Aug 19 2024 Last Week in Security (LWiS) - 2024-08-19

DEF CON 32 Tools and Talks, Apache confusion (Orange Tsai), private TLDs (@N7WEra), UDL 🎣 (@Oddvarmoe), crash analysis (@patrickwardle), and more!

Jul 29 2024 Last Week in Security (LWiS) - 2024-07-29

Specula (@Oddvarmoe + @freefirex2), 🧵 namecalling (@hasherezade), North Korean 🇰🇵 agents, Llama 3.1 (@Meta), GraphSpy updates (@RedByte1337), and more!

Jul 22 2024 Last Week in Security (LWiS) - 2024-07-22

REx (@br0k3ns0und), EV charger exploits (@ret2systems), CerealKiller (@two06), payload encoding (@MoritzLThomas), responder honeypot (@lawndoc), and more!

Jul 15 2024 Last Week in Security (LWiS) - 2024-07-15

HavocC2 SSRF (@_chebuya), PDF rendering diffs (@d4d89704243), Windows phishing 0day (@_CPResearch_), 3x Sharepoint RCEs (@testanull), Dynamics 365 flaws (@frycos), Mythic 3.3 Beta (@its_a_feature_), and more!

Jul 08 2024 Last Week in Security (LWiS) - 2024-07-08

👻 Ghostscript exploit (@thomasrinsma), CSPT2CSRF (@maxenceschmitt), Puppet Forge pwn (@adnanthekhan), WhatsUp Gold RCE+privesc (@SinSinology), UDRL-less beacon (@naksyn), EDRPrison (@senzee1984), and more!

Jul 01 2024 Last Week in Security (LWiS) - 2024-07-01

Chrome RCE (@mmolgtm), Windows LPE (@carrot_c4k3 + @tykawaii98), Xerox RCEs+LPE (@_mohemiv), and more!

Jun 24 2024 Last Week in Security (LWiS) - 2024-06-24

Electron security (@khronokernel), snapshot fuzzing (@h0mbre_), macOS helpers LPE (@L0Psec), and more!

Jun 17 2024 Last Week in Security (LWiS) - 2024-06-17

Nighthawk 0.3 (@MDSecLabs), Musl heap exploit (@NCCsecurityUS), Copilot chat 💉 (@wunderwuzzi23), allowPrivilegeEscalation in K8s (@christophetd), and more!

Jun 10 2024 Last Week in Security (LWiS) - 2024-06-10

SCCM ansible role (@synzack21), Hacking millions of modems (@samwcyo), F5 Secure Vault (@myst404_), Secure Kerrnel (@33y0re), and more!

Jun 03 2024 Last Week in Security (LWiS) - 2024-06-03

F5 TLS MITM (@lowercase_drm + @myst404_), WASM phishing tool (@JumpsecLabs), MS Recall info (@GossiTheDog), Checkpoint path traversal (@watchtowrcyber), smbclient-ng (@podalirius_), and more!