At the Black Hat USA conference in Las Vegas, Naor Haziz, a researcher at Sweet Security, unveiled an attack dubbed ECScape, capable of completely undermining the trust-based security model of Amazon ECS. The vulnerability...
Microsoft has announced sweeping enhancements to its vulnerability rewards program for the .NET platform, significantly broadening its scope and increasing compensation for valid discoveries. Security researchers can now earn up to $40,000 for critical...
Researchers at Binarly have uncovered six critical vulnerabilities in BIOS firmware developed by Insyde Software and deployed in Lenovo desktop systems, particularly within the IdeaCentre AIO 3 and Yoga AIO product lines. All of...
ArmouryLoader has once again captured the attention of cybersecurity experts, emerging as one of the most technically sophisticated malware loaders in recent memory. Its architecture reflects a mature approach to evading defenses, employing stealthy...
Security researcher Sergey Bliznyuk of Positive Technologies has published a detailed analysis of critical vulnerabilities in the VGAuth component of VMware Tools, which enable a low-privileged local user to gain full SYSTEM-level access on...
A newly discovered vulnerability in Windows Server 2025—dubbed Golden dMSA—poses a grave risk of widespread compromise across entire Active Directory infrastructures, according to a technical report published by enterprise cybersecurity firm Semperis. The issue...
Amid the accelerating tide of digital transformation, Windows Hello for Business (WHfB) continues to be championed by Microsoft as a modern, passwordless solution for enterprise authentication. Yet, beneath this progressive façade lies an architectural...
A researcher at Positive Technologies has uncovered a critical vulnerability in the implementation of the NTFS file system, which enables a local attacker to escalate privileges to SYSTEM by leveraging a specially crafted virtual...
GPOHound is a tool for dumping and analysing Group Policy Objects (GPOs) extracted from the SYSVOL share. It provides a structured, formalized format to help uncover misconfigurations, insecure settings, and privilege escalation paths in...
On the second Tuesday of July, Microsoft released its customary Patch Tuesday update package, addressing 137 vulnerabilities across a range of the company’s products. Among them, a particularly notable zero-day vulnerability in Microsoft SQL...
Alexander Mogh, a security researcher at ERNW, has uncovered a critical vulnerability in the boot mechanisms of modern Linux distributions, including Ubuntu 25.04 and Fedora 42. Despite full disk encryption, Secure Boot, and password-protected...
RemoteMonologue is a Windows credential harvesting technique that enables remote user compromise by leveraging the Interactive User RunAs key and coercing NTLM authentications via DCOM. Features 🔹 Authentication Coercion via DCOM (-dcom) Targets three DCOM...
A critical vulnerability discovered in the WordPress visual theme “Motors” has enabled hackers to seize administrative privileges en masse, granting them full control over compromised websites. Identified as CVE-2025-4322, the flaw represents a privilege...
DavRelayUp A quick and dirty port of KrbRelayUp with modifications to allow for NTLM relay from webdav to LDAP in order to streamline the abuse of the following attack primitive: (Optional) New machine account creation (New-MachineAccount)...
GTFONow Automatic privilege escalation on Unix systems by exploiting misconfigured setuid/setgid binaries, capabilities, and sudo permissions. Designed for CTFs but also applicable in real-world pentests. Features Automatically exploit misconfigured sudo permissions. Automatically exploit misconfigured...
HackSys Extreme Vulnerable Driver (HEVD) – BufferOverflowNonPagedPoolNx Exploit This repository contains an exploit for the BufferOverflowNonPagedPoolNx vulnerability in HackSys Extreme Vulnerable Driver (HEVD). The exploit targets Windows 10 Version 22H2 (OS Build 19045.3930) and demonstrates...
