Network10 A 27-Year-Old Authentication Bypass in OpenBSD’s PPP Stack (CVE-2026-55706)
A length-confusion bug in OpenBSD's PAP handler let an unauthenticated attacker on the same broadcast domain pass authentication with zero-length credentials —…
Network10 A length-confusion bug in OpenBSD's PAP handler let an unauthenticated attacker on the same broadcast domain pass authentication with zero-length credentials —…
Security11 Squidbleed (CVE-2026-47729) is a heap buffer over-read in the Squid proxy's FTP gateway, rooted in a missing NUL-terminator check before strchr() that…
Linux8 Scales is a Linux supply-chain malware that pairs an embedded eBPF rootkit with a built-in Tor client and aggressive credential theft. This…
Hardware10 Walk-through of Rasmus Moorats' Pwnd Blaster disclosure: the Creative Sound Blaster Katana V2X soundbar accepts the Creative Transport Protocol over Bluetooth Low…
Credential Attacks8 Windows Sandbox is supposed to be the safe place to open untrusted files — but the .wsb configuration file is parsed by…
Hypervisor15 Aidan Khoury’s Part 2 of the revers.engineering PatchGuard series — two LSTAR-focused checks. KiErrata420Present briefly overwrites LSTAR with a one-byte RET stub…
Hypervisor11 Nick Peterson’s revers.engineering deep-dive on three PatchGuard routines disguised as CPU-errata checks but actually built to catch hypervisor introspection — KiErrata704Present (reads…
EDR Evasion14 Two Python shellcode stagers from g3tsyst3m that hit 0/63 on VirusTotal — Variant #1 uses string-reversed NT APIs (NtAllocateVirtualMemory, NtCreateThreadEx) plus RWX…
Exploit Development12 CVE-2026-41096 is a remotely-triggerable heap overflow in dnsapi.dll. A single crafted UDP DNS response with QDCOUNT=0 corrupts 604 bytes past a heap…
Apple Silicon13 usbliter8 is a new BootROM exploit chain against Apple A12, S4/S5 and A13 SoCs. It chains a 12-byte buffer-underflow primitive in the…
Blue team46 Distributed COM (DCOM) lets one Windows host instantiate and drive COM objects on another over the network — and that same capability…
AI Security Research12 0xkato's walkthrough of the mechanisms inside modern transformer-based LLMs — tokenization, embeddings, Rotary Position Embeddings, attention with Q/K/V and causal masking, multi-head…