<![CDATA[ ParaCyberBellum Security Review ]]>

<![CDATA[ ParaCyberBellum Security Review ]]> https://library.paracyberbellum.io/rss en Tue, 19 May 2026 04:24:37 +0000 <![CDATA[ [ARTICLE] Hack the Elephant One Bite at a Time: JPEG-Related Memory-Safety Bugs in PHP ]]> https://swarm.ptsecurity.com/hack-the-elephant-one-bite-at-a-time-jpeg-related-memory-safety-bugs-in-php/ https://swarm.ptsecurity.com/hack-the-elephant-one-bite-at-a-time-jpeg-related-memory-safety-bugs-in-php/ Mon, 18 May 2026 06:54:09 +0000 <![CDATA[ [ARTICLE] The Good, the bad, and the ugly of Microsoft Edge's autofill databases ]]> https://www.reliancecyber.com/blog/the-good-the-bad-and-the-ugly-of-edges-autofill-databases/ https://www.reliancecyber.com/blog/the-good-the-bad-and-the-ugly-of-edges-autofill-databases/ Mon, 18 May 2026 06:45:17 +0000 <![CDATA[ [ARTICLE] The AI Middleware Risks in Claude Desktop ]]> https://cyberdom.blog/the-ai-middleware-risks-in-claude-desktop/ https://cyberdom.blog/the-ai-middleware-risks-in-claude-desktop/ Mon, 18 May 2026 06:40:43 +0000 <![CDATA[ [ARTICLE] Behind the Code: The Layered Defense-Evasion of VIP Keylogger ]]> https://www.splunk.com/en_us/blog/security/behind-the-code-layered-defense-evasion-vip-keylogger.html https://www.splunk.com/en_us/blog/security/behind-the-code-layered-defense-evasion-vip-keylogger.html Mon, 18 May 2026 06:36:56 +0000 <![CDATA[ [ARTICLE] Investigating server compromises with cgroups: A Linux DFIR primer ]]> https://redcanary.com/blog/threat-detection/linux-cgroups/ https://redcanary.com/blog/threat-detection/linux-cgroups/ Mon, 18 May 2026 06:34:28 +0000 <![CDATA[ [ARTICLE] CVE-2025-69443: Archon OS Vulnerable To Web-To-Client Attack ]]> https://www.ox.security/blog/cve-2025-69443-archon-os-vulnerable-to-unauthenticated-web-to-client-attack/ https://www.ox.security/blog/cve-2025-69443-archon-os-vulnerable-to-unauthenticated-web-to-client-attack/ Mon, 18 May 2026 06:31:45 +0000 <![CDATA[ [ARTICLE] CVE-2025-65719: Critical RCE in Kubectl MCP Server ]]> https://www.ox.security/blog/cve-2025-65719-critical-rce-in-kubectl-mcp-server/ https://www.ox.security/blog/cve-2025-65719-critical-rce-in-kubectl-mcp-server/ Mon, 18 May 2026 06:30:09 +0000 <![CDATA[ [ARTICLE] How malware abuses npm lifecycle scripts and VS Code tasks ]]> https://opensourcemalware.com/blog/malware-abuses-vscode-lifecycle-scripts https://opensourcemalware.com/blog/malware-abuses-vscode-lifecycle-scripts Mon, 18 May 2026 06:28:47 +0000 <![CDATA[ [ARTICLE] AI Artifacts: A New Layer of Endpoint Activity to Hunt ]]> https://nebulock.io/blog/ai-artifacts-a-new-layer-of-endpoint-activity-to-hunt https://nebulock.io/blog/ai-artifacts-a-new-layer-of-endpoint-activity-to-hunt Mon, 18 May 2026 06:25:16 +0000 <![CDATA[ [ARTICLE] How to respond to an incident in Kubernetes ]]> https://www.invictus-ir.com/news/incident-response-in-kubernetes-eks https://www.invictus-ir.com/news/incident-response-in-kubernetes-eks Mon, 18 May 2026 06:21:25 +0000 <![CDATA[ [ARTICLE] Malicious Coding Agent Skills and the Risk of Dynamic Context ]]> https://securitylabs.datadoghq.com/articles/malicious-skills-supply-chain-risks-in-coding-agents-with-dynamic-context/ https://securitylabs.datadoghq.com/articles/malicious-skills-supply-chain-risks-in-coding-agents-with-dynamic-context/ Mon, 18 May 2026 06:15:24 +0000 <![CDATA[ [ARTICLE] We Have Packet Capture at Home ]]> https://blog.axelarator.net/we-have-packet-capture-at-home/ https://blog.axelarator.net/we-have-packet-capture-at-home/ Mon, 18 May 2026 06:11:49 +0000 <![CDATA[ [ARTICLE] Shai Hulud and Looking Into the Deep End of Supply Chain Mayhem ]]> https://www.abdulmhsblog.com/posts/shaihulud-analysis-leak/ https://www.abdulmhsblog.com/posts/shaihulud-analysis-leak/ Mon, 18 May 2026 06:07:12 +0000 <![CDATA[ [ARTICLE] APFS Snapshots Mac Forensics Guide Explained : SUMURI ]]> https://sumuri.com/why-apfs-snapshots-change-everything-in-mac-forensics/ https://sumuri.com/why-apfs-snapshots-change-everything-in-mac-forensics/ Mon, 18 May 2026 06:04:55 +0000 <![CDATA[ [ARTICLE] Windows Prefetch Forensics: Execution Evidence and Its Limits ]]> https://sethenoka.com/prefetch-execution-evidence-and-its-limits/ https://sethenoka.com/prefetch-execution-evidence-and-its-limits/ Mon, 18 May 2026 06:02:46 +0000 <![CDATA[ [TOOL] Magnetar ]]> https://github.com/0xjrx/magnetar https://github.com/0xjrx/magnetar Mon, 18 May 2026 05:59:28 +0000 <![CDATA[ [ARTICLE] Inside AD CS Escalation: Unpacking Advanced Misuse Techniques and Tools ]]> https://origin-unit42.paloaltonetworks.com/active-directory-certificate-services-exploitation/ https://origin-unit42.paloaltonetworks.com/active-directory-certificate-services-exploitation/ Mon, 18 May 2026 05:56:48 +0000 <![CDATA[ [ARTICLE] When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps ]]> https://www.microsoft.com/en-us/security/blog/2026/05/14/configuration-becomes-vulnerability-exploitable-misconfigurations-ai-apps/ https://www.microsoft.com/en-us/security/blog/2026/05/14/configuration-becomes-vulnerability-exploitable-misconfigurations-ai-apps/ Mon, 18 May 2026 05:54:36 +0000 <![CDATA[ [ARTICLE] Phantom Stealer Analysis: Inside the Two-Layer Attack Chain Hidden Behind a Windows DLL ]]> https://darkatlas.io/blog/phantom-stealer-analysis-inside-the-two-layer-attack-chain-hidden-behind-a-windows-dll https://darkatlas.io/blog/phantom-stealer-analysis-inside-the-two-layer-attack-chain-hidden-behind-a-windows-dll Mon, 18 May 2026 05:52:53 +0000 <![CDATA[ [ARTICLE] Revisiting Two-Shot Kernel Shellcode Execution From Control Flow Hijacking ]]> https://blog.zolutal.io/two-shot-kernel-shellcode/ https://blog.zolutal.io/two-shot-kernel-shellcode/ Mon, 18 May 2026 05:50:02 +0000 <![CDATA[ [TOOL] PromptZero ]]> https://github.com/openbashok/promptzero https://github.com/openbashok/promptzero Mon, 18 May 2026 05:46:23 +0000 <![CDATA[ [TOOL] Capture Bypass ]]> https://github.com/Londopy/capture-bypass https://github.com/Londopy/capture-bypass Mon, 18 May 2026 05:44:09 +0000 <![CDATA[ [TOOL] Shells-X ]]> https://github.com/vektor-x-com/Shells-X https://github.com/vektor-x-com/Shells-X Mon, 18 May 2026 05:42:42 +0000 <![CDATA[ [TOOL] Safeline ]]> https://github.com/api-evangelist/safeline https://github.com/api-evangelist/safeline Mon, 18 May 2026 05:41:29 +0000 <![CDATA[ [ARTICLE] Safeline ]]> https://github.com/api-evangelist/safeline https://github.com/api-evangelist/safeline Mon, 18 May 2026 05:41:03 +0000 <![CDATA[ [TOOL] MSTIC Jupyter and Python Security Tools ]]> https://github.com/microsoft/msticpy https://github.com/microsoft/msticpy Mon, 18 May 2026 05:40:32 +0000 <![CDATA[ [ARTICLE] NTFS Transactions in Windows: Kernel Transaction Manager, CreateFileTransacted, and Process Doppelganging >> TrainSec ]]> https://trainsec.net/library/windows-internals/ntfs-transactions-in-windows-kernel-transaction-manager-createfiletransacted-and-process-doppelganging/ https://trainsec.net/library/windows-internals/ntfs-transactions-in-windows-kernel-transaction-manager-createfiletransacted-and-process-doppelganging/ Mon, 18 May 2026 05:31:44 +0000 <![CDATA[ [TOOL] Relay Bypass Server ]]> https://github.com/vincentng295/relay_bypass_server https://github.com/vincentng295/relay_bypass_server Mon, 18 May 2026 05:29:12 +0000 <![CDATA[ [TOOL] VectorSmuggle ]]> https://github.com/jaschadub/VectorSmuggle https://github.com/jaschadub/VectorSmuggle Fri, 15 May 2026 07:32:35 +0000 <![CDATA[ [ARTICLE] CVE-2022-33649: Chain of Forgotten Features ]]> https://jinmo.github.io/blog/2026/05/10/cve-2022-33649-entrypoint-to-push-to-install.html https://jinmo.github.io/blog/2026/05/10/cve-2022-33649-entrypoint-to-push-to-install.html Fri, 15 May 2026 07:29:05 +0000 <![CDATA[ [ARTICLE] SMB alternative ports now supported in Windows Insider ]]> https://techcommunity.microsoft.com/blog/filecab/smb-alternative-ports-now-supported-in-windows-insider/3974509 https://techcommunity.microsoft.com/blog/filecab/smb-alternative-ports-now-supported-in-windows-insider/3974509 Fri, 15 May 2026 07:22:34 +0000 <![CDATA[ [TOOL] AddUser SAMR ]]> https://github.com/ricardojoserf/AddUser-SAMR https://github.com/ricardojoserf/AddUser-SAMR Fri, 15 May 2026 07:21:03 +0000 <![CDATA[ [ARTICLE] TAPOcalypse Now: Exploiting TP-Link Smart Devices From Anywhere ]]> https://labs.taszk.io/articles/post/tapocalypse/ https://labs.taszk.io/articles/post/tapocalypse/ Fri, 15 May 2026 07:19:49 +0000 <![CDATA[ [ARTICLE] Dissecting Impacket for Good and Bad ]]> https://www.abdulmhsblog.com/posts/impacket-iocs/ https://www.abdulmhsblog.com/posts/impacket-iocs/ Fri, 15 May 2026 07:14:31 +0000 <![CDATA[ [ARTICLE] Inside a Tor Backed Supply Chain Worm ]]> https://www.cloudsek.com/blog/inside-a-tor-backed-supply-chain-worm https://www.cloudsek.com/blog/inside-a-tor-backed-supply-chain-worm Fri, 15 May 2026 07:08:56 +0000 <![CDATA[ [TOOL] vaultify ]]> https://github.com/securityjoes/vaultify https://github.com/securityjoes/vaultify Fri, 15 May 2026 07:07:37 +0000 <![CDATA[ [TOOL] Passkey Path ]]> https://techbrandon.github.io/passkey-path/ https://techbrandon.github.io/passkey-path/ Fri, 15 May 2026 07:05:54 +0000 <![CDATA[ [ARTICLE] Kazuar: Anatomy of a nation-state botnet ]]> https://www.microsoft.com/en-us/security/blog/2026/05/14/kazuar-anatomy-of-a-nation-state-botnet/ https://www.microsoft.com/en-us/security/blog/2026/05/14/kazuar-anatomy-of-a-nation-state-botnet/ Fri, 15 May 2026 07:03:40 +0000 <![CDATA[ [ARTICLE] RCE in VSCode Copilot Chat ]]> https://www.hacktron.ai/blog/rce-in-vscode-copilot https://www.hacktron.ai/blog/rce-in-vscode-copilot Wed, 13 May 2026 06:45:06 +0000