Security Review #284

In this post we will walk through five security vulnerabilities in Antigravity - the Google's IDE, including data exfiltration vulnerabilities, and even remote command execution via indirect prompt injection.

This article aims to provide the reader with a comprehensive guide to the technical details and the underlying design decisions of process cloning on Windows and how they affect its usability. We will explore why most techniques for code injection via cloning will almost inevitably struggle with evading security products, yet other attack vectors like credential dumping might find their niche.

This blog post explores a bug, (CVE-2025-64755), I found while trying to find a command execution primitive within Claude Code. With the ability to trigger prompt injection, either from a Git repo, a webpage, a MCP server, or countless other sinks, RCE was possible on Claude Code.

We demonstrate that an attacker who can both create/weaponize a dMSA and write to the target principal can complete the mutual pairing and quietly operate with the target's effective privileges shifting telemetry and avoiding some of the noise of classic shadow-creds or roast-based paths.

We identified an active, large-scale supply chain attack involving a destructive malware variant spreading through the npm ecosystem. We provide a technical analysis of the malware, which contains a "dead man's switch" mechanism that threatens to destroy user data if its propagation and exfiltration channels are severed.

This article takes a close look at how Ruby resolves templates and examines the underlying behavior, and identifies the attack surface through the combination of wildcard routing, Zeitwerk auto-loading, and implicit rendering. We illustrate through several vulnerabilities which impact ranges from path traversal to remote command execution (RCE).

Rhadamanthys is a notorious stealer malware that relies on a loader that implements some rather complicated anti-sandboxing/anti-AV-emulation measures. Furthermore, the loader is obfuscated using different layered techniques, making static analysis extremely hard.

We came across CVE-2025-9501, an "Unauthenticated Command Injection" in W3 Total Cache plugin for WordPress, analysed the plugin's cache parsing, and build an exploit for it.

We discovered a remote code execution vulnerability in Microsoft's Update Health Tools through an abandoned Azure Blob. This post details how we found it, how it worked, and what it means for your Windows environment.

This article presents an in-depth analysis of a Windows malware sample known as Virus.Win32.Aidlot. The binary is a 32-bit PE executable, disassembled with IDA Pro. Based on the techniques used and structure, this sample appears to be a modular backdoor or bot client.

Amazon CloudWatch and Amazon OpenSearch Service have launched a new dashboard that simplifies the analysis of AWS Network Firewall logs. In this post, I show you how to build and use the new OpenSearch Service dashboards to analyze Network Firewall logs more efficiently.

We examine the capabilities of WormGPT 4 and KawaiiGPT, two LLMs models built or adapted specifically for offensive purposes.

We go through the steps that led us to discovering credentials stored by user in "JSON formatter" online application .

It's important to know if your NTLM relay will be prevented by integrity protections such as Extended Protection for Authentication (EPA), before setting up for and attempting the attack. In this post, we share how to solve this problem for additional protocols (MSSQL and HTTP), as well as publish RelayInformer tools to automate the solution.

We analyze a simple PHP backdoor which provides the capability to download and execute payloads, as well as some persistence functions. Tests demonstrated that installation of Altera only triggered a medium alarm on our installed EDR, while the execution of further commands via php-win.exe, including the installation of an RMM solution, did not trigger a single alarm.

We investigate a new Shai-Hulud campaign involving new repositories and a new variant that executes malicious code during the preinstall phase, significantly increasing potential exposure in build and runtime environments.

This article documents our successful exploitation against the BeeStation Plus. We walk through the full vulnerability research process, including attack surface enumeration, code auditing, exploit development, and ultimately obtaining a root shell on the target.

We analyzed and simulated EtherHiding to show how attackers use blockchain to hide malware and test defenses against emerging Web3 threats.

We detail a macOS vulnerability that leaked sensitive authentication tokens via file metadata. The issue centers on the kMDItemWhereFroms extended attribute, a macOS feature that stores download URLs in file metadata, including sensitive query parameters and authentication tokens.

Sliver is a command and control (C2) framework implementing a custom Wireguard netstack that does not limit traffic between Wireguard clients. This allows clients to communicate with each other without restrictions, potentially enabling leaked or recovered keypairs to be used to attack operators or allowing port forwardings to be accessible from other implants.

We identified an UXSS vulnerability in Comet, the Perplexity's AI Browser. The flaw lies in the whitelisted origins authorized to toalk to the extension via chrome.runtime.connect() / chrome.runtime.sendMessage(). A single XSS on any whitelisted subdomain is an initial foothold to poke extension surfaces.

We discovered an unauthenticated DoS vulnerability that crashes a self-hosted Next.js server with a single HTTP request and negligible resources.

This guide shows how to set up sigma rules for Elasticsearch SIEM so you can turn community content into Elastic Security rules you can actually run.

In this article, we'll explore the ASP.NET MVC View Engine search pattern - a powerful yet often overlooked mechanism that drives how views, partial views, and layouts are located and rendered. We will walk through the mechanics, confirm the behavior with system traces, and reveal how this pattern becomes the key to bypassing defenses and achieving code execution.

A technical overview of RadzaRat, an Android RAT with zero security vendor detection. Distributed via GitHub, it offers keylogging, file theft, and remote control through Telegram.

In this part we will ocate the memory address of HeapCreate and HeapAlloc by walking the familiar PE headers, and finding our APIs in question manually without help from externs. We will also hash our APIs to make them easier to lookup and lower our static analysis footprint.

In this second part, we see that unpacking VMProtect, if not virtualized, is simply a matter of setting the right breakpoints and navigating the Windows kernel. While restoring the IAT involves some tricks, with the power of emulation and the Unicorn library that hurdle can be overcome as well.

Before the first instruction of macOS kernelcache is fetched, a complex, cryptographic ballet has already concluded within the Application Processor (AP). This article dissects the immutable hardware logic that establishes the initial link in the Chain of Trust.

This post walks through what authentication reflection actually is, why it remains dangerous today, and how the most recent discoveries prove that reflection keeps coming back in places where it really shouldn't. We will also explore how recent Windows behaviors introduced entirely new attack surfaces involving Kerberos, NTLM, SMB, HTTP and DCE/RPC.

We explain how to use now() and ago() functions on a historical data by modifying the current date reference. This approach simplifies historical data analysis and is especially useful for scenarios where you need to analyze events as if they were occurring in real-time.

In this second part, I will use vibe coding to extend the use of MCP for Windows kernel debugging.

We detail the configuration steps for using natural language processing in analyzing a Windows crash dump.

In this article, we will discuss advanced techniques for exploiting confusion across various programming languages arising from differing syntaxes, which I will refer to as "syntax confusion". I'll provide step-by-step guidance, supported by with practical examples, on crafting payloads to confuse syntaxes and parsers - enabling filter bypasses and real-world exploitation.

Lite XL contains vulnerabilities that allow arbitrary code execution and can lead to Remote Code Execution. These vulnerabilities come from the application executing Lua modules and the configuration file directly with no restrictions. Also, the system.exec function is able to run shell commands in an unsafe way, which is a second attack vector and leads to Remote Code Execution.

We detail an exploit development against Lexmark printers focusing on Postscript processor vulnerabilities, specifically memory corruption in Compact Font Format (CFF) parsing. We will explain how to achieve arbitrary read/write primitives, leveraged with ROP gadgets for command execution.

mPDF is an open source PHP library for generating PDFs from HTML. When the library processes a crafted SVG image, it is possible to bypass a stream wrapper blacklist, and execute wrappers like php:// or phar://. Under certain conditions, this can lead to remote code execution, reading local files or server side request forgery.

This blog post covers the full details of EntrySign (CVE-2024-56161), the AMD Zen microcode signature validation vulnerability. We first discuss the background of what microcode is, and how AMD attempts to prevent tampering with microcode. Next, we focus on the microcode patch signature validation process and explain in detail the vulnerability present (using CMAC as a hash function).

A deep dive into the DirtyPipe vulnerability (CVE-2022-0847), its analysis, and an exploit development journey.

In this post I will discuss how I was able to bypass the latest mitigation implemented by Microsoft and develop a new Userland exploit for injecting arbitrary code in a PPL with the highest signer type.

Dynamic-link library (DLL) side-loading and hijacking have been around for years and they are techniques that still work and are used in real-world intrusions. We showcase how to identify vulnerable executables, how to discover new executables susceptible to DLL abuse, and how to weaponize these DLL abuse techniques.

Dirty Vanity is a code-injection technique that abuses forking, a lesser-known mechanism that exists in Windows operating systems. In this post, we will dive deep into forking, explore its legitimate use, and show how it can be manipulated into blind-sighting EDRs by injecting malicious code.