Check out the analysis by @cryptocat.me for CVE-2026-20127 in Cisco SD WAN. That other PoC posted last week exploits a totally different bug that doesn't match the reported IOCs (some kind of file upload due to path traversal in vManage maybe). We asses with high confidence this is CVE-2026-20127 🔥

Zero Day Initiative — The March 2026 Security Update Review I am back in the friendly confines of the Mid-South headquarters of TrendAI ZDI (a.k.a. my home office), and am all set for the third patch Tuesday of 2026. Take a break from your regularly scheduled ...

Happy Patch Tuesday! The latest security patches from #Adobe and #Microsoft are here. Thankfully, no bugs are listed as being under attack, but there's still some interesting ones in the mix. Join @dustinchilds.bsky.social as he breaks down the March release www.zerodayinitiative.com/blog/2026/3/...

As per its stated policy, Kaspersky did not attribute Operation Triangulation.

Instead the company winked that it knew who made the tools when it chose the name and logo of the hacking campaign.

techcrunch.com/2026/03/09/a...

Ivan Fratric shares some tips and tricks for grammar fuzzing

projectzero.google/2026/03/muta...

MuddyWater Exposed: Inside an Iranian APT operation MuddyWater espionage campaign exposed

The Ctrl-Alt-Intel team has dumped the content of misconfigured command and control servers linked to the MuddyWater Iranian APT, aka Static Kitten, Mango Sandstorm, Earth Vetala, Seedworm, and TA450

ctrlaltintel.com/threat%20res...

phrack.org/issues/68/2#...
Another legend has crossed over. Thank you @fxv2.bsky.social for being your kind, brilliant self, whose contributions are too many to name, not just in hacking, but in being a superconnector who I now know is responsible for so many friendships & marriages. You are missed.

proof-of-concept/cve-2025-36632 at main · atredispartners/proof-of-concept Proof of concepts and other snippets. Contribute to atredispartners/proof-of-concept development by creating an account on GitHub.

On a recent engagement, we exploited a previously disclosed privilege escalation bug in Tenable's Nessus Agent. No public PoC was available, so we made one; check it out here github.com/atredispartn...

In the final part of his blog series, @tiraniddo.dev tells the story of how a bug was introduced into a Windows API.

Code re-writes can improve security, but it’s important not to forget the security properties the code needs to enforce in the process.

projectzero.google/2026/02/gphf...

WOOT '26 Call for Papers The 20th USENIX WOOT Conference on Offensive Technologies (WOOT '26) will take place at the Baltimore Marriott Waterfront in Baltimore, MD, USA, on August 10–11, 2026. The USENIX WOOT Conference aims ...

The Cycle 2 deadline for the USENIX WOOT Conference is in just one week (March 3, 2026).

Full details are available in the Call for Papers:
www.usenix.org/conference/w...

[RSS] Discovery & Analysis of CVE-2025-29969


www.safebreach.com ->

(Windows MS-EVEN RPC Remote Code Execution Vulnerability)


Original->

Guess what's out :)

We have disclosed CVE-2026-2329, a critical unauth stack-based buffer overflow vuln affecting the Grandstream GXP1600 series of VoIP phones. Read our disclosure on the @rapid7.com blog, including technical details for unauth RCE, and accompanying @metasploit-r7.bsky.social modules: r-7.co/4tIzope

UNC6201 Exploiting a Dell RecoverPoint for Virtual Machines Zero-Day | Google Cloud Blog UNC6201 utilizes a newly discovered zero-day in Dell RecoverPoint for Virtual Machines to deliver BRICKSTORM and subsequently backdoors.

A suspected Chinese APT, UNC6201, is exploiting a zero-day in Dell RecoverPoint for Virtual Machines

cloud.google.com/blog/topics/...

Three-part series Binarly on Supermicro BMC firmware authentication bypasses

Part 1: www.binarly.io/blog/ghost-i...
Part 2: www.binarly.io/blog/broken-...
Part 3: www.binarly.io/blog/have-yo...

#infosec

[RSS] IDA Pro 9.3 released


docs.hex-rays.com ->


Original->

Reconnaissance Has Begun for the New BeyondTrust RCE (CVE-2026-1731): Here's What We See So Far A PoC for CVE-2026-1731 hit GitHub on Feb 10. Within 24 hours, GreyNoise observed reconnaissance probing for vulnerable BeyondTrust instances.

It took less than a day. A PoC for BeyondTrust CVE-2026-1731 hit GitHub, and GreyNoise immediately started seeing reconnaissance from multi-exploit actors hiding behind VPNs + custom tooling. See what our data reveals about who’s mapping targets + how.

The February 2026 security updates are available:

CVE-2026-1731 | AttackerKB On February 6, 2026, BeyondTrust published an advisory for a new critical command injection vulnerability, CVE-2026-1731, affecting their products Remote Suppo…

We just published our @rapid7.com analysis of CVE-2026-1731, a critical command injection affecting BeyondTrust Privileged Remote Access (PRA) & Remote Support (RS). Unauthenticated RCE, with a root cause due to Bash arithmetic evaluation. Analysis/PoC here: attackerkb.com/topics/jNMBc...

Atredis identified a vulnerability in the way Rapid7's Nexpose was generating passwords to protect its Java KeyStore which is used to encrypt saved credentials. This vulnerability was reported to Rapid7 and a patch is being rolled out today! Check out the details here: github.com/atredispartn...

What Really Killed Flash Player: A Six-Year Campaign of Deliberate Platform Work This is what it actually took. From the person who architected and drove Chrome’s Flash deprecation from proposal to the final removal in…

The remarkable true story of how Flash was deprecated

medium.com/@aglaforge/w...

AMD updates installed without signature checking (from an HTTP link, no less)? /via @drwhax


mrbruh.com ->

Recent report about a nation-state implant that would be useful to exploit this:


blog.talosintelligence.com ->


Original->

Zero Day Initiative — CVE-2025-6978: Arbitrary Code Execution in the Arista NG Firewall In this excerpt of a TrendAI Research Services vulnerability report, Jonathan Lein and Simon Humbert of the TrendAI Research team detail a recently patched command injection vulnerability in the Arist...

CVE-2025-6978: Arbitrary Code Execution in the #Arista NG Firewall - our researchers took a deep dive into this recently patched RCE to provide root cause and detection guidance. Read all the details at www.zerodayinitiative.com/blog/2026/2/...

The Chrysalis Backdoor: A Deep Dive into Lotus Blossom’s toolkit Rapid7 Labs, together with the Rapid7 MDR team, has uncovered a sophisticated campaign attributed to the Chinese APT group Lotus Blossom.

Some IOCs for the Notepad++ backdoors from Rapid7, they're good. www.rapid7.com/blog/post/tr...

I will drop more later.

Registration is open to all RECon classes!

As usual, I’ll be teaching Windows Internals. This is the only time this year that the class is offered in North America 😊

And if windows isn’t your thing, there are lots of other great classes!

recon.cx/2026/en/trai...

Our intrepid 20%-er Dillon Franke exploited a vulnerability in CoreAudio. See his process for gaining privilege escalation on a Mac:

projectzero.google/2026/01/soun...

@steven.srcincite.io did some cool stuff, check it out!

srcincite.io/blog/2026/01...

Hadn't realised that the third party review of Twitter's chat protocol had been published and wow github.com/trailofbits/...

General Graboids: Worms and Remote Code Execution in Command & Conquer — Atredis Partners [this work was conducted collaboratively by Bryan Alexander and Jordan Whitehead] This post details several vulnerabilities discovered in the popular online game Command & Conquer: Generals. We…

Command & Conquer'd: worming RCEs through a classic multiplayer game. Check out the full writeup from our @districtcon.bsky.social Junkyard submission here:
www.atredis.com/blog/2026/1/...
By @droner.bsky.social and @jordan9001.bsky.social

#Security #modding #rce

New blog post is live! Xusheng tears apart a tiny Linux binary that really does not want to be reversed. Malformed ELF headers, segment tricks, layered XOR and RC4, plus a bunch of Binary Ninja tricks along the way. Read it here: binary.ninja/2026/01/23/r...

[RSS] Districton 1 Slides - Control the Variables and You Control the Code: Language-Level Vulnerabilities in Adobe ColdFusion


www.hoyahaxa.com ->


Original->