🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

This is scary. 😱 The MOTHER of all LLM Jailbreaks & Prompt injections. "Universal and Transferable Adversarial Attacks on Aligned Language Models" 🌐🔒 --- TL;DR --- This research & code introduces a fascinating method called "Universal and Transferable Adversarial Attacks

Attacking JS engines: Fundamentals for understanding memory corruption crashes sidechannel.blog/en/attacking-j…

I'm VERY HAPPY to say that my Blogpost is out!!!! As a content, we'll discuss about how to exploit a simple (not so much) TypeConfusion vulnerabilities in a modern windows versions (Windows 11 22621). Now let's get our SYSTEM privileged shell! wafzsucks.medium.com/how-a-simple-k…

Cookieless DuoDrop: IIS Auth Bypass & App Pool Privesc in ASP .NET Framework (CVE-2023-36899) soroush.me/blog/2023/08/c… #Appsec #bugbountytips

No More Speculation: Exploiting CPU Side-Channels for Real by akrasuski1 bughunters.google.com/blog/471217009…

I note theres a few people without practical real world RT experience wondering how you can know if an app like vscode is installed on a target in advance... well, with good targeting its actually pretty easy and historically there's been a bunch of ways to do this. For

💥BOOM!💥 Another privilege escalation blog, this time showcasing how to convert arbitrary file deletions 🗑️ to SYSTEM command prompt🌈 CVE-2023-27470. Learn about TOCTOU, pseudo-symlinks, MSI rollback exploits, and, of course, how to protect yourselves! mandiant.com/resources/blog…

Many have asked about the process of doing security research. Mostly it's a lot of troubleshooting and getting bullied online. Join me for my new blog post which details the process of exploring an attack surface, finding 0day, and exploit dev. PoC inside securityintelligence.com/posts/critical…

First day of Hexacon 👌

This is cool!

connormcgarr.github.io/hvci/ Amazing how people found my preferred chapter (9) super-useful... Happy to read these articles Connor McGarr !!!

It took 3 years but finally I feel ready to release my Pwn2Own 2021 exploit code. 💖 Video talk covers my full research workflow, from attack surface modeling and reverse engineering, to vulnerability discovery and systematic exploit engineering, enjoy! #Pwn2Own

We posted our third writeup of N-day full chain series: Chaining N-days to Compromise All: Part 3 — Windows Driver LPE: Medium to System medium.com/theori-blog/ch…

If you never used the Piper extension, I recommend to watch the 4-minute demo I gave last year during my talk at NorthSec 🛠️ youtube.com/watch?v=N7BN--…

Excellent LPE write-up by @[email protected] , where he details how suspected compiler changes lead to the introduction of double fetch vulnerabilities. Also discusses a KASLR side channel bypass. PoCs included. Definitely check it out exploits.forsale/24h2-nt-exploi…

Android greybox fuzzing with AFL++ Frida mode blog.quarkslab.com/android-greybo…

I recently developed and posted about a technique called "First sequence sync", expanding James Kettle's single packet attack. This technique allowed me to send 10,000 requests in 166ms, which breaks the packet size limitation of the single packet attack. flatt.tech/research/posts…

Router RCE via the public WLAN interface *which cannot be disabled on your own router without calling the ISP* w/ bonus fault injection via HDD vibrations 🤠 👑King showing by João Domingos and a shit show by MEO r0ny.net/FiberGateway-G…

Full exploit chain for the FiberGateway GR241AG home router r0ny.net/FiberGateway-G… Credits João Domingos #infosec #embedded