Security Review #291

In this blog post, we’ll cover a specific threat actor and demonstrate how much can be learned by exploiting vulnerabilities in the threat actor’s infrastructure.

Skills extend AI assistants with new features. But when execution gets delegated to an agent with ambient authority (shell, network, filesystem access), you're looking at infrastructural risk. Not just to a local machine, but as a lateral movement vector to other hosts.

DNS sinkholing does not erase abuse infrastructure but captures it at the moment of intervention. This post starts from that observation. By looking at sinkhole activity at scale, using passive DNS alone, it becomes possible to recover signals about how abuse infrastructure was organised before it was taken down.

Vulnerabilities inherent in the trust mechanisms of fundamental network protocols reveal that unencrypted tunnels can become fatal backdoors in enterprise intranets: IP spoofing combined with common tunnelling protocols - specifically Generic Routing Encapsulation (GRE) and Virtual Extensible LAN (VXLAN) - can be leveraged to infiltrate intranets without initial access credentials.

This research introduces two techniques for Code Injection and SSTI: Error-Based and Boolean Error-Based Blind. I will provide payloads for Code Injection and SSTI in five programming languages: Python, PHP, Java, Ruby and NodeJS. Moreover, I will provide universal detection payloads, capable of quickly detecting even blind injections.

Every 12 seconds, risk-free profit is auctioned for millions on the Ethereum network. I found a race condition vulnerability in the Flashbots Ethereum MEV-Boost relay that allows attackers to hijack MEV auctions and trick validators. If exploited, attackers don't have to pay to win the auction.

We detail a supply-chain vulnerability in a shared analytics tool from Meta causing JavaScript execution in Meta's public and internal domains inside authenticated browsers. Once code execution is achieved on a Meta surface, further escalation becomes possible - including interaction with Facebook endpoints, account takeover, and even remote code execution.

In the world of modern cloud deployments, "memory acquisition" takes on new, urgent complexity as the traditional rarely apply in environments run by APIs, ephemeral VMs, and containers spun up and destroyed in seconds. In this article, I'll walk through real-world cloud and container scenarios, with a pragmatic lens for the decisions that every modern DFIR analyst faces.

This article aims to explain how to design and write a modern unix-compatible fuzzer, comparable to AFL++, libFuzzer or LibAFL, from scratch.

A technical analyzis of WannaMine, a sophisticated, file-less cryptojacking worm that primarily utilizes "living-off-the-land" techniques and operates almost entirely within system memory, leveraging legitimate administrative tools such as PowerShell and Windows Management Instrumentation (WMI) to maintain persistence and execute malicious code.

We briefly review the concepts of Golden Ticket attacks and provide a step by step walkthrough of the different stages. We then identify detection opportunities for the ticket generation stage and when it is used.

In this post, we'll look how an adversary can mint authentication cookies for Next.js (next-auth/Auth.js) applications to maintain persistent access to the application as any user.

This post describes the problems we encountered in exploiting CVE-2025-54957 and CVE-2025-36934 - 2 vulnerabilities on Google Pixel 9 - and recommendations for improvement.

We dissect CVE-2026-24061, an authentication bypass in the GNU Inetutils Telnetd, review the RFC 1572 protocol logic, and detail the environment injection mechanics.

This blog entry provides an in-depth analysis of the multistage delivery of the Evelyn information stealer, which was used in a campaign targeting software developers.

In this first part of the series I describe how we exploited CVE-2025-54957, an out of bounds write in Dolby's DDPlus Unified Decoder, to gain arbitrary code execution in the mediacodec context of a Google Pixel 9.

We review the attack surface exposed by the Active Directory primaryGroupID attribute. We see how an adversary can set a user's primaryGroupID to 512 (Domain Admins) and effectively become a member of that group, and how he vcan modify the Discretionary Access Control List (DACL) to effectively hide group membership from all users in the forest, even Domain Admins.

FXAuth is Meta’s shared authentication system used across Facebook, Instagram, and Meta (Horizon / VR). It is used by Accounts Center for account linking, re-authentication, and sensitive action confirmation. This write-up documents a redirect flaw in the FXAuth flow that allows the token to be exfiltrated and reused, enabling account linking and takeover in as little as two interactions.

This post covers CVE-2026-23993, an authentication bypass in HarbourJwt where any unrecognized JWT algorithm value in the header causes signature verification to be bypassed.

We noticed that it was possible to issue a "stop trace" code to a target ETW session that had an undocumented "security trace" flag enabled, without (seemingly) the necessary privileges required. Yet we were able to stop the trace session with only administrative privileges, without any special signing or elevated protection level.

This post breaks down how I discovered an XSS vulnerability on Salesforce and how I escalated it to steal OAuth tokens by leveraging the Cloudflare WAF as a gadget.

In this blog post, we will explore the major historical operations of the Prince of Persia, highlight their notable campaigns against political and civil society targets, and examine the group's tactics, techniques, and procedures to understand how they conduct persistent cyber-espionage.

In this second part, we describe how we exploited CVE-2025-36934, a use-after-free vulnerability in bigo_worker_thread, to escalate privileges from mediacodec to kernel on a Google Pixel 9.

This blog post analyzes the latest version of Turla's Kazuar v3 loader. The upgraded loader heavily utilizes the Component Object Model (COM) and employs patchless Event Tracing for Windows (ETW) and Antimalware Scan Interface (AMSI) bypass techniques, as well as a control flow redirection trick, alongside various other methods to evade security solutions.

This article demonstrates an attack technique where a seemingly benign webpage uses client-side API calls to trusted large language model (LLM) services for generating malicious JavaScript dynamically in real time. These snippets are returned via the LLM service API, then assembled and executed in the victim's browser at runtime, resulting in a fully functional phishing page.

We delve into an Authentication Bypass vulnerability in SmarterTools SmarterMail, allowing any user to reset the system administrator password.

Landlock is a Linux Security Module (LSM) that allows the creation of sandboxes for your applications, on top of the existing system-wide access control mechanisms. This blogpost explore how it can be also considered as an interesting security mechanism and a valuable source of telemetry for detection engineering.

SvelteKit's Node adapter is vulnerable to a native SSRF (CVE-2025-67647). This blog walks through the process that lead to the finding of this vulnerability as well as the discovery of a one‑shot Denial of Service.

A technical analysis of VoidLink, the first evidently documented case of a truly advanced malware framework authored almost entirely by artificial intelligence, likely under the direction of a single individual.

We detail CVE-2026-22200 a vulnerability in osTicket that allows anonymous attackers to read arbitrary files from the server by injecting malicious PHP filter chain expressions into a ticket and then exporting it to PDF. This can be exploited to exfiltrate sensitive files, embedded as bitmap images within the PDF, or achieve remote code execution when chained with CVE-2024-2961.

This write-up describes how Meta's cross-window messaging security controls can be abused to steal first-party OAuth codes and generate first-party Instagram access tokens, ultimately enabling Instagram and Facebook account takeovers under realistic conditions.

This article details the end-to-end compromise of an API Gateway, from initial subdomain reconnaissance and API fuzzing to achieving an interactive reverse shell via unsafe Java deserialization in unauthenticated cluster sync endpoints.

In this article, we contextualize the risks associated with LLM Content Injection from the point of view of browser security. We propose an approach based on the security model of CORS to Agentic technologies to address common attacks against tool calling.

To digital investigators, a website is a map of hidden connections. If you’re following a network of shell companies or a coordinated disinformation campaign, SSL certificates, historical registration logs, and shared server headers can lead you to the architect. This guide offers a set of tools and a methodology for identifying who owns and runs hidden websites.

React Server Components (RSC) promise less client-side JavaScript, but that convenience can hide serious risk. This post discusses CVE-2025-55182 (CVSS 10.0) enables critical RCE in the RSC ecosystem, why it happened, and how the public exploit works against React's server-side handling.

In this post, I walk through how vulnerabilities in GitHub’s new Copilot Agent could allow attackers to steal secrets from repositories using a complex but easy to trigger chain of bugs. I also cover how introducing AI agents into build pipelines introduces new privilege escalation techniques.

In this blog, we'll demonstrate how Azure Seamless SSO provides a legitimate authentication flow to pivot into Entra ID and complete the escalation chain to Global Administrator.

This write‑up tells the story of how traffic aimed at /.well-known/acme-challenge/ could reach origins behind Cloudflare even when the rest of the application was blocked by customer rules, why that matters, how we proved it with restraint, and how the issue is now fixed.

We detail and provide POC for CVE-2025-59287, an RCE vulnerability in Microsoft Windows Server Update Services (WSUS), caused by unsafe deserialization of AuthorizationCookie data through. It allows an unauthenticated attacker to achieve remote code execution with SYSTEM privileges.

The Worldline Yomani XR is a payment terminal trusted across Europe and quietly exposes a root shell. In this article we connect, observe, and uncover how layered security collapses when a single debug interface is left unprotected.