#Django: Critical SQL Injection Vulnerability in Django (CVE-2025-64459): endorlabs.com/learn/critical…

Fun. Someone patched the Linux kernel so it can run on WASM. Big difference between some simulations that sandbox or warp the kernel (spec. LKL) while this actually compiles it for WASM Biggest changes on patches kernel-0005, llvm-0001, musl-0001. arch/wasm is born

#Research Windows ARM64 Internals: Exception & Privilege Model, Virtual Memory Management, and Windows under Virtualization Host Extensions connormcgarr.github.io/arm64… // ARM64's exception and privilege model, virtualization extensions, and memory management differ from x86 by utilizing multiple exception levels, VHE for efficient virtualization, multi-level page tables with self-referential mappings, specialized PTEs, and TLB optimizations with ASIDs and VMIDs

The Hacking Team is back/Operation ForumTroll Phishing link → WebGPU decrypt → Shellcode injection → COM hijack for persistence. Deploys Dante spyware (successor to RCS(Hacking Team), now Memento Labs) + custom LeetAgent for keylogging, file theft. Exploits: Zero-days CVE-2025-2783 (Chrome sandbox escape) & Phishing link → WebGPU decrypt → Shellcode injection → COM hijack for persistence. securelist.com/forumtroll-ap…

If understanding AD is still an issue, read this: zer1t0.gitlab.io/posts/attac… #ActiveDirectory

"LLMs Solving a DEF CON CTF Finals Challenge" wilgibbs.com/blog/defcon-fin… Credits @cl4sm #infosec

🚩 Memory Challenge 5: DumpMe We're testing our Memory Analysis package (currently in beta) against various challenges available online. We found this challenge on the Memory Forensic site (memoryforensic.com/dumpme-ch…), so credit goes to them for highlighting it and to CyberDefenders (cyberdefenders.org/blueteam-…) for creating it in the first place. The scenario is as follows: "A SOC analyst took a memory dump from a machine infected with a meterpreter malware. As a Digital Forensicators, your job is to analyze the dump, extract the available indicators of compromise (IOCs) and answer the provided questions." While there are many questions to be answered in this CTF challenge, we limit ourselves to extracting the flag from the user-mode memory of the Notepad process.

📚 Unity Runtime RCE (CVE-2025-59489) Write up and PoC Arbitrary code execution in Unity runtime. Read: flatt.tech/research/posts/ar…

Free Playlist Stanford LLM Course here piped.video/playlist?list=PL…

Interested in an alternative approach to sleep masking for you malware? Check-out our latest blog post "Function Peekaboo: Crafting self masking functions using LLVM" by @saab_sec mdsec.co.uk/2025/10/function…

XBOW - Agentic Pentesting with ZERO False Positives - Aidan John blog.aidanjohn.org/2025/09/2…

🔥 Exploring the DOMPurify library: Hunting for Misconfigurations Part 1: mizu.re/post/exploring-the-d… Part 2: mizu.re/post/exploring-the-d… author: @kevin_mizu

We'll see your Offsec Team @DistrictCon for our talk on backdooring Electron apps. In the meantime, blog.trailofbits.com/2025/09…

github.com/MatheuZSecurity/U… Hey guys, I posted a really cool zine in pure TXT about Unhooking Linux EDR, attacking the cleanup_module function, to be able to remove any hook from an EDR for example. Feel free to read.

Singularity rootkit update: ICMP reverse shell trigger, which activates a reverse connection through custom ICMP packets. Source: github.com/MatheuZSecurity/S… #linux #rootkits #lkm #singularity #malware #icmp #backdoor #hooking

That Time Ken Thompson Wrote a Backdoor into the C Compiler micahkepe.com/blog/thompson-…

Unleashing Assembly for Shellcode Execution redops.at/en/blog/shell-we-a…

𝘛𝘩𝘪𝘴 𝘨𝘪𝘵𝘩𝘶𝘣 𝘳𝘦𝘱𝘰𝘴𝘪𝘵𝘰𝘳𝘺 𝘤𝘰𝘯𝘵𝘢𝘪𝘯𝘴 𝘢 𝘤𝘰𝘭𝘭𝘦𝘤𝘵𝘪𝘰𝘯 𝘰𝘧 150+ 𝘵𝘰𝘰𝘭𝘴 𝘢𝘯𝘥 𝘳𝘦𝘴𝘰𝘶𝘳𝘤𝘦𝘴 𝘵𝘩𝘢𝘵 𝘤𝘢𝘯 𝘣𝘦 𝘶𝘴𝘦𝘧𝘶𝘭 𝘧𝘰𝘳 𝘳𝘦𝘥 𝘵𝘦𝘢𝘮𝘪𝘯𝘨 𝘢𝘤𝘵𝘪𝘷𝘪𝘵𝘪𝘦𝘴🟥 github.com/A-poc/RedTeam-Too…

Oops! It's a kernel stack use-after-free: Exploiting NVIDIA's GPU Linux drivers Article by Robin Bastide about exploiting a NULL-pointer-dereference that led to a UAF access to the kernel stack in the NVIDIA GPU driver. blog.quarkslab.com/nvidia_gp…

The Emulator's Gambit: Executing Code from Non-Executable Memory redops.at/en/blog/the-emulat…