phrack.org/issues/68/2#...
Another legend has crossed over. Thank you @fxv2.bsky.social for being your kind, brilliant self, whose contributions are too many to name, not just in hacking, but in being a superconnector who I now know is responsible for so many friendships & marriages. You are missed.
On a recent engagement, we exploited a previously disclosed privilege escalation bug in Tenable's Nessus Agent. No public PoC was available, so we made one; check it out here github.com/atredispartn...
26.02.2026 18:43 β π 3 π 4 π¬ 0 π 0
In the final part of his blog series, @tiraniddo.dev tells the story of how a bug was introduced into a Windows API.
Code re-writes can improve security, but itβs important not to forget the security properties the code needs to enforce in the process.
projectzero.google/2026/02/gphf...
The Cycle 2 deadline for the USENIX WOOT Conference is in just one week (March 3, 2026).
Full details are available in the Call for Papers:
www.usenix.org/conference/w...
[RSS] Discovery & Analysis of CVE-2025-29969
www.safebreach.com ->
(Windows MS-EVEN RPC Remote Code Execution Vulnerability)
Original->
Guess what's out :)
19.02.2026 14:10 β π 5 π 3 π¬ 0 π 0
We have disclosed CVE-2026-2329, a critical unauth stack-based buffer overflow vuln affecting the Grandstream GXP1600 series of VoIP phones. Read our disclosure on the @rapid7.com blog, including technical details for unauth RCE, and accompanying @metasploit-r7.bsky.social modules: r-7.co/4tIzope
18.02.2026 14:39 β π 3 π 5 π¬ 0 π 0
A suspected Chinese APT, UNC6201, is exploiting a zero-day in Dell RecoverPoint for Virtual Machines
cloud.google.com/blog/topics/...
Three-part series Binarly on Supermicro BMC firmware authentication bypasses
Part 1: www.binarly.io/blog/ghost-i...
Part 2: www.binarly.io/blog/broken-...
Part 3: www.binarly.io/blog/have-yo...
#infosec
[RSS] IDA Pro 9.3 released
docs.hex-rays.com ->
Original->
It took less than a day. A PoC for BeyondTrust CVE-2026-1731 hit GitHub, and GreyNoise immediately started seeing reconnaissance from multi-exploit actors hiding behind VPNs + custom tooling. See what our data reveals about whoβs mapping targets + how.
12.02.2026 18:13 β π 2 π 2 π¬ 0 π 1The February 2026 security updates are available:
10.02.2026 21:17 β π 2 π 2 π¬ 0 π 0
We just published our @rapid7.com analysis of CVE-2026-1731, a critical command injection affecting BeyondTrust Privileged Remote Access (PRA) & Remote Support (RS). Unauthenticated RCE, with a root cause due to Bash arithmetic evaluation. Analysis/PoC here: attackerkb.com/topics/jNMBc...
10.02.2026 15:07 β π 3 π 1 π¬ 0 π 1Atredis identified a vulnerability in the way Rapid7's Nexpose was generating passwords to protect its Java KeyStore which is used to encrypt saved credentials. This vulnerability was reported to Rapid7 and a patch is being rolled out today! Check out the details here: github.com/atredispartn...
09.02.2026 19:27 β π 0 π 2 π¬ 0 π 0
The remarkable true story of how Flash was deprecated
medium.com/@aglaforge/w...
AMD updates installed without signature checking (from an HTTP link, no less)? /via @drwhax
mrbruh.com ->
Recent report about a nation-state implant that would be useful to exploit this:
blog.talosintelligence.com ->
Original->
CVE-2025-6978: Arbitrary Code Execution in the #Arista NG Firewall - our researchers took a deep dive into this recently patched RCE to provide root cause and detection guidance. Read all the details at www.zerodayinitiative.com/blog/2026/2/...
05.02.2026 16:48 β π 4 π 3 π¬ 0 π 0
Some IOCs for the Notepad++ backdoors from Rapid7, they're good. www.rapid7.com/blog/post/tr...
I will drop more later.
Registration is open to all RECon classes!
As usual, Iβll be teaching Windows Internals. This is the only time this year that the class is offered in North America π
And if windows isnβt your thing, there are lots of other great classes!
recon.cx/2026/en/trai...
Our intrepid 20%-er Dillon Franke exploited a vulnerability in CoreAudio. See his process for gaining privilege escalation on a Mac:
projectzero.google/2026/01/soun...
@steven.srcincite.io did some cool stuff, check it out!
srcincite.io/blog/2026/01...
Hadn't realised that the third party review of Twitter's chat protocol had been published and wow github.com/trailofbits/...
28.01.2026 18:21 β π 119 π 35 π¬ 2 π 6
Command & Conquer'd: worming RCEs through a classic multiplayer game. Check out the full writeup from our @districtcon.bsky.social Junkyard submission here:
www.atredis.com/blog/2026/1/...
By @droner.bsky.social and @jordan9001.bsky.social
#Security #modding #rce
New blog post is live! Xusheng tears apart a tiny Linux binary that really does not want to be reversed. Malformed ELF headers, segment tricks, layered XOR and RC4, plus a bunch of Binary Ninja tricks along the way. Read it here: binary.ninja/2026/01/23/r...
27.01.2026 15:31 β π 7 π 3 π¬ 0 π 0
[RSS] Districton 1 Slides - Control the Variables and You Control the Code: Language-Level Vulnerabilities in Adobe ColdFusion
www.hoyahaxa.com ->
Original->
Demystifying CVE-2025-47987 [Heap-based buffer overflow in Windows Cred SSProvider Protocol LPE]
kryptoenix.github.io ->
Original->
You like technical deep dives into binary exploitation and crazy heap wizardry? Then you'll like our blog post about unauth'ed RCE in NetSupport Manager aka CVE-2025-34164 & CVE-2025-34165 code-white.com/blog/2026-01...
23.01.2026 12:28 β π 7 π 9 π¬ 0 π 1
New Cisco zero-day, CVE-2026-20045
sec.cloudapps.cisco.com/security/cen...
This may be the only offering of my fuzzing class at a conference this year and includes updates for targeting edge devices and arm64!
20.01.2026 20:01 β π 2 π 1 π¬ 0 π 0
Days since somebody dropped a huge 0-day on the oss-security mailing list: 0
seclists.org/oss-sec/2026...
