Last Week in Security (LWiS) - 2025-04-14
WinRMS relay (@Defte_), plaintext Zip attacks (@pfiatde), SQL Server Crypto deep dive (@_xpn_), FindUnusualSessions (@podalirius_), and more!
Showing only posts in LWiS. Show all posts.
Last Week in Security (LWiS) - 2025-04-07
2 weeks worth of news, techniques, tools and exploits!
Last Week in Security (LWiS) - 2025-03-24
Next.js auth bypass (@zhero___ + @inzo____), ServiceNow for red teamers (@__invictus_), Veeam RCE - again! (@chudyPB), ArgFuscator (@Wietze), and more!
Last Week in Security (LWiS) - 2025-03-17
Evilginx Pro (@mrgretzky), Pre-auth RCE in a CMS (@chudyPB), GOAD ADCS (@M4yFly), YouTube email disclosure (@brutecat), SAML parser bug (@ulldma.bsky.social/@ulldma@infosec.exchange), and more!
Last Week in Security (LWiS) - 2025-03-10
Detection Studio (@sifex), SCCM discovery account decryption (@unsigned_sh0rt), FindProcessesWithNamedPipes (@podalirius_), Windows LPE (@MrAle_98), and more!
Last Week in Security (LWiS) - 2025-03-03
Ligolo-MP (@ttpreport), Bybit hack via CI (@adnanthekhan), FindGPPPasswords (@podalirius_), ComDotNetExploit (@T3nb3w), and more!
Last Week in Security (LWiS) - 2025-02-25
ADIDNS Parser (@the_bit_diddler), Parallels LPE (@patch1t), PowerChell (@itm4n), SACL Scanner (Alexander DeMine of @SpecterOps), and more!
Last Week in Security (LWiS) - 2025-02-17
PAN-OS auth bypass (@hash_kitten), Outlook drafts as C2 (@elasticseclabs), Ludus powered SocGholish analysis (@RussianPanda9xx), kernel UAF (@h0mbre_), and more!
Last Week in Security (LWiS) - 2025-02-10
Mythic C#/BOF support (@its_a_feature_), Ludus guide (@sherif_ninja), Window shadow stacks (@33y0re), Orbit scanner (@BHinfoSecurity), and more!
Last Week in Security (LWiS) - 2025-01-27
0-click deanonymization (@hackermondev), Subaru hacks (@samwcyo + @infosec_au), 🍪 sandwitch (@d4d89704243), Entra Connect attacks (@hotnops), Kerberos relaying via HTTP (@croco_byte), and more!
page 1 | older articles »