Ghosting AMSI: Cutting RPC to disarm AV | by Andrea Bocchetti | Apr, 2025 | Medium
https://medium.com/@andreabocchetti88/ghosting-amsi-cutting-rpc-to-disarm-av-04c26d67bb80
Microsoft announces fix for CPU spikes when typing in Outlook
https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-fix-for-cpu-spikes-when-typing-in-outlook/
Cyber Noir Detective
https://mr-r3b00t.github.io/cyber-detective/
Windows "inetpub" security fix can be abused to block future updates
https://www.bleepingcomputer.com/news/microsoft/windows-inetpub-security-fix-can-be-abused-to-block-future-updates/
Deobfuscation techniques: Peephole deobfuscation | CERT Polska
https://cert.pl/en/posts/2025/04/peephole-deobfuscation
Deploy Hidden Virtual Machine For VMProtections Evasion And Dynamic Analysis
https://r0ttenbeef.github.io/Deploy-Hidden-Virtual-Machine-For-VMProtections-Evasion-And-Dynamic-Analysis/
Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing
https://www.forrest-orr.net/post/malicious-memory-artifacts-part-i-dll-hollowing
2025 | OffensiveCon
https://www.offensivecon.org/agenda/2025.html
North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures
https://thehackernews.com/2025/04/north-korean-hackers-spread-malware-via.html
The curious case of the evt parameter - The Spanner
https://thespanner.co.uk/the-curious-case-of-the-evt-parameter
On SSRF (Server Side Request Forgery) or Simple Stuff Rodolfo Found — Part I | by Rodolfo Assis (Brute) | Medium
https://rodoassis.medium.com/on-ssrf-server-side-request-forgery-or-simple-stuff-rodolfo-found-part-i-4edf7ee75389
A Hands-On Guide to Active Directory Enumeration and Modification with ldap3 | Mostafa Toumi
https://mostafatoumi.github.io/posts/LDAP3_ADDC/
Mobile provider MTN says cyberattack compromised customer data
https://www.bleepingcomputer.com/news/security/mobile-provider-mtn-says-cyberattack-compromised-customer-data/
SAP fixes suspected Netweaver zero-day exploited in attacks
https://www.bleepingcomputer.com/news/security/sap-fixes-critical-netweaver-flaw-exploited-in-attacks/
D1T1%20-%20Exploiting%20the%20Lexmark%20PostScript%20Stack%20-%20Aaron%20Adams.pdf
https://conference.hitb.org/hitbsecconf2023hkt/materials/D1T1%20-%20Exploiting%20the%20Lexmark%20PostScript%20Stack%20-%20Aaron%20Adams.pdf
Baltimore City Public Schools data breach affects over 31,000 people
https://www.bleepingcomputer.com/news/security/baltimore-city-public-schools-data-breach-affects-over-31-000-people/
Windows x86 Manual Shellcode - Part 2
https://marcosvalle.github.io/re/exploit/2018/10/21/windows-manual-shellcode-part2.html
Craft CMS RCE exploit chain used in zero-day attacks to steal data
https://www.bleepingcomputer.com/news/security/craft-cms-rce-exploit-chain-used-in-zero-day-attacks-to-steal-data/
Windows x86 Manual Shellcode - Part 1
https://marcosvalle.github.io/re/exploit/2018/10/20/windows-manual-shellcode-part1.html
Bypassing AMSI with Dynamic API Resolution in PowerShell - ROOTFU.IN
https://rootfu.in/bypassing-amsi-with-dynamic-api-resolution-in-powershell/
Basic Reverse Engineering (writeup) - Part 0x00 - Ring 0x00
https://idafchev.github.io/blog/basic_reverse_engineering_part_1/
Code reuse in the age of kCET and HVCI - Slowerzs' blog
https://blog.slowerzs.net/posts/keyjumper/