Last Week in Security (LWiS) - 2025-08-04
AEM RCE (@infosec_au), Intune cert abuse (@_dirkjan), Entra tradecraft (@hotnops), LLMs for R&D (@kyleavery_), File System API research (@Print3M_), and more!
Last Week in Security is a summary of the interesting cybersecurity news, techniques, tools and exploits from the past week. This post covers 2025-07-28 to 2025-08-04.
News
- Shall we see what your local MP's driving license might look like? - In response to the UK online safety rules, "Tim" created a site that will generate a "satire" version of your local Member of Parliament's drivers license. It would be terrible if people used these for online age verification in the UK.
- Policy and Disclosure: 2025 Edition - Google Project Zero will now publicly share the fact a vulnerability has been found within a week to give downstream maintainers time to prepare to update. Their Reporting Transparency page has the very limited details.
- Introducing Runtime Memory Protection - The gang at Prelude is thinking about anti-virus from first principles. What if you just watched every instruction on the CPU and decided if it was malicious? With modern CPUs and the speed of consumer hardware watching every CPU instruction is doable locally now, its the determining maliciousness that will be the sticking point. However, with the team that Prelude has assembled (@matterpreter and @33y0re to name just two), they have the brains to pull it off. They even address many of my objections directly in their very technical whitepaper. How will it handle ETW EtwEventWrite patching, or operating out of JIT enabled programs like Chrome I wonder? Will be keeping track of how this develops.
- The ChatGPT confession files - OpenAI gave people the ability to have their chats indexed by search engines (after clicking share, then clicking a check box for indexing) and users exposed some wild chats. OpenAI has since remove indexed content from the relevant search engines and disabled the feature, but I was able to find 112,455 unique share links that have been archived, and there is some pretty dark stuff. There is a standing [PDF] court order forcing OpenAI to save all chat data. Probably time to look into running your own models locally.
- Perplexity is using stealth, undeclared crawlers to evade website no-crawl directives - Scraping is legal, and the line between a user browsing a website and a user instructing an AI bot to browse a website is blurring.
- Palo Alto Networks Announces Agreement to Acquire CyberArk, the Identity Security Leader - $25B is the price. Big money in enterprise cybersecurity solutions it seems.
- Kali Linux & Containerization (Apple's Container) - Native container support comes to macOS! Available now for macOS 15, with limitations, and fully supported in the next release of macOS.
Techniques and Write-ups
- Extending AD CS attack surface to the cloud with Intune certificates - Regular users able to do ESC1 (Active Directory Certificate Services escalation attack 1) over Intune certificates given the right misconfiguration? Sign me up.
- Entra Connect Attacker Tradecraft: Part 3 - "Attackers can exploit Entra Connect sync accounts to hijack device userCertificate properties, enabling device impersonation and bypassing conditional access policies. By leveraging this access, they can retrieve Intune-issued MDM and PKCS certificates, potentially compromising on-premises domains and sensitive credentials."
- NachoVPN: Now With More VPN (And SYSTEM Shells) - Part 1 - A sneak preview of their DEF CON 33 talk, and an update to NachoVPN, a delicious, but malicious SSL-VPN server 🌮.
- Struts Devmode in 2025? Critical Pre-Auth Vulnerabilities in Adobe Experience Manager Forms - Adobe Experience Manager (AEM) has been a gold mine of initial access for years, and 2025 is no different.
- How Microsoft defends against indirect prompt injection attacks - Microsoft has done the Microsoft thing again, introduce a product (Azure AI LLMs) and then sell the security for it, "Prompt Shield."
- Accelerating Offensive R&D with Large Language Models - Large Language Models (LLMs) are getting to the point where with the right scaffolding and context, they can quickly find things that would take human analysis a lot of time. I appreciate Outflank sharing their work instead of creating a hyped-up product and raising $30M in funding. imapi2fs-com-stdfont-reflection.cpp is the unedited proof of concept.
- What’s Your Secret?: Secret Scanning by DeepPass2 - Detecting secrets in large volumes of text programmatically is trickier than you might think. With some specialized data and a training, DeepPass2 (not yet released) shows improvement over standard "grep-like" tools for unstructured passwords.
- Oops Safari, I think You Spilled Something! - A detailed write up of a 2024 bug in WebKit that was part of chain that was able to get remote code execution on both macOS and iOS.
- FileJacking – Initial Access with File System API - Some foundational research on the File System API for your next phishing lure.
Tools and Exploits
- ntp-fingerprinter - Script to fingerprint NTP servers.
- scepreq - SCEP request tool for AD CS and Intune.
- CobaltStrikeBeaconCppSource - Out-of-the-box CobaltStrike Beacon source code use C++.
- crush - The glamorous AI coding agent for your favorite terminal 💘.
- SCCM_SQL_Collector - PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph.
- OpenImporter - Middleware utility for enriching and uploading data gathered with arbitrary collectors.
- MSSQLHound - PowerShell collector for adding MSSQL attack paths to BloodHound with OpenGraph.
- TinyRequest - Lightweight HTTP client with modern GUI for Linux.
- EXEfromCER - PoC that downloads an executable from a public SSL certificate.
New to Me and Miscellaneous
This section is for news, techniques, write-ups, tools, and off-topic items that weren't released last week but are new to me. Perhaps you missed them too!
- EncroCam - Privacy security camera based on commodity hardware.
- mkcertWeb - Web based user interface for mkcert CLI internal CA.
- labshock - OT Security Lab for ICS networks.
- AutoRMM - AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, along with post exploitation strategies for blue and red teams wanting to more realistically simulate adversary capabilities using these strategies.
- Universal Paperclips - A shockingly fun text based "game" based on the Paperclip maximizer thought experiment.
- Every Reason Why I Hate AI and You Should Too - The praise for Apple is interesting, given that Siri has been an embarrassment for years. "I, too, could score 100% on a multiple-choice exam if you let me Google all the answers." Yes, but could you achieve gold-medal standard at the International Mathematical Olympiad? I don't think so, even with a year to do it an not 8 hours. Like most things, the "truth" (whatever that is) is probably somewhere in the middle of the hype-train conductors and the doomers.
Techniques, tools, and exploits linked in this post are not reviewed for quality or safety. Do your own research and testing.