🚀 Big Announcement! 🚀 After 8+ years of working on PayloadsAllTheThings, I’m excited to release it as an ebook on Leanpub! 📖✨ To celebrate, I’m gifting 5 free copies to random retweeters! 🔥 👉 Retweet for a chance to win Thank you all for your incredible support! 🙌 This cheatsheet has been a labor of love and countless hours of dedication. 👉 Grab your copy now: leanpub.com/payloadsalltheth… The results will be announced on 25th December. Entries will close Tuesday 24th, December at 12:00 PM (GMT) 🕐 #CyberSecurity #Infosec #PayloadsAllTheThings #EbookRelease

Attacking browser extensions Learn about browser extension security and secure your extensions with the help of CodeQL - Kevin Stubbings github.blog/security/vulnera…

Our assembly lessons are trending on @github ! We have nearly 10k stars.

More Than DoS (Progress Telerik UI for ASP.NET AJAX Unsafe Reflection CVE-2025-3600) @watchtowrcyber @chudyPB labs.watchtowr.com/more-than…

Yet Another DCOM Object for Command Execution Part 1 - @haider_kabibo sud0ru.ghost.io/yet-another-…

Scream at It Until It Escalates — XSS to ATO via Server Size Errors Gadgets - @castilho101 castilho.sh/scream-until-esc…

In Germany, everyone uses `ßh` instead of `ssh`.

This PR from fulc2um github.com/fortra/impacket/p… implements Shadow RDP on Impacket, this is so fking cool omgggg

Guide pour relayer NTLM sur HTTP – l’exemple de GLPI - Arthur Le Corguillé mobeta.fr/guide-pour-relayer…

It’s here, and it's free: Credential Monitoring from ProjectDiscovery! Detect leaked credentials tied to your domains or emails from millions of malware-stealer logs. • My Leaks / Employee / Customer classification • Domain verification + API + CSV/JSON export Start monitoring now: projectdiscovery.io/blog/lea… #infosec #cybersecurity #credentialmonitoring

Advanced Active Directory network topology analyzer with SMB validation, multiple authentication methods (password/NTLM/Kerberos), and comprehensive network discovery. Export results as BloodHound‑compatible OpenGraph JSON. github.com/mordavid/NetworkH…

RIP, my PlayStation exploit died. gist.github.com/TheOfficialF… Works upto PS4 13.00 and PS5 12.00. Patched on PS4 13.02 and PS5 12.02.

VulnIndex — the fastest way to find real security research vulnindex.ys0.dev/

The story of FCKGW-RHQQ2-YXRKT-8TG6W-2B7Q8. If you're not the type to pay for your software, you probably know this key. What you might not know is that I worked on the first version of Windows Product Activation, and this was our first major "hack". And yet, it wasn't a 'hack' at all - it was a disastrous leak. The FCKGW key was a valid volume licensing key, so all you needed was special volume media to go with it. Eventually, they were bundled and put online by pirates. WPA worked by generating a hardware ID from your CPU, RAM, and other components, then sending it to Microsoft alongside your product key for validation. A mismatched or suspicious key would flag the install as pirated. But as a legitimate VLK, FCKGW-RHQQ2-YXRKT-8TG6W-2B7Q8 was whitelisted in XP's activation logic—it told the system, "This is corporate volume licensing; no need to phone home." During installation, users selected the "Yes, I have a product key" option, entered the code, and WPA simply... skipped the activation prompt. The OS booted fully functional, with no 30-day timer or watermarks. It even fooled early validation checks for updates. This loophole let pirates distribute "pre-activated" ISOs, making XP as easy to "acquire" as a free mixtape. Technically, you could still use it today on an old XP disc (if you can find one), but Microsoft's servers shut down validation years ago, and the key's long since been blacklisted.

It appears the end is near(er) for the Azure AD Graph API with usage of the API now being blocked in one of my tenants with the AAD PowerShell module client ID. Found this out when trying to demo roadrecon 😬. Time to prioritize merging the MS Graph PR from @Thomasbyrne__

Now in private beta: Aardvark, an agent that finds and fixes security bugs using GPT-5. openai.com/index/introducing…

CVE-2025-59287 WSUS Remote Code Execution - @hawktrace hawktrace.com/blog/CVE-2025-…

AdminSDHolder: the AD security feature everyone thinks they understand but probably don't. 😬 @JimSycurity went to the source code to debunk decades of misconceptions — including ones in Microsoft's own docs. Read more ⤵️ ghst.ly/3Lpmjzv

Guest Post: How I Scanned all of GitHub’s “Oops Commits” for Leaked Secrets - @trufflesec trufflesecurity.com/blog/gue…

I have released an OpenGraph collector for network shares and my first blogpost at @SpecterOps on the subject! You can now visualize attack paths to network shares in BloodHound 👀 specterops.io/blog/2025/10/3…

Next.js Security Testing Guide for Bug Hunters and Pentesters - @daoud_youssef deepstrike.io/blog/nextjs-se…