Last Week in Security (LWiS) - 2024-11-04
WAF bypasses (@MDSecLabs), sastsweep (@_chebuya), Early Cascade injection (@DaWouw), and more!
WAF bypasses (@MDSecLabs), sastsweep (@_chebuya), Early Cascade injection (@DaWouw), and more!
Delta Sues Crowdstrike (@CrowdStrike), Jenkins Post-Exploitation (@TrustedSec), PE embedded within a PNG (@MalDevAcademy), Prompt Injection to C2 (@wunderwuzzi23), and more!
VNC-Like over SCCM (@netero_1010), Use LLMs to find CVEs (@ProtectAICorp), New process 💉 technique (@OutflankNL), 💰 Big acquisition (@Sophos), and more!
FortiGate exploit (@watchtowrcyber), Azure admin approval bypass (@PedroGabaldon), dylib 💉 in Teams (@Coiffeur0x90), Ivanti Connect Secure vuln (@buffaloverflow), and more!
I-XRAY doxxing 🕶️ (@AnhPhuNguyen1 + @CaineArdayfio), TeamViewer LPE (@PedroGabaldon), C# source generators (@DragoQcc), ⏲️-based user enum (@nyxgeek), and more!
CUPS RCE (@evilsocket), driver vulns (@vinopaljiri), NamelessC2 release (@trickster012), liveness detection bypass (@CaptMeelo), Windows LPE (@ricnar456), and more!
0-click macOS RCE (@Turmio_), sudo iptables LPE (@suidpit + @smaury92), SkeletonCookie ☠️🍪 (@buffaloverflow), and more!
MSSQL domain privesc (@_nullbind), .mobi whois takeover (@watchtowrcyber), LLM CTF (@bishopfox), mac filesystem 🪄 (@gergely_kalman), AlcaWASM writeup (@suidpit), and more!
Windows heap overflow (@esj4y), Linux TCP UAF (@v4bel), Goffloader (@BouncyHat), Intune lat-movement (@h4wkst3r), browser attack detection (@mega_spl0it), and more!
argv[0] tampering (@Wietze), Moodle eval() misuse (@RedTeamPT), ntoskrnl.exe PoC (@b1thvn_), 4x wappd exploits (@hyprdude), and more!