in November 2024. The organization, specializing in diagnostic imaging, confirmed the exposure...
According to a LayerX report, thousands of corporate users are inputting personal and payment data into ChatGPT prompts—often from personal, unsecured accounts. Researchers are observing a growing leakage of critically sensitive information through generative...
Crassus Windows privilege escalation discovery tool Why “Crassus”? Accenture made a tool called Spartacus, which finds DLL hijacking opportunities on Windows. Using Spartacus as a starting point, we created Crassus to extend Windows privilege escalation...
Jaguar Land Rover has announced the gradual resumption of operations at its factories following a massive cyberattack that brought global production to a complete halt in September. At the same time, the company has...
