vulhub/nexus/CVE-2024-4956 at master · vulhub/vulhub · GitHub
https://github.com/vulhub/vulhub/tree/master/nexus/CVE-2024-4956
Injecting code into PPL processes without vulnerable drivers on Windows 11 - Slowerzs' blog
https://blog.slowerzs.net/posts/pplsystem/
KB Security Advisory EPM May 2024
https://forums.ivanti.com/s/article/KB-Security-Advisory-EPM-May-2024?language=en_US
Shazzer - Shared online fuzzing
https://shazzer.co.uk/vectors/cheat-sheets
How to create your own mythic agent in C - Red Team SNCF
https://red-team-sncf.github.io/how-to-create-your-own-mythic-agent-in-c.html
APT_REPORT/summary/2024/rapid7_2024_attack_intelligence_report.pdf at master · blackorbird/APT_REPORT · GitHub
https://github.com/blackorbird/APT_REPORT/blob/master/summary/2024/rapid7_2024_attack_intelligence_report.pdf
GitHub - es3n1n/no-defender: A slightly more fun way to disable windows defender. (through the WSC api)
https://github.com/es3n1n/no-defender
GitHub - W01fh4cker/CVE-2024-21683-RCE: CVE-2024-21683 Post Auth RCE
https://github.com/W01fh4cker/CVE-2024-21683-RCE
The End of an Era: Microsoft Phases Out VBScript for JavaScript and PowerShell
https://thehackernews.com/2024/05/the-end-of-era-microsoft-phases-out.html
Old new email attacks - Slonser Notes
https://blog.slonser.info/posts/email-attacks/
Nmap Dashboard Using Grafana | HackerTarget.com
https://hackertarget.com/nmap-dashboard-with-grafana/
WhatsApp Vulnerability Lets Governments See Who You Message
https://theintercept.com/2024/05/22/whatsapp-security-vulnerability-meta-israel-palestine/
Writing your own RDI /sRDI loader using C and ASM
https://blog.malicious.group/writing-your-own-rdi-srdi-loader-using-c-and-asm/
Newly Detected Chinese Group Targeting Military, Government Entities - SecurityWeek
https://www.securityweek.com/newly-detected-chinese-group-targeting-military-government-entities/
Inside the iOS bug that made deleted photos reappear
https://synacktiv.com/publications/inside-the-ios-bug-that-made-deleted-photos-reappear
NYSE Operator Intercontinental Exchange Gets $10M SEC Fine Over 2021 Hack - SecurityWeek
https://www.securityweek.com/nyse-operator-intercontinental-exchange-gets-10m-sec-fine-over-2021-hack/
High-severity GitLab flaw lets attackers take over accounts
https://www.bleepingcomputer.com/news/security/high-severity-gitlab-flaw-lets-attackers-take-over-accounts/
Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search
https://www.bleepingcomputer.com/news/microsoft/microsoft-outage-affects-bing-copilot-duckduckgo-and-chatgpt-internet-search/
Malware Transmutation! - Unveiling the Hidden Traces of BloodAlchemy - Researcher Blog - ITOCHU Cyber & Intelligence Inc.
https://blog-en.itochuci.co.jp/entry/2024/05/23/090000
Malware Transmutation (新マルウェア錬成)!知られざる BloodAlchemy の証跡を解き明かす - ITOCHU Cyber & Intelligence Inc.
https://blog.itochuci.co.jp/entry/2024/05/23/090000
New Frontiers, Old Tactics: Chinese Espionage Group Targets Africa & Caribbean Govts
https://thehackernews.com/2024/05/new-frontiers-old-tactics-chinese-cyber.html
CVE-2024-4761: v8 missing check of WasmObject type cast causes type confusion and OOB access
https://buptsb.github.io/blog/post/CVE-2024-4761-%20v8%20missing%20check%20of%20WasmObject%20type%20cast%20causes%20type%20confusion%20and%20OOB%20access.html
Attacking .NET
https://blog.devsecopsguides.com/attacking-dotnet
HackerOne | Report #2487889 - Insecure Direct Object Reference (IDOR) Allows Viewing Private Report Details via /bugs.json Endpoint | HackerOne
https://hackerone.com/reports/2487889
New ransomware group abusing BitLocker | Securelist
https://securelist.com/ransomware-abuses-bitlocker/112643/
SensePost | Sim hijacking
https://sensepost.com/blog/2022/sim-hijacking/