Certipy 5 (Oliver Lyak), MobileIron pwnage (Piotr Bazydło), new CRTO pricing (Zero-Point Security), and more! blog.badsectorlabs.com/last-week-in-s…

BadSuccessor (Yuval Gordon), o3 finds SMB 0day (Sean Heelan), crashing defender (InfoGuard Labs), and more! blog.badsectorlabs.com/last-week-in-s…

Stealth syscalls (DarkRelay Security Labs), VM introspection (memN0ps), Marebackup LPE (Clément Labro), Azure Arc C2 (@zephrfish.yxz.red), and more! blog.badsectorlabs.com/last-week-in-s…

Windows self-delete on 24H2 (TKYN), DNS rebinding (Jaroslav Lobačevski 🇱🇹🇺🇦[email protected]), VSCode backdoor (d1rkmtr), leak Google users' 📞# (skull), Entra sync dumping (Daniel Heinsen), Delegations (Rémi GASCOU (Podalirius)), Chrome abuse for screenshots, mic, and more! blog.badsectorlabs.com/last-week-in-s…

Linux sleep obfs (kozmer), sudo vuln (Rich Mirch), self-xss trick (slonser), primitive injection (trickster0), and more! blog.badsectorlabs.com/last-week-in-s…

Lenovo Applocker bypass (Oddvar Moe), Citrix Bleed 2 (SinSinology, Jake, Aliz Hammond), A+ adversary simulation (quarkslab), DreamWalkers loader (Max dcb), and more! blog.badsectorlabs.com/last-week-in-s…

LudusHound (Beyviel David), SpeechRuntimeMove (S3cur3Th1sSh1t), Havoc Pro (5pider), FortiWeb RCE (SinSinology), SailPoint IQService RCE (NetSPI), Altiris RCE (Lefteris Panos), and more! blog.badsectorlabs.com/last-week-in-s…

PIC agents (Rasta Mouse), ToolShell, Async BOFs (Cn33liz), SCCM MP relays (Garrett), and more! blog.badsectorlabs.com/last-week-in-s…

VMware Tools LPE (bronzebee), Adaptix C2 0.7 (HackerRalf), Ludus MCP (@__MastadonMastadon>__), and more! blog.badsectorlabs.com/last-week-in-s…

AEM RCE (shubs), Intune cert abuse (Dirk-jan), Entra tradecraft (Daniel Heinsen), LLMs for R&D (Kyle Avery), and more! blog.badsectorlabs.com/last-week-in-s…

DEF CON releases, PDQ SmartDeploy creds (Garrett), FortiSIEM root command injection (SinSinology), a cat themed loader (vx-underground), fine-tune LLMs for offsec (Kyle Avery), and more! blog.badsectorlabs.com/last-week-in-s…

WebClient deep dive (Steven), 2x RCE chains in Commvault (Piotr Bazydło), how to rob a hotel (David), MSI patch/protocol handler RCE (Johnny Fishcake), and more! blog.badsectorlabs.com/last-week-in-s…

Azure AD via weak ACLS (Christian Bortone), HTTP stealth proxy (mandatory.bsky.social), Dll sideloading for initial access (Print3M), kernel-hack-drill (Alexander Popov), and more! blog.badsectorlabs.com/last-week-in-s…

Metamorphic compilation (Tijme Gommers), Windows Secure Calls (Connor McGarr), macOS race condition exploit (Mickey Jin), NTLM relaying (Elad Shamir), and more! blog.badsectorlabs.com/last-week-in-s…

FreeBPX RCE (Piotr Bazydło), badpie (DTM), macOS auditd malloc woes (Vylegzhanin Daniil), Spotlight TCC leak (Patrick Wardle), WSUS relaying (Coontzy1), and more! blog.badsectorlabs.com/last-week-in-s…

Getting Global Admin in every Entra tenant (Dirk-jan), WebSocket Turbo Intruder (d4d), PureRAT analysis (Tera), and more! blog.badsectorlabs.com/last-week-in-s…

OmniProx (@zephrfish.yxz.red), Phantom Chrome Extensions (Riadh Bouchahoua (Synacktiv)), FIDO phishing (Dennis Kniep), VMWare Tools LPE (Maxime Thiebaut), and more! blog.badsectorlabs.com/last-week-in-s…

WriteAccountRestrictions fun (Garrett), RCE in Dell UnityVSA (SinSinology), Unity Runtime exploit (RyotaK), Lenovo DCC LPE (0x4d5a), and more! blog.badsectorlabs.com/last-week-in-s…

WhatchGuard RCE (McCaulay), BadSuccessor BOF (Logan Goins), ClubWPT hack (Sam Curry), and more! blog.badsectorlabs.com/last-week-in-s…

DumpGuard (Valdemar Carøe), GCC + VSCode (winterknife 🌻), COM Research (bohops), Gitlab to Cloud pivot (c0rnbread), and more! blog.badsectorlabs.com/last-week-in-s…