hey hi hello we've been seeing summa dat WSUS sussy baka CVE-2025-59287 remote code execution exploitation windows servers with WSUS ports 8530 & 8531 exposed ( -- why?) getting point-and-shoot popped from a POC already public huntress.com/blog/exploitat… prolly limited ITW

Let's talk about app consents in Entra again for a moment. When you allow users to consent to delegated API permissions for things like the users' email, keep in mind that the application, which exists somewhere else, now has company email content in their cloud, most likely.

When the CFO walks in and you need to justify the budget for “research” Hacking simulators 1. geekprank.com/hacker/ 2. geektyper.com 3. hacker-simulator.com 4. pranx.com/hacker/ 5. hackertyper.com Pew Pew Maps A. cybermap.kaspersky.com B.

Just watched John Hammond’s breakdown of CVE-2025-33053, where he demonstrated how a simple Windows shortcut (.lnk) could be weaponized for remote code execution. Inspired by his analysis, I revisited and rewrote my earlier detection logic—now it catches his proof-of-concept too

A new module just got merged into NetExec: raisechild🔥 Made by azoxlpf to automatically abuse domain trust to pivot to other domains. It will: - Dump the krbtgt hash of the child domain - Enumerate trusted domains - Craft a TGT for trusted/parent domain

The SHA1-Hulud npm mess keeps growing, so we added additional detections for it today - new YARA rules by my colleague Marius Benthin in our public signature-base - cover bun_environment.js / setup_bun.js and the malicious preinstall script variants from the Wiz / Aikido

Credential Guard was meant to end credential dumping. Nearly a decade later, Valdemar Carøe tested what’s actually possible. Check out his blog post detailing new credential dumping techniques that work on fully patched Windows 11 & Server 2025 systems. ➡️ ghst.ly/cred-eoytw

Clarification post, previous post about Ubisoft lead to some confusion. That's my fault. I'll be more verbose. I was trying to compress the information into 1 singular post without it exceeding the word limit. Here's the word on the internet streets: - THE FIRST GROUP of

MongoDB's latest vuln (CVE-2025-14847) is wild. unauthenticated attackers can send crafted requests and leak uninitialized heap memory from the server via zlib compression mishandling. All from *one line* of code: returning the allocated buf size instead of the decompressed len

NodePass: An open-source, lightweight, enterprise-grade TCP/UDP network tunneling solution featuring an all-in-one architecture with separation of control and data channels, along with flexible and high-performance instance control. GitHub: github.com/yosebyte/nodep… It supports

x.com/i/article/2017…

🚨 Notepad++ Hack Detailed Along With the IoCs and Custom Malware Used Source: cybersecuritynews.com/notepad-hack/ A sophisticated espionage campaign attributed to the Chinese Advanced Persistent Threat (APT) group Lotus Blossom (also known as Billbug). The threat actors compromised the

OpenAI and Anthropic are at war. On the same day, they both launched the world's best coding models— Codex 5.3 and Opus 4.6 Who has the best LLM? OpenAI invited 150+ top hackers to find out Here’s the finalists from the Official Codex Hackathon at Cerebral Valley OpenAI (🧵):

💥 Working on a new open source script that will be uploaded to GitHub sometime this month. It scans a base domain (example darkforums) across 224+ TLDs to find every registered variant. For each hit it pulls DNS records, WHOIS registration data (registrar, creation date,

maybe we should all stay humble about what AI can do now

Holy shit. The guy who BUILT Claude Code just shared his actual workflow. Boris Cherny runs 10-15 Claude sessions in parallel every single day. While you're prompting one AI, he has 5 in his terminal + 5-10 on the web all shipping code simultaneously. And the real weapon?

Microsoft says a Copilot bug (CW1226324) let Microsoft 365 Copilot summarize confidential emails, bypassing DLP policies. Since Jan 21, 2026, emails in Sent Items and Drafts with sensitivity labels were processed in Copilot Chat without permission. Microsoft fixed the issue on

We’ve identified industrial-scale distillation attacks on our models by DeepSeek, Moonshot AI, and MiniMax. These labs created over 24,000 fraudulent accounts and generated over 16 million exchanges with Claude, extracting its capabilities to train and improve their own models.

I am the Chief Information Officer of Stryker Corporation. I build the robots that perform your surgery. The defibrillators that restart your heart. The systems that let your nurse find your doctor at three in the morning when something goes wrong. Twenty-five billion dollars a