Security Review #308

A deep‑dive into Windows Structured Exception Handling (SEH) and Vectored Exception Handling (VEH), explaining their internal mechanisms, and how malware like GuLoader abuses them to obscure control flow. We blend theoretical background, disassembly walkthroughs, and defensive‑evasion demonstrations to help analysts recognize and cope with these exception‑handling tricks.

"npx confusion" is a supply‑chain flaw where npx automatically installs and runs a public‑registry package when a referenced binary isn’t found locally - letting attackers claim unclaimed names (especially for scoped packages) and achieve remote code execution

We discovered a technique that abuses NTFS junctions to generate infinite file paths, causing EDR products to hang and leave files unscanned.

We explain how an attacker can exploit the mismatch between how browsers and servers handle URL fragments to force an infinite redirect loop that ends with Chrome's ERR_TOO_MANY_REDIRECTS page, revealing secret token embedded in the URL that can later be harvested via the Navigation API.

In this post, we look at that risk through Claude Code skills. The important detail is not only that a malicious skill can ask an agent to do something dangerous. It is that dynamic context commands run before the model sees the skill at all. When that happens, model-level prompt injection defenses never get a chance to intervene.

Exposed UIs, weak authentication, and risky defaults could turn cloud-native AI apps on Kubernetes into potential targets by threat actors. This article discusses how exploitable misconfigurations lead to RCE and data leaks.

The article focuses on post-exploitation amplification and demonstrates that once attackers gain execution within the same user context, AI desktop middleware enables credential theft, token decryption, cloud pivoting, MCP abuse, and autonomous operations without requiring administrator privileges or kernel-level escalation.

We found a fully working chain for authentication bypass with no pre-conditions in cPanel (now tracked as CVE-2026-41940). Before this authentication bypass chain, we had also discovered a vulnerability that allowed us to read files as the root user, also without authentication.

We delve into NTFS and registry transactions internals in Windows, how they work using CreateTransaction, CreateFileTransacted, and the Kernel Transaction Manager, and how the Process Doppelganging technique exploits them.

The goal of this blogpost is to understand, through static and a little bit of synamic analysis, how Shai Hulid works, where it hurts, and what defenders can actually do about it.

We describe an out‑of‑bounds heap write in Linux's io_uring zero‑copy receive (ZCRX) implementation. By exploiting this overflow from a container that has CAP_NET_ADMIN (e.g., Cilium or Calico pods) an attacker can corrupt kernel data structures, ultimately enabling a modprobe_path overwrite and a host‑level container escape via call_usermodehelper.

We demonstrate how Zeek (for structured logs) and Arkime (for full PCAPs) packet‑capture - combined with community IDs and JA4+ fingerprints - helps quickly correlate and enrich events such as Nmap scans, SMB access, reverse‑shell downloads, and Sliver C2 activity.

We detail APFS snapshots, one of the most powerful and often misunderstood sources of evidence on a Mac. We will see how they impact what data is available, when it was available, and how that data should be collected.

In this article we fully detail how external PCIe DMA cheats can read and inject game data without any code running on the target PC, and shows how a defender must defend in layers to reliably detect and contain such cheats using a combination of configuration‑space analysis, traffic‑pattern profiling, fault‑rate monitoring, and secure‑boot/remote‑attestation verification.

A DFIR guide to Windows Prefetch forensics, what Prefetch can support as execution evidence, what it can't prove, and how to corroborate findings.

We review how npm lifecycle scripts and VS Code's tasks.json, are being weaponized by threat actors who embed malicious code that runs automatically during package installation, and how such threat can be mitigated.

We uncovered two serious memory‑corruption bugs PHP’s ext/standard module: a heap‑memory disclosure in getimagesize (CVE‑2025‑14177) caused by improper chunk concatenation when reading multi‑chunk JPEG APP segments, and a heap‑buffer overflow in iptcembed where a buffer sized from fstat is overrun while copying stream data.

Phantom Stealer is a two-layer Windows infostealer attack chain that uses a malicious pdh.dll loader, process hollowing into jsc.exe, aggressive anti-analysis checks, browser and wallet theft, and a cryptocurrency clipper to steal credentials, financial data, and crypto-related assets while maintaining stealth and persistence.

In this article, we'll explore how AI assistants behave from a Digital Forensics and Incident Response (DFIR) perspective and examine the artifacts they generate on endpoint systems: conversation and prompt history, file system and workspace artifacts, plugin, extension, and MCP server usage.

We provide a technical deep-dive into advanced AD CS exploitation, including certificate template misconfigurations and shadow credential misuse. Our findings present a comprehensive breakdown of the attacker's toolkit and their evolving operational behaviors.

We review the prerequisites for an efficient reaction to intrusion in an EKS environment, the investigations steps to be taken, and mistakes that should be avoided.

This blog post introduces a new type of Linux telemetry by repurposing chroups, a kernel feature designed to limit system resources, into an effective form of process enrichment. We will see how we unlock valuable telemetry for investigating malicious processes on Linux.

We discovered CVE-2025-65719, a critical RCE in Kubectl MCP Server.If exploited a single webpage visit can compromise clusters.

We discovered CVE-2025-69443, a critical vulnerability in Archon OS that allows a malicious web page to cross web-to-client boundaries via an unauthenticated network request. Exploitation enables extraction of sensitive environment variables and arbitrary command execution on the server UI, allowing an attacker to act fully on the user's behalf.

In this post, we provide a comprehensive analysis of the VIP Keylogger malware family, alongside a deep dive into its script loader’s use of obfuscation and steganography.

This post documents our research into using AI to hack hardware devices. We gave Codex a foothold on a Samsung TV, and given this realistic post-exploitation position, we led AI to take it all the way to root.

We revisit the classic two‑shot kernel shellcode exploit - first disabling SMEP/SMAP, then running user‑space payload - by showing how the newer "CR Pinning" mitigation can be bypassed using a KProbe placed in the tiny window between a mov cr4, ... and the pin‑fixup, together with existing kernel gadgets (e.g., devm_action_release) and the NPerm technique.

We discovered that Microsoft Edge, by default, automatically retained a range of sensitive data outside of its secure storage locations. In this article, we explain how sensitive data can end up in autofill tables and how they can be retrieved.

We detail a collection of tricks for canceling or pausing both server‑side and client‑side browser redirects§. We manage to gain time for attacks such as extracting OAuth codes or forcing user interaction. We provide explanations of each method, their limitations, and concrete JavaScript examples.