AI Agents11 Exploiting a PHP Object Injection in Profile Builder Pro in the era of AI
The article explains how researchers exploited an unauthenticated PHP Object Injection in the WordPress plugin Profile Builder Pro, showing how AI tools…
AI Agents11 The article explains how researchers exploited an unauthenticated PHP Object Injection in the WordPress plugin Profile Builder Pro, showing how AI tools…
AI Agents3 The article shows how AI-assisted reverse engineering of the TP-Link Tapo C200 firmware uncovered hardcoded keys, buffer overflows, and insecure APIs, demonstrating…
Apple Silicon6 The article analyzes the macOS secure boot chain on Apple Silicon, showing how Boot ROM, cryptographic verification, Secure Enclave, and staged bootloaders…
BYOUD7 The article introduces BYOUD, a Windows evasion technique that manipulates unwind metadata to spoof call stacks without altering return addresses, allowing malware…
AI Agents3 The article explains Microsoft’s ODR mechanism for native MCP registration, enabling AI agents to discover and invoke system tools through the Model…
Bypassing9 The article demonstrates how to bypass the Winsock layer by communicating directly with the Windows AFD driver using Native API calls. It…
Broadcom10 The article examines vulnerabilities in VMware Aria Operations that enable credential disclosure and privilege escalation. Attackers with limited access can escalate privileges…
Bypassing8 The article analyzes the Windows GetProcessHandleFromHwnd API and its evolution from a hook-based implementation to a kernel Win32k function that could open…
Debug9 The article introduces Windows kernel exploitation and explains how to build a research lab using tools like WinDbg and the HackSys Extreme…
BSoD7 The article examines a Windows kernel bug in clfs.sys where a NULL pointer is dereferenced during fast mutex acquisition, causing a kernel…
COM6 The article demonstrates how to hook COM methods in Windows Subsystem for Linux by leveraging C++ RTTI metadata to reconstruct class layouts…
EDR4 The article examines how EDR agents monitor macOS and Linux systems by collecting telemetry from OS security frameworks, kernel interfaces, and tools…
cpp11 The research reverse-engineers Windows AFD.sys, showing how TCP sockets can be created, connected, and used by sending handcrafted IOCTL requests directly to…
Bypassing5 The article introduces LOLExfil, a Living-Off-the-Land data exfiltration technique that abuses legitimate system tools and trusted services to stealthily extract data, blending…
firmware5 The research reverse-engineers the TP-Link Tapo C260 camera firmware and analyzes Tapo Discovery Protocol v2. By dumping and decrypting the filesystem, the…
Cortex XDR646 Research shows how Palo Alto Cortex XDR predefined BIOC behavioral rules can be decrypted and analyzed. By understanding rule logic and built-in…
Debug897 The article explains a technique for dumping memory from the protected LSASS process (PPL). It analyzes limitations of PPL protection and demonstrates…