Galactical Bug Hunting: How we discovered new issues in CD Projekt Red’s Gaming Platform

Don't trust the cache :Exposing Web cache vulnerabilities

Wifi credential dumping

Diving Deeper into AI Package Hallucinations

Security Advisory: Systems with a SONIX Technology Webcam vulnerable to DLL hijacking attack allowing attackers to execute malicious DLL and escalate privileges

unch 😗: Hides message with invisible Unicode characters

Gram - Self-hosted Threat Modeling Webapp

Kobold letters – Why HTML emails are a risk to your organization

Showcasing Incinerator a Powerful Android Malware Reversing Tool

Attacking Active Directory Certificate Service Part 2

Persistence - DLL Proxy Loading

Adventures in Stegoland - Adventures with a stego shellcode loader

/r/netsec's Q2 2024 Information Security Hiring Thread

XZ-actly What You Need (CVE 2024-3094): Detecting Exploitation with Oligo

IBIS hotel check-in terminal keypad-code leakage

NetScout - An OSINT tool I've been working on that finds domains, subdomains, directories and files based on a given URL

Bypassing DOMPurify with good old XML

Xzbot: exploit demo for the xz backdoor (CVE-2024-3094)

Last part of Lord Of The Ring0

How Complex Systems Fail