Home
Recommended
Other Links
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
### Impact Vendor
Palo Alto Networks
### Affected Product
PA-54xx All supported versions of PAN-OS.
Tested: PAN-OS 10.x - 10.2.16-h1 PAN-OS 11x - 11.2.1
### Important Dates
The report wa...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
Check Point Research exposes GachiLoader, a Node.js loader in the YouTube Ghost Network, and shows how API tracing defeats its obfuscation.
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
Key Findings Introduction Check Point Research tracks a sustained, highly capable espionage cluster, which we refer to as Ink Dragon, and is referenced in other reports as CL-STA-0049, Earth Alux, or REF7707. This cluster is assessed by several vendors to be PRC-aligned. Since at least early 2023, Ink Dragon has repeatedly targeted government, telecom, and […]
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
### Summary
Clients are required in the [OAuth spec](https://datatracker.ietf.org/doc/html/rfc6749#section-10.12) to prevent CSRF attacks at its Callback handler. The implementation in [cloudflare...
Posted by Benoît Sevens, Google Threat Intelligence Group Introduction Between July 2024 and February 2025, 6 suspicious image files were ...
Welcome back! In the last post I described the process of examining the iPhone Pro TrueDepth LiDAR and developing concepts for hardware to detect it. Here I will describe the firmware for this device, the concepts employed in it, and the approaches taken to implementing these concepts on the tiny
ActivID administrator account takeover : the story behind
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
Welcome back! As we near the end of 2025, we are, of course, waiting for the next round of SSLVPN exploitation to occur in January (as it did in 2024 and 2025).
Weeeeeeeee. Before then, we want to clear the decks and see how much research we can publish.
This year at Black Hat Europe, Piotr Bazydlo presented “SOAPwn: Pwning .NET Framework Applications Through HTTP Client Proxies And WSDL”. This research ultimately led to the identification of new primitives in the .NET Framework that, while Mi
Highlights: Introduction Throughout 2025, we conducted and published several reports related to our research on the Silver Fox APT. In some of them (for example, here), the threat actor delivered the well-known ValleyRAT backdoor, also referred to as Winos or Winos4.0, as the final stage. Since this malware family is widely used, modular, and often associated with Chinese threat actors […]
Gerne unterstütze ich Sie als Freelancer bei der Erarbeitung und Durchführung maßgeschneiderter Workshops und Trainings:
Email training@lauritz-holtmann.de LinkedIn Connect on LinkedIn English Version below
In einer Zeit, in der durch Vibe-Coding Proof-of-Concept-Anwendungen nur wenige Prompts entfernt sind, ist es essenziell, dass Mitarbeitende in Unternehmen regelmäßig geschult werden, um ein Bewusstsein für IT-Sicherheit zu schaffen und dieses aufrechtzuerhalten. Hierbei biete ich maßgeschneiderte Workshops und Trainings zu verschiedenen Themen rund um IT-Sicherheit an. Diese können sowohl remote als auch vor Ort in Ihrem Unternehmen durchgeführt werden.
At DEF CON 32, Samy Kamkar gave a talk about laser microphones. That was the only talk I made a point to watch live that year. Kamkar never disappoints and I have fond memories of trying to use a laser pointer and photodiode to hear through windows as a kid. During that talk Kamkar mentioned notic
The gradual and systemic over-reliance on LLM outputs, especially with agentic systems, leads to a normalization of deviance.
Hacking Lab Hacking Lab Home People Publications CVEs Contact Light Dark Automatic RTCon: Context-Adaptive Function-Level Fuzzing for RTOS Kernels (to appear) Eunkyu Lee , JunYoung Park , Insu Yun February 2026 Cite Publication Proceedings of the 2026 Annual Network and Distributed System Security...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
By: Dikla Barda, Roman Zaikin, and Oded Vanunu On November 30, 2025, Check Point Research detected a critical exploit targeting Yearn Finance’s yETH pool on Ethereum. Within hours, approximately $9 million was stolen from the protocol. The attacker achieved this by minting an astronomical number of tokens—235 septillion yETH (a 41-digit number)—while depositing only 16 […]
### The challenge
https://www.turb0.one/pages/Challenge\_Two:\_Stranger\_XSS.html
We are given a frameable target page on this address `https://www.turb0.one/files/9187cc52-fd4d-49c6-a336-0ce8b5139394/xsschal2minimal/inner.html`.
The page loads three scripts
```
<script src="lodash.min.js">...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
# InQL v6.1.0 Just Landed with New Features and Contribution Swag! 🚀
02 Dec 2025 - Posted by Bartek Górkiewicz
## Introduction
We are excited to announce a new release of our Burp Suite Extension - InQL v6.1.0! The complete re-write from Jython to Kotlin in our previous update (v6.0.0) laid...
Codex CLI automatically loads and execute MCP entries withoug
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
2025 Winter Challenge: Quinindrome
How to debug CodeQL database creation failures, identify the root cause from build-tracer logs, and create minimal reproducers using cvise.
Breaking the BeeStation: Inside Our Pwn2Own 2025 Exploit Journey
Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
Nov 26 2025 @ 10:36 AM
Kri Dontje
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
Security Vulnerabilities Keep Google's Antigravity Grounded
Welcome to watchTowr vs the Internet, part 68.
That feeling you’re experiencing? Dread. You should be used to it by now.
As is fast becoming an unofficial and, apparently, frowned upon tradition - we identified incredible amounts of publicly exposed passwords, secrets, keys and more for very sensitive environments - and then spent a number of months working out if we could travel back in time to a period in which we just hadn't.
Remember, kids - a problem shared is a problem that isn't just y
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
On blockchains, whoever controls the private key to an address controls the funds in the corresponding account.
In October 2025, the U.S. government announced the seizure of 127,000 BTC from Prince Group. On‑chain tracing reports indicated that these funds were in fact the assets stolen from the LuBian mining pool in December 2020.
A Bitcoin private key is a 256‑bit random number and is, in theory, infeasible to brute‑force. How did the U.S. government obtain LuBian’s wallet private key?
### Impact
The Opto22 Groov Manage maintenance application endpoint is vulnerable to remote code execution. This means an attacker can create a specially crafted request that when executed will ac...
### Impact
The View Users API endpoint returns a list of all users and associated metadata- including the web API tokens. This endpoint requires an Editor role to access and will display API keys ...
HEX ADVENT 2025: Crack the Advent, Conquer the Threat 🐛 WELCOME TO HEX ADVENT 2025, ‘tis the season to Unwrap Your Potential! 🎁
HEX ADVENT 2025 is a Christmas-themed CTF Advent Calendar, designed for women, by women.
What to Expect 12 Days, 12 Challenges: A structured schedule to build mastery across different CTF categories. Focus Areas: Pwn (Binary Exploitation) Cryptography Reverse Engineering Forensics OSINT Web Exploitation Our Mission: To empower women in cybersecurity, create visible role models, and cultivate a robust local talent pool.
### Summary
"astral-tokio-tar", a Rust crate used by the popular tool "uv", has a vulnerability that allows arbitrary file writes when unpacking tar files. In "uv" th...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data.
You can email the...
The Internet is ablaze, and once again we all have a front-row seat - a bad person, if you can believe it, is doing a bad thing!
The first warning of such behaviour came from the great team at Defused:
As many are now aware, an unnamed (and potentially silently fixed) vulnerability affecting a number of Forti-devices (blast radius is currently unclear) is being actively exploited. For many, this will feel like a normal Tuesday.
For others, it will feel like a Monday.
Moments like this are wh
After yet another workout where my sports watch completely lost GPS, I’d had enough. I decided to dig into its firmware and pinpoint the problem. I couldn’t find it published anywhere. No download section, no public archive, nothing. So, I changed tactics and went in through the Android app instead, hoping I could pull the […]
The Target A few months ago I realized I was overdue for a fun, quirky hardware project. Every so often I like to see what new and interesting electronic children's toys are out there. When looking, I keep in mind the potential attack surface, typically preferring toys with companion mobile apps, w
Ransomware is more fragmented and less centralized, with a record of 85 separate groups acting while victims remain as high as ever.
