Security Review #300

This post explores how modifying a Dell UEFI firmware image at the flash level can fundamentally undermine platform security without leaving visible traces in the firmware interface. By directly patching the firmware and reflashing it to the chip, it was possible to disable protections designed to mitigate DMA-based attacks while preserving the appearance of a secure configuration.

We demonstrate how a malicious site can combine fullscreen requests, a GPU‑hanging WebGL shader, the Keyboard‑Lock API, and a hidden Google One‑Tap iframe to spoof a full‑screen Windows lock screen and steal credential.

We review how BPFdoor has evolved beyond a stealth backdoor into a layered access framework. The updated variant combines encrypted HTTPS triggers, proxy-aware command delivery, application-layer camouflage techniques, ICMP-based control signals, and kernel-level packet filtering to bypass multiple layers of modern network defenses.

A step-by-step guide to demonstrates that even highly obfuscated, ChaCha20‑Poly1305‑encrypted C&C channels like SnappyClient can be detected reliably without deep payload inspection, by focusing on protocol-level fingerprints: the packet header, fixed-length framing, and the byte distribution.

In this post, I introduce and demonstrate the attack method Blind Boolean-Based Prompt Injection (BBPI) which is a prompt injection technique where an attacker derives confidential instructions (system prompt) by encoding true/false predicates as user prompts and observing constrained or categorical static outputs.

We detail how the GhostClaw malware campaign uses GitHub repositories and AI-assisted development workflows to deliver credential-stealing payloads on macOS.

We review how threat actors can use toast notifications to trick users into clicking malicious links, harvest credentials or impersonate employees with higher authority through trusted applications.

We review how Sysmon can help overcoming native logging limitations to allow deeper investigation of system and security events.

CVE-2026-20817 is local privilege escalation vulnerability in the Windows Error Reporting service. A low privilege user could simply send a specially crafted ALPC message with a reference to a command line that the service executed with SYSTEM privileges.

Foreign enterprise applications that hold application‑only API permissions can be exploited by attackers who control the external tenant's credentials to siphon data or elevate to privileged role.

I found a race condition in Looker, a Google Cloud product capable of managing Git repositories: when a user deletes a directory, Looker improperly validates the target directory, making it possible to delete the directory containing the repository itself. By exploiting this race condition, an attacker could execute arbitrary commands on the Looker server.

EtherRAT is a Node.js-based backdoor that allows threat actors to run arbitrary commands on compromised hosts, gather extensive system information, and steal assets such as cryptocurrency wallets and cloud credentials. C2 addresses are retrieved using "EtherHiding", a technique to make them using Ethereum smart contracts for storage and updates.

A backdoored versions of the litellm Python package was published after stealing PyPI credentials via a compromised Trivy GitHub Action in LiteLLM's CI/CD pipeline. We review th eentire kill-chain, what happened, and how the three-stage malware works.

We analyze VoidStealer, an infostealer adopting a novel debugger-based Application-Bound Encryption (ABE) bypass technique that leverages hardware breakpoints to extract the v20_master_key directly from browser memory.

In this post I'll explain what a tiering model is, how to break a flat network even when protections are present, and, most importantly, how to build a defense-in-depth network providing practical tips and diagrams.

Through integration of a local LLM with n8n workflows and a Qdrant vector‑database RAG, we streamline N‑day research by automating data collection, context‑rich AI analysis, and reporting for each Patch Tuesday.

We deep dive into Warlock attack chain with new tactics to improve persistence, lateral movement, and defense evasion using an expanded toolset: TightVNC Yuze, and a persistent BYOVD technique leveraging the NSec driver.

We analyze how the Kamasers botnet can disrupt business operations through multi-vector DDoS attacks, resilient infrastructure, and broad attack capabilities.

CVE-2026-33068 is a high-severity configuration loading order defect in Anthropic's Claude Code CLI tool that allows a malicious repository to bypass the workspace trust confirmation dialog.

The compromise of the aquasecurity/trivy-action GitHub Action lead to credential theft operation. In this article, we discuss how this activity was discovered, how the attack works, and what the payload does.

I'm going to walk you through the basics of using Microsoft's free debugger: WinDBG (Classic) and WinDBGX. We're basically going to learn how to use the debuggers, how to install and configure them and how to perform basic elementary tasks using a simple demo application.

Deep-dive into the deployment of an on-premise low-privileged LLM.

Relying on a single-tool LLM for malware analysis produces reports that look authoritative but aren't. We discuss and demonstrate how a serial consensus pipeline catches artifacts and hallucinations at source.

How attacker-controlled email content can manipulate an AI assistant into generating phishing links that leak conversation data through indirect prompt injection

Claud Code is a force multiplier when performing secure code reviews during an assessment. In this post, we discuss how to leverage Claude Code to produce digestible output that helps up better understand analyzed code base while surfacing secure and insecure coding patterns.

LockBit is one of the most prolific and sneaky ransomware families. Memory forensics is very important since LockBit mainly runs in volatile memory, does in-memory decryption/payload loading, self-deletes from disk after encryption, and hardly leaves any persistent artifacts on disk.

The Resource-based Constrained Delegation (RBCD) attack is well-known from pentesters and attackers who can impersonate users on said machine. In this article, we present the cross-domain and cross-forest RBCD workflow, along with an Impacket script implementation to carry out these attacks.

The MacSync Stealer campaign represents a sophisticated macOS threat that leverages SEO poisoning, fake GitHub repositories, and ClickFix social engineering to deliver malware. Attackers manipulate search engine rankings to redirect users to fraudulent repositories impersonating legitimate software, where victims are tricked into executing malicious commands.

In this blog post, we explain how we leaked Qodo Merge Pro's AWS secret key that had Administrator permissions and how we obtained Remote Code Execution on their GitHub app production server. A malicious attacker could have taken over their AWS infrastructure and with the attack on the GitHub app, gained write access to their customers' repositories for a massive supply chain attack.

Cursor implements deeplinks for Model Context Protocol (MCP) to provide a mechanism for installation of MCP servers in Cursor IDE. This blog describes CursorJack, a method of potentially abusing Cursor MCP deeplinks that, under certain conditions, could enable code execution or allow installation of a malicious remote MCP server.

We detail the root cause and code execution chain of CVE-2026-33017, an unauthenticated RCE in Langflow leveraged by attackers to harvest OpenAI, Anthropic, and AWS keys from live instances.

I describe how seemingly minor bugs helped uncover the full impact of more serious issues. By chaining CVE-2026-22765 (remote privilege escalation) and CVE-2026-22766 (authenticated RCE) I could achieve unauthenticated remote code execution (RCE) in Dell Wyse Management Suite (On-Prem).

We detail CVE-2026-28373, a path traversal vulnerability in the Stackfield desktop app leading to a potential RCE on the targeted system.

We discovered a vulnerability in the Android app YTDLnis, allowing attackers to execute code on victim devices. We dive into the technical details and see how yt-dlp, the library used under the hood by the app, can be used by an attacker to execute arbitrary code.

A full step-by-step analysis of Brbbot, a malware that functions as a trojan or bot, or can also be used as a backdoor. We will end in taking full control of the malware.

We analyze a malware campaign using AI-assisted code and fake software downloads in malicious ZIP files.

PolyShell is an unauthenticated unrestricted file upload vulnerability affecting Magento Open Source and Adobe Commerce. In the right conditions, it results in unauthenticated remote code execution. In all conditions, it leaves an attacker-controlled file persistently on disk.

The EspoCRM built-in formula scripting engine bypasses field-level ACL, enabling an admin to overwrite a path-traversal-sensitive field on file attachments. Combined with an unsanitized file path in the upload storage layer, this yields arbitrary file read, arbitrary file write, and full RCE as www-data..

We explore how insecure handling of user input in ArangoDB's Query Language (AQL) can be vulnerable to injection attacks, drawing parallels to SQL injection while highlighting the unique behaviors and opportunities present in AQL.

We discovered multiple vulnerabilities in SolarWinds Web Help Desk: an unauthenticated remote-code execution, static credentials that allowing limited access to authenticated functionality, and a security protection bypass regarding protected site actions.

This post takes you through a supply-chain compromise targeting the EmEditor software distribution channel, where attackers weaponized a trusted WordPress-based download infrastructure to selectively deliver a trojanized MSI installer.

In this article, we'll explore the fundamentals of access control, the various ways it can be broken, and how you can identify and exploit these vulnerabilities effectively to gain unauthorized access to application components and sensitive data.

In this post we attempt to deal with obfuscation and anti-VM capabilities of Aeternum loader, extract hardcoded contract addresses and analyse features and capabilities of the loader.

An introduction to Certificate Transparency (CT), a public, append-only logging system for TLS certificates, created to make certificate issuance observable so that mis-issuance can be detected quickly and independently. Instead of relying only on trust, CT lets anyone audit which certificates were issued for a domain and when they appeared in a public log.

We identify the type of information leaked through Certificate Transparency and their potential impact.

In this article, we explore how to identify and exploit information disclosure vulnerabilities that lead to confidential data disclosure, and learn how to utilize this information for subsequent attacks.

In this article, I will demonstrate the real potential of Cross-Site Scripting (XSS) in Content Management Systems (CMS) and E-Commerce platforms, as well as explore how an attacker could achieve Remote Code Execution (RCE) through XSS in these systems.

An authorization bypass in Kubernetes RBAC allows for nodes/proxy GET permissions to execute commands in any Pod in the cluster.

Device Code flow is a non-interactive OAuth2 authorization mechanism designed for devices or tools that lack a browser or full input interface. This post details the exposed attack surface and the associated risks.

In this third part we describe a way to leverage the infrastructure used to validate certificates in order to distribute messages through the Certificate Transparency Logs.