Search:

Last Week in Security (LWiS) - 2025-10-06

WriteAccountRestrictions fun (@unsigned_sh0rt), RCE in Dell UnityVSA (@SinSinology), Unity Runtime exploit (@ryotkak), Lenovo DCC LPE (@0x4d5aC), remote control over generators (@XeEaton), and more!

Last Week in Security is a summary of the interesting cybersecurity news, techniques, tools and exploits from the past week. This post covers 2025-09-29 to 2025-10-06.

News

Techniques and Write-ups

Tools and Exploits

New to Me and Miscellaneous

This section is for news, techniques, write-ups, tools, and off-topic items that weren't released last week but are new to me. Perhaps you missed them too!

  • Titanis - Windows protocol library, including SMB and RPC implementations, among others. [I missed this last week despite tweeting about it 🤦‍♂️]
  • obex - Blocking unwanted DLLs in user mode.
  • OverLAPS - Supporting PoCs and scripts for my talk "OverLAPS: Overriding LAPS Logic".
  • Unlock the Power of AI Image intelligence - The demo gif on the homepage is worth a watch. Every image you post is now leaking your location.

Techniques, tools, and exploits linked in this post are not reviewed for quality or safety. Do your own research and testing.