Alexandre Cheron's Avatar

Alexandre Cheron

@axcheron.bsky.social

Hacker. Security Researcher. Bytes Addict. Became self-aware at 5:32 a.m. Almost Human. Shall we play a game?

31 Followers  |  49 Following  |  156 Posts  |  Joined: 09.02.2024  |  1.8233

Latest posts by axcheron.bsky.social on Bluesky

Preview
Catching Credential Guard Off Guard - SpecterOps Uncovering the protection mechanisms provided by modern Windows security features and identifying new methods for credential dumping.

Catching Credential Guard Off Guard specterops.io/blog/2025/10...

23.10.2025 19:56 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
r-tec Blog | Bypass AMSI in 2025 This blog post will shed some light on what's behind AMSI (roughly, but hopefully easy to understand) and how you can still effectively bypass it - more than four years later.

Bypass AMSI in 2025 #AMSI www.r-tec.net/r-tec-blog-b...

23.10.2025 19:41 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely Redis fixes 13-year CVSS 10 flaw allowing Lua script-based remote code execution in all versions.

13-Year-Old Redis Flaw Exposed: CVSS 10.0 Vulnerability Lets Attackers Run Code Remotely #Redis #RCE thehackernews.com/2025/10/13-y...

07.10.2025 21:07 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens While preparing for my Black Hat and DEF CON talks in July of this year, I found the most impactful Entra ID vulnerability that I will probably ever find. One that could have allowed me to compromise ...

One Token to rule them all - obtaining Global Admin in every Entra ID tenant via Actor tokens #Microsoft #EntraID dirkjanm.io/obtaining-gl...

18.09.2025 14:33 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
ksmbd - Fuzzing Improvements and Vulnerability Discovery (2/3) ยท Doyensec's Blog ksmbd - Fuzzing Improvements and Vulnerability Discovery (2/3)

ksmbd - Fuzzing Improvements and Vulnerability Discovery (2/3) #Fuzzing blog.doyensec.com/2025/09/02/k...

04.09.2025 19:47 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel Some memory corruption bugs are much harder to exploit than others. They can involve race conditions, crash the system, and impose limitations that make a researcher's life difficult. Working with suc...

Kernel-hack-drill and a new approach to exploiting CVE-2024-50264 in the Linux kernel #Linux #Kernel a13xp0p0v.github.io/2025/09/02/k...

03.09.2025 23:19 โ€” ๐Ÿ‘ 1    ๐Ÿ” 1    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
WinRAR zero-day exploited to plant malware on archive extraction A recently fixed WinRAR vulnerability tracked asย CVE-2025-8088 wasย exploited as a zero-day in phishing attacks to install the RomCom malware.

WinRAR zero-day exploited to plant malware on archive extraction. #WinRAR #0day www.bleepingcomputer.com/news/securit...

10.08.2025 23:57 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
From Chrome renderer code exec to kernel with MSG_OOB Posted by Jann Horn, Google Project Zero Introduction In early June, I was reviewing a new Linux kernel feature when I learned about the...

Project Zero: From Chrome renderer code exec to kernel with MSG_OOB
googleprojectzero.blogspot.com/2025/08/from...

08.08.2025 17:02 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
ReVault flaws let hackers bypass Windows login on Dell laptops ControlVault3 firmware vulnerabilitiesย impacting over 100 Dell laptop modelsย can allow attackers to bypass Windows login and install malware that persists across system reinstalls.

ReVault flaws let hackers bypass Windows login on Dell laptops www.bleepingcomputer.com/news/securit...

06.08.2025 18:05 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
SonicWall urges admins to disable SSLVPN amid rising attacks SonicWall has warned customers to disable SSLVPN services due to ransomware gangs potentially exploiting an unknown security vulnerability in SonicWall Gen 7 firewalls to breach networks over the past...

SonicWall urges admins to disable SSLVPN amid rising attacks #SonicWall www.bleepingcomputer.com/news/securit...

05.08.2025 22:03 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access Active SharePoint exploits since July 7 target governments and tech firms globally, risking key theft and persistent access.

Hackers Exploit SharePoint Zero-Day Since July 7 to Steal Keys, Maintain Persistent Access #0day thehackernews.com/2025/07/hack...

22.07.2025 13:48 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
CVE-2025-1729 - Privilege Escalation Using TPQMAssistant.exe

CVE-2025-1729 - Privilege Escalation Using TPQMAssistant.exe

trustedsec.com/blog/cve-202...

09.07.2025 16:58 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Applocker bypass on Lenovo machines โ€“ The curious case of MFGSTAT.zip This blogpost is about a minor discovery I made regarding a writeable file inside the Windows folder that is present on Lenovo machines. Initially when I found it I thought it was only a handful ofโ€ฆ

Applocker bypass on Lenovo machines โ€“ The curious case of MFGSTAT.zip oddvar.moe/2025/07/03/a...

04.07.2025 16:56 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms Chinese hackers exploited Ivanti CSA zero-days, targeting French government, media, and telecom sectors in September 2024.

Chinese Hackers Exploit Ivanti CSA Zero-Days in Attacks on French Government, Telecoms thehackernews.com/2025/07/chin... #Ivanti #0day

03.07.2025 15:08 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Over 1,200 Citrix servers unpatched against critical auth bypass flaw Over 1,200 Citrix NetScaler ADC and NetScaler Gateway appliances exposed online are unpatched against a critical vulnerability believed to be actively exploited, allowing threat actors to bypass authe...

Over 1,200 Citrix servers unpatched against critical auth bypass flaw #Citrix www.bleepingcomputer.com/news/securit...

30.06.2025 12:14 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Instagram ads mimicking BMO, EQ Bank are finance scams Instagram ads impersonating financial institutions like Bank of Montreal (BMO) and EQ Bank (Equitable Bank) are being used to target Canadian consumers with phishing scams and investment fraud. Some ...

Instagram ads mimicking BMO, EQ Bank are finance scams
www.bleepingcomputer.com/news/securit...

18.06.2025 21:10 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability CISA warns CVE-2023-0386 is being actively exploited, impacting Linux systems via OverlayFS. Patching is urgent.

CISA Warns of Active Exploitation of Linux Kernel Privilege Escalation Vulnerability thehackernews.com/2025/06/cisa... #Linux

18.06.2025 14:08 โ€” ๐Ÿ‘ 1    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware Apple patched zero-day flaws exploited to deploy Paragonโ€™s Graphite spyware targeting journalists and civil society, raising global spyware concerns.

Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware thehackernews.com/2025/06/appl... #Apple

13.06.2025 11:02 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Streaming Zero-Fi Shells to Your Smart Speaker In October 2024, RET2 participated in the โ€œSmall Office / Home Officeโ€ (SOHO) flavor of Pwn2Own, a competition which challenges top security researchers to c...

Streaming Zero-Fi Shells to Your Smart Speaker |
Exploiting the Sonos Era 300 with a Malicious HLS Playlist blog.ret2.io/2025/06/11/p...

11.06.2025 19:12 โ€” ๐Ÿ‘ 2    ๐Ÿ” 1    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them. The publicly available exploits provide a near-universal way to bypass key protections.

Found in the wild: 2 Secure Boot exploits. Microsoft is patching only 1 of them arstechnica.com/security/202...

10.06.2025 21:53 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access โ€” Even When Uploading Just One File OneDriveโ€™s OAuth flaw grants full cloud access via vague prompts + insecure tokens = user data risk.

Microsoft OneDrive File Picker Flaw Grants Apps Full Cloud Access โ€” Even When Uploading Just One File thehackernews.com/2025/05/micr...

28.05.2025 22:25 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages Guest post by Dillon Franke, Senior Security Engineer , ย 20% time on Project Zero Every second, highly-privileged MacOS system daemons...

Breaking the Sound Barrier Part I: Fuzzing CoreAudio with Mach Messages googleprojectzero.blogspot.com/2025/05/brea...

09.05.2025 20:04 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Supercharging Ghidra: Using Local LLMs with GhidraMCP via Ollama and OpenWeb-UI Reverse engineering binaries often resembles digital archaeology: excavating layers of compiled code, interpreting obscured logic, andโ€ฆ

Supercharging Ghidra: Using Local LLMs with GhidraMCP via Ollama and OpenWeb-UI
medium.com/@clearblueja...

30.04.2025 17:28 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Apple 'AirBorne' flaws can lead to zero-click AirPlay RCE attacks โ€‹A set of security vulnerabilities in Apple's AirPlay Protocol and AirPlay Software Development Kit (SDK) exposed unpatched third-party and Apple devices to various attacks, including remote code exec...

Apple 'AirBorne' flaws can lead to zero-click AirPlay RCE attacks www.bleepingcomputer.com/news/securit...

29.04.2025 17:49 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
iOS and Android juice jacking defenses have been trivial to bypass for years New ChoiceJacking attack allows malicious chargers to steal data from phones.

iOS and Android juice jacking defenses have been trivial to bypass for years arstechnica.com/security/202...

28.04.2025 18:19 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Ghosting AMSI: Cutting RPC to disarm AV In this post, we explore how to bypass AMSIโ€™s scanning logic by hijacking the RPC layer it depends onโ€Šโ€”โ€Šspecifically the NdrClientCall3โ€ฆ

Ghosting AMSI: Cutting RPC to disarm AV medium.com/@andreabocch...

25.04.2025 21:18 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools ARMO shows io_uring-based rootkits evade Falco, Tetragon, and Defender, risking Linux runtime security.

Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools thehackernews.com/2025/04/linu...

24.04.2025 17:18 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
CVE-2025-24054 Under Active Attackโ€”Steals NTLM Credentials on File Download Windows flaw CVE-2025-24054 actively exploited since March 19 to leak NTLM hashes via phishing attacks.

CVE-2025-24054 Under Active Attackโ€”Steals NTLM Credentials on File Download
thehackernews.com/2025/04/cve-...

18.04.2025 18:06 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Task Schedulerโ€“ New Vulnerabilities for schtasks.exe UAC bypass, metadata poisoning, and log overflow vulnerabilities in Windows Task Scheduler reveal new tactics for defense evasion and privilege escalation

Task Schedulerโ€“ New Vulnerabilities for schtasks.exe cymulate.com/blog/task-sc...

16.04.2025 18:55 โ€” ๐Ÿ‘ 0    ๐Ÿ” 1    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0
Preview
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence Apache Roller flaw CVE-2025-24859 keeps sessions active after password changes, risking persistent access.

Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence thehackernews.com/2025/04/crit...

15.04.2025 17:11 โ€” ๐Ÿ‘ 0    ๐Ÿ” 0    ๐Ÿ’ฌ 0    ๐Ÿ“Œ 0

@axcheron is following 20 prominent accounts