GitHub - mlcsec/FormThief: Spoofing desktop login applications with WinForms and WPF
Ivanti Connect Secure Under Attack: Uncovering Five Exploitable CVEs - XXE
Analysis of Mirai variant leveraging CVE-2023-1389
Exploiting Unsynchronised Clocks
Snap Trap: The Hidden Dangers Within Ubuntu's Package Suggestion System
Decrypted: Rhysida Ransomware - "we are now publicly releasing our decryptor for download to all victims of the Rhysida ransomware"
Breach Analysis: APT29’s Attack on Microsoft - Password Spray & OAuth abuse.
Troy Hunt: How Spoutible’s Leaky API Spurted out a Deluge of Personal Data
JSON Smuggling: A far-fetched intrusion detection evasion technique
Shellcode evasion using Wasm/Wat and Rust
ShmooCon 2024 Videos are up!
apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.
Trends in Phishing, Fraud, 'Dark AI Models', and how to better protect yourself.
How I Hacked My Air Purifier to Remove Cloud Dependency
Deluder: Python utility for intercepting traffic of applications. Deluder can be used as an alternative for EchoMirage. It supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the b...
AnyDesk Incident Response 2-2-2024
Your Security Program Is Shit
Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal
Leaky Vessels: Docker and runc Container Breakout Vulnerabilities - January 2024
CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()
