Showing only posts tagged LWiS. Show all posts.

Aug 04 2025 Last Week in Security (LWiS) - 2025-08-04

AEM RCE (@infosec_au), Intune cert abuse (@_dirkjan), Entra tradecraft (@hotnops), LLMs for R&D (@kyleavery_), File System API research (@Print3M_), and more!

Jul 28 2025 Last Week in Security (LWiS) - 2025-07-28

VMware Tools LPE (@justbronzebee), Adaptix C2 0.7 (@hacker_ralf), Ludus MCP (@__Mastadon), SOAP(y) (@_logangoins), and more!

Jul 21 2025 Last Week in Security (LWiS) - 2025-07-21

PIC agents (@_RastaMouse), ToolShell, Async BOFs (@Cneelis), SCCM MP relays (@unsigned_sh0rt), RAITrigger (@ShitSecure), and more!

Jul 14 2025 Last Week in Security (LWiS) - 2025-07-14

LudusHound (@bagelByt3s), SpeechRuntimeMove (@ShitSecure), Havoc Pro (@C5pider), FortiWeb RCE (@SinSinology), SailPoint IQService RCE (@NetSPI), Altiris RCE (@lefterispan), WAF bypass (@nyxgeek ), and more!

Jul 07 2025 Last Week in Security (LWiS) - 2025-07-07

Lenovo Applocker bypass (@Oddvarmoe), Citrix Bleed 2 (@SinSinology, @inkmoro, Aliz Hammond), A+ adversary simulation (@quarkslab), DreamWalkers loader (@max2cbx), SigStrike (@rushter), and more!

Jun 30 2025 Last Week in Security (LWiS) - 2025-06-30

Linux sleep obfs (@k0zmer), sudo vuln (@0xm1rch), self-xss trick (@slonser_), primitive injection (@trickster012), Sitecore RCE (@chudyPB ), and more!

Jun 09 2025 Last Week in Security (LWiS) - 2025-06-09

Windows self-delete on 24H2 (@TKYNSEC), DNS rebinding (@yarlob), VSCode backdoor (@d1rkmtr), leak Google users' 📞# (@brutecat), Entra sync dumping (@hotnops), Delegations (@podalirius_), Chrome abuse for screenshots, mic, and camera access (@mrd0x), and more!