New, by me at TechCrunch: The developer of the widely popular Wireguard VPN says he is also unable to ship software updates to Windows users after Microsoft locked his account, marking the second high-profile app developer (VeraCrypt) in the past few weeks to face this issue.
Lance Cain’s latest blog covers something we see a lot in real ops:
SSO → unexpected privilege escalation.
The new JamfHound update maps those paths in JAMF Pro & connects them to Okta. Now integrated with BloodHound Enterprise!
Check it out: https://ghst.ly/4t8EYQS
It appears that Microsoft removed the discovery of all domains in a tenant through ACS, a technique that I shared at my BH/DC talks last summer (though probably not many people spotted the reference). I found it out during a live demo of course 🙃
Chrome 137+ added a CNG wrinkle to App-Bound Encryption.
@harmj0y.bsky.social & @tifkin.bsky.social share how Nemesis 2.2 handles it, automating DPAPI decryption from SYSTEM & user masterkeys through Chromekey1 to cookie/login recovery, w/ retroactive artifact linking. https://ghst.ly/3OzfkFN
Havoc Professional Finally Released! 🕸️🕷️
I'm excited to finally share the work my team and I have put in over the past year. This is just the beginning of what we have planned.
www.infinitycurve.org/blog/release
Hey wake up! New offensive AWS meta just dropped! Thanks to Daniel Grzelak, we now have an effective oracle for determining if resources are publicly exposed without leaving logs. (As an offsec person) LFG!!!
www.plerion.com/blog/dont-ex...
On Apple M3, a Linux KDE plasma desktop under Fedora Asahi Remix is now WORKING! Super excited to share this update and happy to answer any questions! Co-credits to noopwafel and Shiz. :)
We are on the verge of the commoditization of exploitation. Every vuln will functionally have a public PoC available because attackers can generate them in minutes.
The advantage will increasingly belong to organizations that can detect, respond, and contain fast.
sean.heelan.io/2026/01/18/o...
I've been meaning to write more about "the unpatchable 4", which are a set of Kubernetes CVEs for which there are no patches, you need to mitigate them with configuration or architecture choices.
First up is CVE-2020-8554.
securitylabs.datadoghq.com/articles/unp...
SmarterMail Pre-auth RCE (@chudyPB + @SinSinology), Claude Code code execution (@ryotkak), VSS create (@RicardoJoseRF ), EDRStartupHinder (@TwoSevenOneT), and more!
blog.badsectorlabs.com/last-week-in...
Fortinet warns of critical FortiCloud SSO login auth bypass flaws www.bleepingcomputer.com/news/securit...
TIL: On peut mettre des coordonnées GPS dans un record DNS !
en.wikipedia.org/wiki/LOC_rec...
Pour tester ça : on se retrouve à l'adresse une-tasse-de.cafe le 12 & 13 février 😇
The new version of RTO II is finally available to purchase.
www.zeropointsecurity.co.uk/course/red-t...
So it sure looks like someone invented a fake Russian advance in Ukraine to manipulate the online gambling market Polymarket. Gamblers are making money by betting on the outcomes of battles big and small in the war. Edited map is run by DC-based think tank
www.404media.co/unauthorized...
Un rappel sur la fiction du contrôle des risques que constituent ces équipements pour les agris.
theconversation.com/pesticides-q...
Landed a new gowitness release, this time focussing on performance! 🎉 v3.1.0
github.com/sensepost/go...
Actual threat intelligence! A few friends and I identified a new reverse phishing campaign leveraging Entra Guest User invitations.
This campaign was newly discovered and corroborated. I recommend reviewing organization email for these invitations.
taggart-tech.com/ent...
📣 Material for MkDocs Insiders now free for everyone!
With 9.7.0, we release all Insiders features previously exclusive to sponsors! This marks the last version of Material that includes new features, as we now enter maintenance mode.
A thread ⬇ 1/4
squidfunk.github.io/mkdocs-mater...
Same, I followed their webinar and now I'm less worried about getting replaced by AI :)
New blog post up: I spent a lot of time researching Nano Banana, Google's new generative AI model, and not only is it substantially better than ChatGPT, it is capable of taking extremely nuanced prompts even thousands of tokens long to generate exactly what you want. minimaxir.com/2025/11/nano...
"I did give a heads up to Elastic before publishing this post. They have taken this technique into account and are working on updates to the detection rules to catch this."
"Provided as a Crystal Palace shared library. Format inspired by @rastamouse.me 's LibTP. "
Ground truth security research.
The FBI is trying to unmask the owner of infamous archiving site Archive.is, according to a subpoena the site posted. No other information given, the site quietly posted the document a few days ago. FBI telling domain registrar to hand over all sorts of ID'ing info
www.404media.co/fbi-tries-to...
Found an XSS but got blocked by the CSP?
https://cspbypass.com has a compiled list of ways to bypass the Content-Security Policy. Check out the video below 👇
Parts 136 and 137 of the UK ICO report detail the Costs of Implementation of Active Directory tiering at Capita. Specifically, acknowledging that this Standard of Care requires a complex, potentially costly, and resource-intensive task to meet.
Penalty Notice Capita Plc by UK ICO
Detailed breach analysis after 2023 ransomware attack. £14M fine. Which standards of care weren't met?
* Understaffed SOC (1 analyst/shift)
* 58hr SOC response vs. 4.5hr AD takeover
* Failure to implement Active Directory tiering.
ico.org.uk/media2/pv5nh...
pagedout.institute ← we've just released Paged Out! zine Issue #7
pagedout.institute/download/Pag... ← direct link
lulu.com/search?page=... ← prints for zine collectors
pagedout.institute/download/Pag... ← issue wallpaper
Enjoy!
Please please please share to spread the news - thank you!
I'll unpack a few thoughts on this...
