September 22, 2025
September 22, 2025 this was a googlectf challenge btw https://t.co/tC2yYC09At pic.twitter.com/FzaRuBAaWX— Rebane (@rebane2001) September 21, 2025 Thorough...
September 21, 2025
September 21, 2025 Just published some notes on httpjail - this is a really interesting new sandboxing project, it lets you run a process (on macOS or Linux...
September 20, 2025
September 20, 2025 The vast majority of hacking is just credentials. There are four basic ways to get creds:STABSteal: using malware, etc.Try: brute force,...
September 18-19, 2025
September 18-19, 2025 I've been researching the Microsoft cloud for almost 7 years now. A few months ago that research resulted in the most impactful...
September 17, 2025
September 17, 2025 Quite a good Between Two Nerds discussion. Between Two Nerds: The limits of cyber power - Risky Business Media OpenAI literally just...
September 16, 2025
September 16, 2025 When we decompile an APK and see an unreadable https://t.co/BbQf3H943H.bundle, it could be Hermes bytecode. Using https://t.co/DBonMwpUBM...
September 15, 2025
September 15, 2025 Say hello to Eternal Tux🐧, a 0-click RCE exploit against the Linux kernel from KSMBD N-Days (CVE-2023-52440 &...
September 13-14,
September 13-14, There's a sick linenoise article by @iximeow in @phrack 71 called "Learning An ISA By Force Of Will", where ixi goes from unknown binary...
September 12, 2025
September 12, 2025 Scattered Lapsus$ Hunters has provided the following message on breachforums[.]hn.They have essentially retired....
September 11, 2025
September 11, 2025 Claude "File creation" is actually a sandboxed code execution environment and has full internet access.This is great for me, since we now...
September 10, 2025
September 10, 2025 wow... great finds. good writeup, worth a read! :) and if you've ever been to burgerking drivethru, AI is analyzing your convos ;D...
September 9, 2025
September 9, 2025 Great technical writeup on how NodeZero solves Game of Active Directory (GOAD):TL;DR – How NodeZero Solved GOAD in 14 Minutes:NodeZero...
September 8, 2025
September 8, 2025 In this paper, we present CVE-GENIE, an automated, large language model (LLM)-based multi-agent framework designed to reproduce real-world...
September 7, 2025
September 7, 2025 Extensive analysis of PHRACK's "North Korea Files"🇰🇵https://t.co/xLHGlM0NyK🔥 “the most comprehensive and technically intimate disclosures”...
September 6, 2025
September 6, 2025 Did you know that we have over 50 talks from past years of CYBERWARCON available on our YouTube? Catch them here >...
September 5, 2025
September 5, 2025 🚨 Czech cybersecurity agency NÚKIB issues HIGH threat warning about data transfers to China and remote administration of technical assets...
September 4, 2025
September 4, 2025 Between Two Nerds: How threat actors are using AI to run wild - Risky Business Media The Gentlemen Hackers interviewing Halvar Flake:...
September 2-3, 2025
September 2-3, 2025 NEW: The standards of the US Telephone Security Group (TSG), to prevent phones from being turned into a listening...
September 1, 2025
September 1, 2025 Was in a bookshop and asked a worker if he could recommend books to me. He said "Sure, they're great".— Andy Ryan (@ItsAndyRyan) August 30,...
August 30–31, 2025
August 30–31, 2025 New: Tesla said it didn't have critical data in a fatal crash. Then a hacker found it. "For any reasonable person, it was obvious the data...
