🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Identify Which Process Is Blocking a File in Windows techcommunity.microsoft.com/blog/itopstalk…

I'm happy to finally release NovaHypervisor! NovaHypervisor is a defensive hypervisor with the goal of protecting AV/EDR vendors and crucial kernel structures that are currently uncovered by VBS and PatchGuard. Full explanation below 1/6. github.com/Idov31/NovaHyp…

Abusing Windows, .NET quirks, and Unicode Normalization to exploit DNN (DotNetNuke) slcyber.io/assetnote-secu…

It's here. The latest iteration of our Top 10 includes the most important developments in initial access tradecraft; from macOS targeting of ClickFix, to Zip Smuggling, to QRLJacking. 📚 Blog: blog.delivr.to/delivr-tos-top…

Cybereason Security Services investigates a BlackSuit ransomware attack leveraging tools like Cobalt Strike for command and control (C2), rclone for data exfiltration, & BlackSuit ransomware for file encryption. cybereason.com/blog/blacksuit…

Curious about anti-anti-debugging techniques and hiding hypervisors from malware? Slides are up for ECOOP/DEBT 2025 talk where we present HyperEvade, our upcoming hypervisor transparency extension for HyperDbg : github.com/HyperDbg/slide… (1/2)

CVE-2025-5333 - CVSS 9.5: Remote Code Execution in Broadcom Symantec Endpoint Management Suite (Altiris) lrqa.com/en/cyber-labs/…

Analysis of SSDT 5mukx.site/malware-develo… In this post, we will take a look and understand what System Service Descriptor Table or SSDT is and understand it using WinDbg.

Nice read ,about SLUB internals blogs.oracle.com/linux/post/lin…

Linux Kernel Hardening: Ten Years Deep Talk by Kees Cook about the relevance of various Linux kernel vulnerability classes and the mitigations that address them. Video: youtube.com/watch?v=c_NxzS… Slides: static.sched.com/hosted_files/l…

Offensive MCP and MCP for Offensive RedSeerSecurity medium.com/seercurity-spo…

#x33fcon 2025 talks: Stephan Berger - From Zero to a Moderately Skilled MacOS Forensic Analyst > youtu.be/cgHmv2JKZ-Y

Chrome Secrets & Defender Bypasses para0x0dise.github.io/absurdities/Ab…

Mobile Pentesting 101: How to Pull APKs from Work Profile – A Real-World Intune Challenge securitycafe.ro/2025/07/16/mob…

[1day1line] CVE-2025-32462: Elevation of Privilege via the host Option in sudo hackyboiz.github.io/2025/07/16/poo… Today’s 1day1line follows up on the previous chroot issue. It's another vulnerability in sudo, this time involving the host option. While no separate exploit is required, the

🕵️‍♀️ Looking to escalate privileges with a first-party Microsoft app? How do federated domain backdoors work? And what's an app reg, really? All this and more in our new Datadog, Inc. Security Labs post: securitylabs.datadoghq.com/articles/i-spy…

[Research] CVE-2025-24985: Windows Fast FAT Driver RCE Vulnerability hackyboiz.github.io/2025/07/17/ogu… The vulnerability was caused by the ability to control five variables within the VHD file that determine the number of clusters.

The Seqrite Labs APT-Team has identified and tracked a cluster of espionage-oriented operations conducting campaigns across multiple Asian jurisdictions including China, Hong Kong & Pakistan. This threat entity usually deploys CV-themed decoy documents. seqrite.com/blog/ung0002-e…

Real-time CVE feed with filters, summaries, and email alerts zerodaypublishing.com/feed