Security Review #299

This post presents BYOUD (Bring Your Own Unwinding Data), a new framework that works within CET’s (Control-flow Enforcement Technology) constraints by targeting a different layer entirely: Windows unwind metadata. The techniques described here were developed to answer a simple question: can we spoof call stacks without touching return addresses at all?

We wondered if an LLM could automate the task of gadget discovery; exactly the sort of task an LLM should be well suited for. Over the course of just two days, we were able to implement a new methodology for gadget discovery and demonstrate its effectiveness by finding several new chains.

In this article, we detail how we managed to write an Impacket script that uses WMI and doesn't use the Win32_Process that also doesn't write to the disk, making it more suitable for stealth lateral movement.

With the introduction of chunked transfer encoding in HTTP/1.1, agents gained the ability to send additional headers after the request body, known as trailers or trailer fields. This post explores the security implications of improper trailer parsing by systematically analyzing how a wide range of open-source HTTP libraries, servers, and proxies parse and process them.

A maintainer reviews a pull request, applies a label, and CI builds artefacts. Sounds normal. Except the workflow checks out whatever the PR branch points to now, not what the maintainer actually reviewed. That one-line difference turned a routine label into an entry point for cache poisoning and release tampering in rollup/rollup.

How we found a memory exhaustion vulnerability in DeepDiff that can crash a server with a payload smaller than a tweet - and why millions of Python applications are in its blast radius.

We created an RCE exploit via any wireless/LAN interface and used the exploit to create a full "cloud jailbreak" in Xiaomi Home Security Smart Cameras

We identified a Local Privilege Escalation (LPE) vulnerability affecting default installations of Ubuntu Desktop version 24.04 and later. This flaw (CVE-2026-3888) allows an unprivileged local attacker to escalate privileges to full root access through the interaction of two standard system components: snap-confine and systemd-tmpfiles.

This post breaks down what automated mobile testing does well and where it can improve. I will also discuss why manual testing still provides value in discovering high-impact vulnerabilities.

By improving public MCP server proof-of-concepts and combining them with attack-focused LLM CLI automation, we show how AI can move beyond assistance and into active execution. The result is faster discovery of attack paths, smarter real-time web assessments, and automated attack orchestration that scales with modern environments.

AppDomain Injection is a technique that allows you to execute arbitrary code within .NET Framework applications by hijacking the AppDomain initialization process. This tutorial explains how to leverage this technique to blend into legitimate .NET applications while evading modern security tools.

We document to egress bypasses in harden-runner leveraging DNS over TCP and DNS over HTTP (DoH).

PageJack is a Linux kernel exploitation technique useful to generate a Use After Free (UAF) in the page allocator. In this article we provide a detailed example of how to use it to exploit a Linux kernel vulnerability from 2022.

We discovered that AWS Bedrock AgentCore Code Interpreter’s sandbox mode allows DNS queries, enabling bypass of network isolation through DNS-based command-and-control.

We detail CVE-2026-22729, a JSONPath injection flaw in Spring AI PgVectorStore enabling unauthorized data access due to improper filter handling.

We detail how toidentify and exploit CVE-2024-21626, a critical vulnerability in runc - the container runtime that powers Docker and Kubernetes. This vulnerability allows attackers to escape container sandboxes and gain root access on the host system.

Turning an uncontrolled heap overflow into a reliable QEMU guest-to-host escape using new glibc allocator behavior and QEMU-specific heap spray techniques.

We discovered a high-severity vulnerability in OpenSIPS. The issue, assigned CVE-2026-25554, allows SQL injection in a code path used for authentication. In affected deployments, that allowed an attacker to register as another subscriber, place calls under a trusted identity, or access services protected by SIP authentication.

Unprivileged kernel DoS via NULL pointer dereference of FastMutex affecting Windows 11/Server 2025, marked "Won't Fix" by Microsoft.

We’re documentingRegPwn, an Elevation Of Privilege vulnerability affecting Windows 10 and 11, as well as Windows Server 2012, 2016, 2019, 2022, and 2025 exploiting Windows Accessibility features.

We investigate Agent Commander, a command and control (C2) server where hijacked agents regularly check in for any new tasks and objectives. Unlike classical C2, it doesn’t execute raw OS commands or APIs.

This article documents the misuse of the .arpa TLD, specifically the ip6.arpa reverse DNS zone, as seen in the wild, for phishing purposes, and demonstrates how to write a generic Yara-X rule using PacketSmith's custom pattern identifier dns to detect malicious use of the ip6.arpa reverse DNS zone.

This article demonstrates how to hook COM methods in Windows Subsystem for Linux by leveraging C++ RTTI metadata to reconstruct class layouts and locate virtual methods, enabling precise COM instrumentation without symbols.

CVE-2026-32746, is a BSS-based buffer overflow in telnetd that allows an attacker to corrupt roughly 400 bytes of adjacent variables. We'll go through a few things - how we isolated the vulnerability, what it enables attackers to do (and under what circumstances), and we'll talk about why this particular vulnerability is more of a Pandora's box to exploit than you might think.

We're detailing vulnerabilities we discovered and chained against BMC FootPrints to achieve Pre-authenticated Remote Code Execution.

In this post, we show how to build an agentic malware-analysis workflows that combine strong initial triage with deeper automated recovery of malware structure and behavior.

We identified a critical Remote Code Execution (RCE) vulnerability in Wazuh that allows arbitrary command execution on the master node through insecure deserialization in the cluster communication protocol.

Technical deep dive in to CVE-2026-22730, an SQL injection in Spring AI MariaDB store, its impact on RAG systems, exploitation & mitigation steps.

The article examines how EDR agents monitor macOS and Linux systems by collecting telemetry from OS security frameworks, kernel interfaces, and tools like eBPF. Understanding these data sources reveals detection capabilities and potential blind spots.

We analyze Perseus, a new Device Takeover (DTO) malware family that specifically looks for user-generated content stored in note taking applications.

A technical walkthrough of implementing Early Cascade Injection in Rust by abusing NTDLL shim engine internals, encoded callback pointers, and APC dispatch during early process initialisation.

Three bypasses in Roundcube's HTML sanitizer: SMIL animation attributes load remote resources, unquoted body backgrounds enable CSS injection, and position:fixed !important enables phishing overlays.

We deep dive in CVE-2026-32746 pre-auth buffer overflow in GNU InetUtils telnetd with a hands-on exploit walkthrough.

Modern Windows systems are designed to isolate user environments from the core OS. In that sense, C:\Users\<username> is perhaps the closest thing Windows has to a behavioral map of a specific person using that system. During incident response, this evidence is often the difference between observing suspicious activity and tying that activity to a specific human operator.

We identified privilege escalation vulnerabilities in Broadcom VMware Aria Operations. It is possible to escalate the privileges of an administrative vCenter user to an Aria administrator and take over systems integrated in Aria. Meaning, the vCenter user can gain privileged access to systems they have no access to.

PSpice is a SPICE circuit simulator from Cadence Design Systems that encrypts proprietary semiconductor model files. PSpice supports six encryption modes and 5 of them derive all key material from constants hardcoded in the binary; once those constants are extracted, files in these modes can be decrypted directly.

We quickly review 2 previous authentcation bypasses in Azure (dubbed GraphNinja and GraphGhost) and fous on 2 new ones. GraphGoblin and a "user‑agent" bypass, dubbed Graph****** that can also return fully‑functional tokens by exploiting oversized request parameters, causing the logging insert to overflow and be dropped.

Conquest offers an advanced module system for extending the framework with Beacon Object Files or other third-party offensive tooling. This blog post showcases the creation of new commands using the Python API and serves as reference material for Conquest module development.

Walkthrough of the discovery of an authenticated SQL injection in Kanboard tracked as CVE-2026-33058.

Perfex CRM passed the autologin cookie into unserialize() without validation, giving unauthenticated attackers remote code execution.

We alanyze SILENTCONNECT, a multi-stage loader that leverages VBScript, in-memory PowerShell execution, and PEB masquerading to silently deploy the ScreenConnect RMM tool.

The Behavioral Indicators of Compromise (BIOCs) of Cortex XDR contain numerous exceptions, including global whitelists that can be abused to evade detection even when using simple and well-known TTPs.

This post outlines the finding and analysis of CVE-2025-59284, a libarchive vulnerability in Windows abusing hardlinks to leak NetNTLMv2 hash upon any file opening or archive extraction.

In this blog, we cover how attackers silence Microsoft Defender EDR using tools like EDRSilencer, and how to detect these attacks with key event IDs and an Azure Logic App that monitors device log activity.

A non-programmer built an LLM-augmented Reddit manipulation framework in 12 hours. A technical briefing on AI-driven coordinated inauthentic behavior.

We detail 19+ bugs in Mediatek's MT76xx/MT7915 (and others) wifi chipsets I reported this year, PoCs included!

In this article, we'll present a PoC to implementation of a true dynamic stack spoofer, which will allow us not only to spoof the call stack to our call, but also to hide the real origin of the call, not only during sleep, but also during the program execution.