Published the third part of my blog series about Hydroph0bia (CVE-2025-4275) vulnerability, this one is about the fix as Insyde applied it, and my thoughts on improvements for it. coderush.me/hydroph0bia-pa…

Weekly summary is out.. ctoatncsc.substack.com/p/cto-at-ncsc-…

Just wrapped up our talk at REcon ! 🎤tonvi 🚀 My Emulation Goes to the Moon (Until FALSE_FLAG) is now also a blog post: 📖 retooling.io/blog/my-emulat… 🎥 cfp.recon.cx/recon-2025/tal… #recon2025 #reverseengineering #emulation

We’re cooked, guys. A new vulnerability has been discovered in sudo and you don’t even need to be in the sudo group to get root. I just tried it 👇

Wintel is coming for your SMEP bypasses! No more flipping the U/S bit in a PTE to mark a user-mode page as supervisor-mode on Intel Arrow Lake CPUs :) (note: this is meant for protection against speculative attacks, with the side effect of becoming SMEP 2.0)

blog.malicious.group/the-quiet-side… This is a living document at the moment, but here it is for now. 😅As mentioned in the paper, if you are a researcher and have questions after reading, just reach out to me and I will answer everything I can.

Announcing our whitepaper on the future of endpoint security. preludesecurity.com/runtime-memory…

Exciting times. I'm publishing Dittobytes today after presenting it at OrangeCon ! Dittobytes is a true metamorphic cross-compiler aimed at evasion. Use Dittobytes to compile your malware. Each compilation produces unique, functional shellcode. github.com/tijme/dittobyt…

Analysis of Windows CLFS #EoP vuln (#CVE-2025-29824) in-the-wild exploitation sample and root cause Report: ti.qianxin.com/blog/articles/… ITW sample: virustotal.com/gui/file/808cb…

I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful vulnerability I will probably ever find: a token validation flaw allowing me to get Global Admin in any Entra ID tenant. Blog: dirkjanm.io/obtaining-glob…

🔴 𝗡𝗲𝘄 𝗥𝗲𝘀𝗲𝗮𝗿𝗰𝗵: 𝗛𝘂𝗻𝘁𝗶𝗻𝗴 𝗔𝗱𝗮𝗽𝘁𝗶𝘅𝗖𝟮 – 𝗧𝗿𝗮𝗰𝗶𝗻𝗴 𝗼𝘃𝗲𝗿 𝟭𝟬𝟬 𝗟𝗶𝘃𝗲 𝗖𝟮 𝗦𝗲𝗿𝘃𝗲𝗿𝘀 𝗶𝗻 𝘁𝗵𝗲 𝗪𝗶𝗹𝗱 Our team investigated AdaptixC2, an open-source command and control framework that’s being used in real attacks. Using HuntSQL™,

Operation Triangulation + #DanderSpritz Come back … #iphone -> Windows mp.weixin.qq.com/s/XPjT0BVOJPJx…

Chinese authorities allege a 27-month NSA operation against the China's National Time Service Center. Initial credential theft apparently via a smartphone-messaging exploit. They relese technical details, including information about 80+ remote logins between April 11 and August

Credential Guard was supposed to end credential dumping. It didn't. Valdemar Carøe just dropped a new blog post detailing techniques for extracting credentials on fully patched Windows 11 & Server 2025 with modern protections enabled. Read for more ⤵️ ghst.ly/4qtl2rm

Now in private beta: Aardvark, an agent that finds and fixes security bugs using GPT-5. openai.com/index/introduc…

[RELEASE] As promised, I’m releasing the first blog post in a series. It covers the gaps still present in current stack-based telemetry and how Moonwalking can be extended to evade detection logic and reach “on-exec” memory encryption. Enjoy ;) klezvirus.github.io/posts/Moonwalk…

I've been working on a side project for some time: autonomous reverse-engineering powered by Gepetto. I shared some thoughts here (blog.kwiatkowski.fr/gepetto-web), and am looking for beta testers to try out the platform. DM me or reply below if you are interested!

github.com/LabGuy94/CopyM… readcc.net/posts/copymywr… Released my POC which earned me a 3000$ bug bounty.

I'm excited to finally share Chronomaly, a kernel exploit for Android and Linux kernels 5.10.x using CVE-2025-38352. As a reminder, please patch your Android devices if you haven't already! I recommend getting some 🍿 before reading this post 👀 All links in the thread below:

This is a wild read. Someone spent a lot of time thinking through this implant... gendigital.com/blog/insights/…