Search:

Last Week in Security (LWiS) - 2025-05-12

SysAid RCE (@SinSinology + @watchtowrcyber), defendnot (@es3n1n), iOS widget hacks (@brycebostwick1), Sword of Secrets (@GiliYankovitch), and more!

Last Week in Security is a summary of the interesting cybersecurity news, techniques, tools and exploits from the past week. This post covers 2025-05-05 to 2025-05-12.

News

Techniques and Write-ups

Tools and Exploits

New to Me and Miscellaneous

This section is for news, techniques, write-ups, tools, and off-topic items that weren't released last week but are new to me. Perhaps you missed them too!

  • AutoPwnKey - AutoPwnKey is a red teaming framework and testing tool using AutoHotKey (AHK), which at the time of creation proves to be quite evasive. It is our hope that this tool will be useful to red teams over the short term, while over the long term help AV/EDR vendors improve how they handle AHK scripts.
  • [YouTube] Apple’s Widget Backdoor - Bryce is a hacker in the true sense of the word. "A hacker is a person skilled in information technology who achieves goals by non-standard means." He hacks with the clock and timer APIs as well as fonts to create fluid animations in widgets, which Apple doesn't allow, except for their own clock app of course. He's also a great presenter, even if you don't care about iOS widgets at all the video is entertaining and interesting. Code: WidgetAnimation - Proof of concept for Animated iOS Widgets using Public APIs.
  • API-s-for-OSINT - List of API's for gathering information about phone numbers, addresses, domains etc.
  • VMAware - VM detection library and tool.
  • LsassHijackingViaReg - Injecting DLL into LSASS at boot.

Techniques, tools, and exploits linked in this post are not reviewed for quality or safety. Do your own research and testing.

page 1 | older articles »