Abusing the Clipup.exe program by using the CreateProcessAsPPL.exe tool to destroy the executable file of the EDRs, Antivirus.

Exposing digital fraud, regulatory evasion, and corporate manipulation through cyber intelligence. We investigate what others ignore.

I used Claude to build ProxyGen, a multi-cloud WireGuard VPN tool. It needed tweaks but showed how far AI vibecoding can go, flaws and all.

Phishing has always been about deceiving people. But in this campaign, I discovered something new. The attackers weren’t only targeting users, they also attempted to manipulate AI-based defences. T…

Why code analysis can be hard when it comes to malicious code.

Multiple vulnerabilities in vtenext 25.02 and prior versions allow unauthenticated attackers to bypass authentication through three separate vectors, ultimately leading to remote code execution on the underlying server.

See how to reduce the risks of an indirect prompt injection, such as the exposure of confidential files or the execution of code without the user's consent.

First systematic integration of psychoanalytic theory with cybersecurity practice. Identifies unconscious vulnerabilities 300ms before conscious awareness.

DIAC∞ 2 is an experimental novel hybrid post-quantum encryption system combining ML-KEM-512 (Kyber variant) for quantum-resistant key encapsulation, ChaCha20-Poly1305 for authenticated encryption, and a post-quantum AEAD layer. Its novel Transcendental Window…

IPv4/IPv6 Packet Fragmentation: Detection & Reassembly Introduction A packet can be broken into smaller pieces, or fragments, at the network layer (by the IPv4 and IPv6 protocols) to fit within a specific Maximum Transmission Unit (MTU). For IPv4, a packet’s…

TL;DR I found a RCE in the AION client starting from 3.0 (not confirmed the latest version vulnerable) using the built-in housing system. Private servers are still vulnerable. Important Note In the initial version of this post I wrote that the housing system…

On July 18, 2025, users of CrushFTP woke up to an announcement:

As we’ve all experienced in 2025, 2025 has been the year of vendors burying their heads in the sand with regard to in-the-wild exploitation, even in the face of impressively indisputable evidence…

LLM generated code can ships demo logic with security issues not defenses. Here is a real world example and how it could be abused.

What is s1ngularity-repository? Nx is compromised and the malware steals wallets and API keys using Claude CLI or Gemini.

Referral rewards programs are nearly ubiquitous today, from consumer tech to SaaS companies, but are rarely given much security oversight.

 Summary Android applications often embed web content using WebView , a component that displays webpages inside the app itself. To improve u...

Malware delivery through Microsoft Teams is an emerging threat. Discover how attackers exploit external chats, which regions they target, and key IOCs defenders must track.

LDAP authentication is everywhere in networks, but intercepting encrypted LDAP traffic can be challenging. LDAP authentication in the web…

Because we can!

What is the main purpose of a Content Management System (CMS)?

We have to accept that when we ask such existential and philosophical questions, we’re also admitting that we have no idea and that there probably isn’t an easy answer (this is our excuse, and…