Last Week in Security (LWiS) - 2025-10-27
DumpGuard (@bytewreck), GCC + VSCode (@_winterknife_), COM Research (@bohops), Gitlab to Cloud pivot (@0xC0rnbread), function peekaboo (@saab_sec), and more!
Showing only posts tagged Tools. Show all posts.
Last Week in Security (LWiS) - 2025-10-20
WhatchGuard RCE (@_mccaulay), BadSuccessor BOF (@_logangoins), ClubWPT hack (@samwcyo), MDE cloud vulns (@p0w1_), and more!
Last Week in Security (LWiS) - 2025-10-06
WriteAccountRestrictions fun (@unsigned_sh0rt), RCE in Dell UnityVSA (@SinSinology), Unity Runtime exploit (@ryotkak), Lenovo DCC LPE (@0x4d5aC), remote control over generators (@XeEaton), and more!
Last Week in Security (LWiS) - 2025-09-29
OmniProx (@ZephrFish), Phantom Chrome Extensions (Riadh Bouchahoua (@Synacktiv)), FIDO phishing (@dennis_kniep), VMWare Tools LPE (@0xThiebaut), MSI lateral movement (@werdhaihai), and more!
Last Week in Security (LWiS) - 2025-09-22
Getting Global Admin in every Entra tenant (@_dirkjan), WebSocket Turbo Intruder (@zakfedotkin), PureRAT analysis (@Tera0017), direct syscalls in Zig (@zux0x3a), and more!
Last Week in Security (LWiS) - 2025-09-15
FreeBPX RCE (@chudyPB), badpie (@dtmsecurity), macOS auditd malloc woes (@jfmeee), Spotlight TCC leak (@patrickwardle), WSUS relaying (@Coontzy1), pyLDAPGui (@ZephrFish), and more!
Last Week in Security (LWiS) - 2025-09-08
Metamorphic compilation (@tijme), Windows Secure Calls (@33y0re), macOS race condition exploit (@patch1t), NTLM relaying (@elad_shamir), iOS zero-click RE (@quarkslab), and more!
Last Week in Security (LWiS) - 2025-09-02
Azure AD via weak ACLS (@xybytes), HTTP stealth proxy (@IAmMandatory), Dll sideloading for initial access (@Print3M_), kernel-hack-drill (@a13xp0p0v), Sitecore RCE (@chudyPB), and more!
Last Week in Security (LWiS) - 2025-08-25
WebClient deep dive (@0xthirteen), 2x RCE chains in Commvault (@chudyPB), how to rob a hotel (@dmcxblue), MSI patch/protocol handler RCE (@johnnyspandex), self-relaying (@_logangoins), and more!
Last Week in Security (LWiS) - 2025-08-18
DEF CON releases, PDQ SmartDeploy creds (@unsigned_sh0rt), FortiSIEM root command injection (@SinSinology), a cat themed loader (@vxunderground), fine-tune LLMs for offsec (@kyleavery_), juicing NTDS.DIT (@MGrafnetter), and more!
page 1 | older articles »