🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

I got time to update a draft that should've been published long ago. Here is a fun PG-compliant hooking mechanism, and the example covered in the article is system-wide SYSCALL hooks in a PG-compliant manner. revers.engineering/fun-with-pg-co…

Awesome talk from Roberto Rodriguez 🇵🇪 on AI Agents... this for me is the immediate future of LLM's and it's so exciting! youtube.com/watch?v=zoAPS1…

We recently identified a number of privilege escalation vulnerabilities in Lenovo Vantage on Windows; check out our latest blog for a technical deep dive buff.ly/eKMcZLg

Today we released write up about vulnerability that I found and which was patched recently in NTFS.sys CVE-2025-49689. Enjoy! swarm.ptsecurity.com/buried-in-the-…

One of our current intern, vincent shared his Chrome-atic escape adventure using CVE-2024-30088 Epic obstacles documented in it too! starlabs.sg/blog/2025/07-f…

Last year, Orange Tsai 🍊 discovered a PHP RCE. This year, I took it a step further delivering that RCE to local servers using nothing but a single website visit, for more details, check out. hackandhide.com/your-browser-i…

I'm happy to finally release NovaHypervisor! NovaHypervisor is a defensive hypervisor with the goal of protecting AV/EDR vendors and crucial kernel structures that are currently uncovered by VBS and PatchGuard. Full explanation below 1/6. github.com/Idov31/NovaHyp…

#x33fcon 2025 lightning talks: Daniel Hirschberger - EDRS a moving story > youtu.be/f3z0f-dIU90

throwback to our first blog in 2022. still fun, relevant, and still a headache to detect - despite the meme: pre.empt.blog/posts/bluffy/

CASE CLOSED: CVE-2025-29824 0 public samples, 0 information Suspect: Windows CLFS driver Crime: UAF leading to Privilege Escalation Status: ACTIVELY EXPLOITED ITW Investigation: Debugged and documented Case files: starlabs.sg/blog/2025/07-m… Done by our intern, Ong How Chong

New Vuln Research: NetSPI Principal Consultant Ceri Coburn exposes how Forescout SecureConnector agents can be hijacked via a named pipe vulnerability (CVE-2025-4660), turning endpoint security tools into attacker-controlled C2 channels. Read more: ow.ly/6hl250WqWrX

Analyzing the Windows 11 24H2 kernel shadow stack mitigation github.com/synacktiv/wind…

101 Chrome Exploitation — Part 0: Preface We are starting a new series on modern browsers' architecture and their exploitation using Chrome as an example. Readers will learn how browser subsystems are implemented, how their security is ensured and how it is violated with

I don't know which update specifically, but in a recent update of 24H2 it looks like the Win32k system call table is protected by Kernel Data Protection (read-only SLAT entry)! I believe CI!g_CiOptions and msseccore's SecKdpSe PE section were the only things using it before.

Curious how the Codegate 2025 FullChain was meant to be pwned? From RCE to SBX to LPE... the path to SYSTEM is now public. Official write-up is live! #pwn #CTF #Codegate #RCE #SBX #LPE enki.co.kr/en/media-cente…

👑 Our researcher has discovered LPE in VMWare Tools (CVE-2025-22230 & CVE-2025-22247) via VGAuth! Write-up by the one who broke it: Sergey Bliznyuk (bronzebee) swarm.ptsecurity.com/the-guest-who-…

Blog for ToolShell Disclaimer: The content of this blog is provided for educational and informational purposes only. blog.viettelcybersecurity.com/sharepoint-too… #SharePoint #ToolShell

CVE-2025-20281: Cisco ISE API Unauthenticated Remote Code Execution Vulnerability: Trend ZDI analyst Bobby Gould details this bug and another that may be a dupe. He also shows how it can be exploited. zerodayinitiative.com/blog/2025/7/24…

Good Morning! Just published a blog post diving into Windows Kernel LFH exploitation in the latest Windows 24h2 build, Focusing on controlled allocations to achieve arbitrary read/write in the kernel. r0keb.github.io/posts/Modern-(…

I did an analysis of TPwSav.sys driver and write a proof of concept exploiting the arbitrary physical memory read and write primitive for fun :) You can find the quick writeup here, zeifan.my/TPwSav-Driver-… Blackpoint analysis: blackpointcyber.com/blog/qilin-ran…