Azure DevOps is important to many organizations. Pivoting from a stolen session to DevOps access is closer than you think.

promptmap2 is a vulnerability scanning tool that automatically tests prompt injection attacks on your custom LLM applications

In this post, I will introduce the "cookie sandwich" technique which lets you bypass the HttpOnly flag on certain servers. This research follows on from Bypassing WAFs with the phantom $Version cookie

Learn how specially crafted artifacts can be used to attack Maven repository managers. This post describes PoC exploits that can lead to pre-auth remote code execution and poisoning of the local artifacts in Sonatype Nexus and JFrog Artifactory.

Are you like me, struggling to get your head around terms like symmetric encryption, asymmetric encryption, public key, private key…

Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform - research.md

The Oligo research team has discovered a critical vulnerability in meta-llama, an open source framework from Meta for building and deploying GenAI applications.

On November 20, 2024, Shubham Shah and I discovered a security vulnerability in Subaru’s STARLINK admin panel that gave us unrestricted access to all vehicles and customer accounts in the United States, Canada, and Japan.

Yesterday we discovered another client-side JavaScript attack targeting +500 websites, including governments and universities. The injected noscripts create hidden links in the Document Object Model (DOM), pointing to external websites, a programming interface…

Learn how to build effective harnesses for fuzzing native libraries on Android. Explore techniques and strategies to uncover vulnerabilities

WinVisor is a hypervisor-based emulator for Windows x64 user-mode executables that leverages the Windows Hypervisor Platform API to provide a virtualized environment for logging syscalls and enabling memory introspection.

In this blog post, we’ll walk through the process of enumerating and exploiting a vulnerable machine named silver platter as part of a…

Accuracy, Coverage & Integration: A Comprehensive Benchmark for Modern SAST Tools

Whether you want to transform into a USB Ethernet adapter and capture network traffic, create custom user interface for your attacks, or use covert storage devices, the USB Army Knife has you covered.

Non-Human Identities (NHIs) are essential for automation but pose unique security challenges requiring tailored management and protection strategies. Know more!

A simple application that extracts your IoCs from garbage input and checks their reputation using multiple services.

Introduction
Hello, I’m RyotaK ( @ryotkak
), a security engineer at GMO Flatt Security Inc.
In October 2024, I was hunting bugs for the GitHub Bug Bounty program. After investigating GitHub Enterprise Server for a while, I felt bored and decided to try to…

The research unveils a new attack surface in Windows by exploiting Best-Fit, an internal charset conversion feature. Through our work, we successfully transformed this feature into several practical attacks, including Path Traversal, Argument Injection, and…

A new way to use BYOVD technique. By combining the file-writing capabilities of a driver with Windows symbolic links