Dissecting DCOM part 1
https://ift.tt/wWckqg3
Submitted September 17, 2025 at 12:19AM by bagaudin
via reddit https://ift.tt/LFxOjN4
https://ift.tt/wWckqg3
Submitted September 17, 2025 at 12:19AM by bagaudin
via reddit https://ift.tt/LFxOjN4
Synacktiv
Dissecting DCOM part 1
Why I’m going back to the AI Agent Security Summit
https://ift.tt/k0u8Lgw
Submitted September 17, 2025 at 05:34AM by Zemgineer2084
via reddit https://ift.tt/dWZGSc2
https://ift.tt/k0u8Lgw
Submitted September 17, 2025 at 05:34AM by Zemgineer2084
via reddit https://ift.tt/dWZGSc2
Zenity | Secure AI Agents Everywhere
AI Agent Security | AI Agent Security Summit 2025 | Zenity
After launching in NYC, the AI Agent Security Summit heads to San Francisco to continue shaping how enterprises secure the next wave of AI.
Hosting a website on a disposable vape
https://bogdanthegeek.github.io/blog/projects/vapeserver/
Submitted September 17, 2025 at 04:04PM by Titokhan
via reddit https://ift.tt/ih4GkyQ
https://bogdanthegeek.github.io/blog/projects/vapeserver/
Submitted September 17, 2025 at 04:04PM by Titokhan
via reddit https://ift.tt/ih4GkyQ
BogdanTheGeek's Blog
Hosting a WebSite on a Disposable Vape
Someone's trash is another person's web server.
Tiantong-1 and satphone security (part 1)
https://ift.tt/g1hNqr7
Submitted September 17, 2025 at 03:34PM by 2ROT13
via reddit https://ift.tt/niMsOHA
https://ift.tt/g1hNqr7
Submitted September 17, 2025 at 03:34PM by 2ROT13
via reddit https://ift.tt/niMsOHA
www.midnightblue.nl
Tiantong-1 and satphone security: part 1
First part in a series, delving into the previously unexplored Tiantong-1 satellite system, Huawei's Mate 60 Pro smartphone, and general satphone security.
VPN IPv6 leak
https://ift.tt/ZnSPlx1
Submitted September 17, 2025 at 03:34PM by anagogistis
via reddit https://ift.tt/xfY1O7C
https://ift.tt/ZnSPlx1
Submitted September 17, 2025 at 03:34PM by anagogistis
via reddit https://ift.tt/xfY1O7C
Anagogistis
PureVPN IPv6 leak
In late August 2025, I submitted two security reports to PureVPN under their VDP. Three weeks later, I’ve received no response, so I decided to publish the findings to inform other users.
The issues affect both their GUI (v2.10.0) and CLI (v2.0.1) clients…
The issues affect both their GUI (v2.10.0) and CLI (v2.0.1) clients…
Practical guide for hunters: how leaked webhooks are abused and how to defend them
https://ift.tt/0Bg25GV
Submitted September 17, 2025 at 06:05PM by unknownhad
via reddit https://ift.tt/90DQvOX
https://ift.tt/0Bg25GV
Submitted September 17, 2025 at 06:05PM by unknownhad
via reddit https://ift.tt/90DQvOX
Terminal
A step by step guide how to hack webhooks
Practical guide for hunters and defenders: hunting webhooks, detection, PoC examples and mitigations.
BIDI Swap: Unmasking the Art of URL Misleading with Bidirectional Text Tricks
https://ift.tt/yoJ7h0E
Submitted September 17, 2025 at 08:44PM by lohacker0
via reddit https://ift.tt/vySqtuJ
https://ift.tt/yoJ7h0E
Submitted September 17, 2025 at 08:44PM by lohacker0
via reddit https://ift.tt/vySqtuJ
Varonis
BIDI Swap: Unmasking the Art of URL Misleading with Bidirectional Text Tricks
Varonis reveals a decade-old Unicode flaw that enables BiDi URL spoofing and poses phishing risks. Learn how attackers exploit RTL/LTR noscripts and browser gaps.
One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens
https://ift.tt/DRluX7h
Submitted September 17, 2025 at 08:42PM by mepper
via reddit https://ift.tt/Xq0L1St
https://ift.tt/DRluX7h
Submitted September 17, 2025 at 08:42PM by mepper
via reddit https://ift.tt/Xq0L1St
dirkjanm.io
One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens
While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful Entra ID vulnerability that I will probably ever find. One that could have allowed me to compromise every Entra ID tenant in the world (except probably those…
Modus Operandi of Subtle Snail Espionage Group
https://ift.tt/vFAUQkK
Submitted September 19, 2025 at 09:54PM by small_talk101
via reddit https://ift.tt/M1zgnNK
https://ift.tt/vFAUQkK
Submitted September 19, 2025 at 09:54PM by small_talk101
via reddit https://ift.tt/M1zgnNK
TENET CTF
https://ift.tt/jVyGXxL
Submitted September 20, 2025 at 12:08AM by Pretend-Inevitable93
via reddit https://ift.tt/u04pWPy
https://ift.tt/jVyGXxL
Submitted September 20, 2025 at 12:08AM by Pretend-Inevitable93
via reddit https://ift.tt/u04pWPy
Unstop
Capture The Flag - 2025 | 1557733 // Unstop
Find out the best Capture The Flag that match your interests. Prove your mettle and win exciting prizes like job opportunities and cash rewards from leading ... | 2025 | 1557733
Quite cool, apk.sh supports direct bytecode manipulation with no decompilation, this avoids recompilation errors when patching an Android APK.
https://shorturl.cc/dJv
Submitted September 20, 2025 at 04:23AM by Happy_Youth_1970
via reddit https://ift.tt/bJp23Pq
https://shorturl.cc/dJv
Submitted September 20, 2025 at 04:23AM by Happy_Youth_1970
via reddit https://ift.tt/bJp23Pq
Linux Kernel Runtime Guard (LKRG) 1.0 first mature release + talk slides
https://ift.tt/2sPaxMg
Submitted September 21, 2025 at 04:58AM by solardiz
via reddit https://ift.tt/i4ASvNz
https://ift.tt/2sPaxMg
Submitted September 21, 2025 at 04:58AM by solardiz
via reddit https://ift.tt/i4ASvNz
Pentesting Weekly Digest second version
https://ift.tt/rzqoky5
Submitted September 21, 2025 at 07:06AM by Western-Fox-5184
via reddit https://ift.tt/cphYNAG
https://ift.tt/rzqoky5
Submitted September 21, 2025 at 07:06AM by Western-Fox-5184
via reddit https://ift.tt/cphYNAG
Substack
Pentesting Weekly Digest — September 13–19, 2025
Another week, another mix of hardware-level hacks, fresh zero-days, and even law-enforcement news. Let’s break down what mattered most.
EDR-Freeze: A Tool That Puts EDRs And Antivirus Into A Coma State
https://ift.tt/uAW8CHJ
Submitted September 21, 2025 at 08:52AM by Cold-Dinosaur
via reddit https://ift.tt/5VWg6H1
https://ift.tt/uAW8CHJ
Submitted September 21, 2025 at 08:52AM by Cold-Dinosaur
via reddit https://ift.tt/5VWg6H1
Zerosalarium
EDR-Freeze: A Tool That Puts EDRs And Antivirus Into A Coma State
EDR-Freeze exploits the vulnerability of WerFaultSecure to suspend the processes of EDRs and Antimalware, halting the operation of Antivirus and EDR
New Infostealer Campaign Targeting Mac Users via GitHub Pages Claiming to Offer LastPass Premium
https://ift.tt/vm82sig
Submitted September 22, 2025 at 08:13AM by shantanu14g
via reddit https://ift.tt/57TgzBP
https://ift.tt/vm82sig
Submitted September 22, 2025 at 08:13AM by shantanu14g
via reddit https://ift.tt/57TgzBP
Lastpass
Large-Scale Attack Targeting Macs via GitHub Pages Impersonating Companies to Attempt to Deliver Stealer Malware - The LastPass…
Were tracking an ongoing, widespread infostealer campaign targeting Mac users through fraudulent GitHub repositories.
Electron App Vulnerabilities testcases
https://blog.securelayer7.net/electron-app-security-risks/
Submitted September 22, 2025 at 10:52AM by Ok_Air_3932
via reddit https://ift.tt/j2Qo1kY
https://blog.securelayer7.net/electron-app-security-risks/
Submitted September 22, 2025 at 10:52AM by Ok_Air_3932
via reddit https://ift.tt/j2Qo1kY
SecureLayer7 - Offensive Security, API Scanner & Attack Surface Management
Electron Research in Desktop apps [Part 1]
What's electron?, the design of electron desktop app, the story bug of the bug, the static code of the bug and how to find it, how to develop it and explain the code, explain how to discover it,...
The God Mode Vulnerability That Should Kill “Trust Microsoft” Forever
https://ift.tt/TVdEsFo
Submitted September 22, 2025 at 10:36AM by tidefoundation
via reddit https://ift.tt/dD1l2z5
https://ift.tt/TVdEsFo
Submitted September 22, 2025 at 10:36AM by tidefoundation
via reddit https://ift.tt/dD1l2z5
Medium
The God Mode Vulnerability That Should Kill “Trust Microsoft” Forever
Why vendors can’t and shouldn’t be trusted
Journeys in Hosting 1/x - Precomputed SSH Host Keys
https://ift.tt/ZPwrCXF
Submitted September 23, 2025 at 03:35AM by jtkchicago
via reddit https://ift.tt/t8BjuDS
https://ift.tt/ZPwrCXF
Submitted September 23, 2025 at 03:35AM by jtkchicago
via reddit https://ift.tt/t8BjuDS
dataplane.org
John Kristoff - Journeys in Hosting 1/x - Precomputed SSH Host Keys
BlackLock Ransomware: From Meteoric Rise to Sudden Disruption
https://ift.tt/TDgpobR
Submitted September 23, 2025 at 01:05PM by Koyaanisquatsi_
via reddit https://ift.tt/56LtDs4
https://ift.tt/TDgpobR
Submitted September 23, 2025 at 01:05PM by Koyaanisquatsi_
via reddit https://ift.tt/56LtDs4
Wealthari
BlackLock Ransomware: From Meteoric Rise to Sudden Disruption
BlackLock has quickly climbed the ranks in the global ransomware scene, setting new benchmarks for attack frequency and technical complexity. Emerging in March 2024 under the name El Dorado, t…
Image Forensics: Detecting AI Fakes with Compression Artifacts
https://ift.tt/SWn7AEL
Submitted September 23, 2025 at 10:17PM by Doch88
via reddit https://ift.tt/rPoThLs
https://ift.tt/SWn7AEL
Submitted September 23, 2025 at 10:17PM by Doch88
via reddit https://ift.tt/rPoThLs
Tea continued - Unauthenticated access to 150+ Firebase databases, storage buckets and secrets
https://ift.tt/5D06Evc
Submitted September 24, 2025 at 12:14AM by Woowowow91
via reddit https://ift.tt/CQHYdku
https://ift.tt/5D06Evc
Submitted September 24, 2025 at 12:14AM by Woowowow91
via reddit https://ift.tt/CQHYdku
ice0.blog
Tea continued - Unauthenticated access to 150+ Firebase databases, storage buckets and secrets
Introducing OpenFirebase - Time to clean up the Firebase mess