We found that Wi-Fi client isolation can often be bypassed. This allows an attacker who can connect to a network, either as a malicious insider or by connecting to a co-located open network, to attack others. NDSS'26 paper: ndss-symposium.org/wp-content/upl… GitHub: github.com/vanhoefm/airsn…

github.com/ZephrFish/ludu… ludus template to build an AD CS attack lab which is a snippet from my course (lms.zsec.red) with the addition of pre-reqs for MDE/MDI deployment and windows hardening, you can drop in replace this for elastic too

Qwen3.5-27B destilado a partir do Claude 4.6 Opus. Isso significa que o raciocinio de ponta do Claude foi transferido para um modelo open source de 27 bilhoes de parametros que voce pode rodar localmente. Destilacao de modelos esta democratizando o que antes era exclusivo de

Learn how to run Qwen3.5 locally using Claude Code. Our guide shows you how to run Qwen3.5 on your server for local agentic coding. We then build a Qwen 3.5 agent that autonomously fine-tunes models using Unsloth. Works on 24GB RAM or less. Guide: unsloth.ai/docs/basics/cl…

Holy shit... Microsoft open sourced an inference framework that runs a 100B parameter LLM on a single CPU. It's called BitNet. And it does what was supposed to be impossible. No GPU. No cloud. No $10K hardware setup. Just your laptop running a 100-billion parameter model at

Windows API Arsenal — Updated 📚 256 APIs 🚥 Copy Signature 😮 31 Nt native APIs with syscall numbers 📌 Shareable links 🔍 Recent searches saved locally [Use Desktop for Optimal View] 👉 blog.fautl.com/api-list #ReverseEngineering #windowsinternals

🚨BREAKING: Someone just open-sourced a headless browser that runs 11x faster than Chrome and uses 9x less memory. It's called Lightpanda and it's built from scratch specifically for AI agents, scraping, and automation. Not a Chromium fork. Not a hack. A completely new browser

x.com/i/article/2032…

Meet GLM-4.7-Flash-Claude-Opus-4.5-High-Reasoning-Distill: a distilled powerhouse that brings elite reasoning to local machines. This GGUF model packs Claude-level thinking into a format you can run on your own hardware. The community is buzzing about this one!

Syscall Tracer🔥🔥 Sometimes it’s useful to observe the system calls happening inside a given target process. Especially if the target includes some kind of Frida detection, root detection, or any other kind of Runtime Application Self-Protection (RASP). frida.re/news/2026/03/0…

CVE-2026-25769: Wazuh Post-Auth RCE Our team discovered an insecure deserialization vulnerability in the Wazuh Cluster that enables remote command execution via a worker node, potentially leading to full cluster compromise. CVSS: 9.1 (authentication required) Wazuh - Security

KslDump - Extraction of credentials from PPL-protected LSASS using only Microsoft-signed components github.com/andreisss/KslD…

Collecting ADCS data with NetExec🔥 Thanks to the addition of CertiHound, developed and implemented by 0x0Trace, we can now collect ADCS data using the --bloodhound collector of NetExec. As before, the data is exported as JSON files that can be imported directly into BloodHound.

⚡ Apex - AI-Powered Pentester Attacks Apps in Black-Box Mode to Find Vulnerabilities | Source: cybersecuritynews.com/apex-ai-penetr… Apex is an autonomous, AI-powered penetration testing agent designed to operate in black-box mode against live applications. It does not require access to

Releasing KslKatz. Combining KslDump and GhostKatz to dump LSASS using no-fix KslD.sys memory read to bypass PPL. Extracts MSV1_0 NT hashes and WDigest cleartext passwords (if enabled) from LSASS using a Microsoft-signed driver. github.com/S1lkys/KslKatz

I ran a 35-billion parameter AI agent on a $600 Mac mini. Specs: M4 Mac-Mini 16GB RAM The model doesn't fit in RAM. It pages from the SSD at 30 tokens/second. On NVIDIA, the same paging gives you 1.6 tok/s. Apple Silicon gives you 30. That's 18.6x faster. No cloud. No API

🔓 CVE-2025-33073: Any domain user → SYSTEM → DC TGT → domain compromise. No admin needed. SMB signing on DCs won’t save you. praetorian.com/blog/cve-2025-… #theguardplatform #offensivesecurity

Released WinDbg MCP — attach Claude (or any LLM) to a live Windows process and let it poke around. set breakpoints, read memory, walk the stack, load crash dumps. 55 tools over MCP. github.com/gengstah/windb…

Added a writeups page to my HTB AD machines list, each machine now links to the ippsec video and 0xdf writeup github.com/seriotonctf/Ha…

#CVE-2026-34197: Apache ActiveMQ RCE via Jolokia. Unfortunately, one less 0-day in the wild… Fortunately, I might still have another. Glad Claude Code hasn’t spotted it yet. 😁