We promised we'd be back! Join us on our journey, from repro'ing N-days to stumbling into 0-days in SolarWinds Web Help Desk, eventually achieving pre-auth RCE. This research fuels the watchTowr Platform, our Preemptive Exposure Management technology. labs.watchtowr.com/buy-a-help-des…

AD CS attack emporium emporium.yxz.red a handful of attacks for ADCS ESC

Can you feel it too? Join us today for our analysis of Juniper's recent pre-auth RCE - CVE-2026-21902 - affecting a very specific set of devices. Curious? labs.watchtowr.com/sometimes-you-…

Em uma pesquisa de segurança conduzida pelo time da Hakai, foram identificadas três vulnerabilidades críticas no Centreon Web e no módulo Open Tickets. As falhas incluem SQL Injection, Path Traversal e Command Injection, permitindo desde a extração completa do banco de dados até

WontFix can be an RCE Goldmine SOAPwn by Piotr Bazydło #5 in PortSwigger Web Hacking Techniques of 2025 Microsoft’s refusal to patch HttpWebClientProtocol invalid casting makes any .NET app using ServiceDescriptionImporter permanently vulnerable to arbitrary file write via

RCE via a malicious SVG in mPDF medium.com/@brun0ne/rce-v…

Let's just go back to IRC again.

Write Path Traversal to a RCE Art Department #PathTraversal #RCE #RubyOnRails #WildcardRouting #TemplateInjection lab.ctbb.show/research/write…

Our research team at Searchlight Cyber reverse engineered the Magento PolyShell pre-auth RCE bug, we wrote up our findings here: slcyber.io/research-cente… - this is an actively exploited vulnerability in the wild, thanks for Sansec for flagging this issue first!

New blog is out on @EtherRAT, a Node.js backdoor reportedly linked to a North Korean APT. It uses EtherHiding (Ethereum smart contracts) to retrieve C2 addresses and blends in with CDN-like beaconing! Obfuscator.io abuse continues 😑 esentire.com/blog/etherrat-…

Stop asking LLMs to “find vulns.” Start using them to understand code. Andrew Luke walks through using Claude Code as a force multiplier in app assessments - faster analysis, fewer false positives, better outcomes. Check it out: ghst.ly/4rA3uJd

too many people who don't love The Computer have been given the privilege of working on The Computer

Estranho perceber e realizar que as zines do uT fazem tanto sentido hoje em dia. O cara vivia no futuro no passado

xc - a lightweight reverse shell. Written in golang, works on both Linux and Windows. It is designed for simplicity and provides a basic mechanism for remote command execution. A tool by Martin Mielke (Martin Mielke) Source: github.com/xct/xc #redteam #blueteam #maldev

🚨 ZERODAY: ImageMagick 🚨 Our autonomous pentester pwn.ai just dropped multiple zeroday chains in ImageMagick that achieve RCE and File Leak from a single .jpg or .pdf file, bypassing EVERY security policy (Default, Limited, AND Secure). 🤯 💥 Affects

We asked Claude to find a bug in Vim. It found an RCE. Just open a file, and you’re owned. We joked: fine, we’ll switch to Emacs. Then Claude found an RCE there too. Full story: blog.calif.io/p/mad-bugs-vim…

Mongoose: Preauth RCE and mTLS Bypass on Millions of Devices (including the International Space Station apparently ...) evilsocket.net/2026/04/02/Mon…

DarkZero from Hack The Box features cross-forest MSSQL linked servers, four privesc paths (token theft, ADCS/RunAsCS, NTLM reflection via CMTI, CVE-2024-30088), and cross-forest TGT delegation for domain takeover. 0xdf.gitlab.io/2026/04/04/htb…