konik_polanowy

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.04.14.md

Pwning Santa before the bad guys do - https://dangerzone.rocks/news/2025-12-10-santa-pwn/

Lessons Learned From RITSEC CTF - https://sylvie.fyi/posts/ritsec-2026/

BitLocker's Little Secrets: The Undocumented FVE API - https://itm4n.github.io/bitlocker-little-secrets-the-undocumented-fve-api/

Bypassing egress filtering in BullFrog GitHub Action - https://devansh.bearblog.dev/bullfrog-dns-pipelining/

Introducing VulHunt: A High-Level Look at Binary Vulnerability Detection - https://www.binarly.io/blog/vulhunt-intro

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.04.12.md

VMware Guest To Host - https://r0keb.github.io/posts/VMware-Guest-To-Host/

mitmproxy for fun and profit: Interception and Analysis of Application Traffic - https://www.synacktiv.com/en/publications/mitmproxy-for-fun-and-profit-interception-and-analysis-of-application-traffic

Another Crack in the Chain of Trust: Uncovering (Yet Another) Secure Boot Bypass - https://www.binarly.io/blog/another-crack-in-the-chain-of-trust

Illuminating VoidLink: Technical analysis of the VoidLink rootkit framework - https://www.elastic.co/security-labs/illuminating-voidlink

Clang Hardening Cheat Sheet - Ten Years Later - https://blog.quarkslab.com/clang-hardening-cheat-sheet-ten-years-later.html

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.04.10.md

Sleeping Beauty: Putting Adaptix to Bed with Crystal Palace - https://maorsabag.github.io/posts/adaptix-stealthpalace/sleeping-beauty/

Total.js RCE gadgets all around - https://lab.ctbb.show/research/totaljs-rce-gadgets

Hunting Bugs in Linux Kernel With KASAN: How to Use it & What's the Benefit? - https://slavamoskvin.com/hunting-bugs-in-linux-kernel-with-kasan-how-to-use-it-whats-the-benefit/

Revisiting Two-Shot Kernel Shellcode Execution From Control Flow Hijacking - https://blog.zolutal.io/two-shot-kernel-shellcode/

Milking the last drop of Intego - Time for Windows to get its LPE - https://blog.quarkslab.com/milking-the-last-drop-of-intego-time-for-windows-to-get-its-lpe.html

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.04.08.md

Now You See mi: Now You're Pwned - https://labs.taszk.io/articles/post/nowyouseemi/

Unwind Data Can't Sleep - Introducing InsomniacUnwinding - https://lorenzomeacci.com/unwind-data-cant-sleep-introducing-insomniacunwinding

CVE-2025-64669: Uncovering Local Privilege Escalation Vulnerability in Windows Admin Center - https://cymulate.com/blog/cve-2025-64669-windows-admin-center/

When Audits Fail Part 2: From Pre-Auth SSRF to RCE in TRUfusion Enterprise - https://www.rcesecurity.com/2026/02/when-audits-fail-from-pre-auth-ssrf-to-rce-in-trufusion-enterprise/

From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510) - https://boschko.ca/unitree-go2-rce

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.04.06.md

8 Million Users' AI Conversations Sold for Profit by "Privacy" Extensions - https://www.koi.ai/blog/urban-vpn-browser-extension-ai-conversations-data-collection

Attempting Cross Translation Unit Taint Analysis for Firefox - https://attackanddefense.dev/2025/12/16/attempting-cross-translation-unit-static-analysis.html

Defending Against L7 DDoS and Web Bots with Tempesta FW - https://tempesta-tech.com/blog/defending-against-l7-ddos-and-web-bots-with-tempesta-fw/

Hacking Moltbook: The AI Social Network Any Human Can Control - https://www.wiz.io/blog/exposed-moltbook-database-reveals-millions-of-api-keys

Makop ransomware: GuLoader and privilege escalation in attacks against Indian businesses - https://www.acronis.com/en/tru/posts/makop-ransomware-guloader-and-privilege-escalation-in-attacks-against-indian-businesses/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.04.04.md

68% Of Phishing Websites Are Protected by CloudFlare - https://blog.sicuranext.com/68-of-phishing-websites-are-protected-by-cloudflare/

N-Day Research with AI: Using Ollama and n8n - https://ghostbyt3.github.io/blog/nday-research-ai

Defeating Anti-Reverse Engineering: A Deep Dive into the 'Trouble' Binary - https://binary.ninja/2026/01/23/reversing-linux-anti-re.html

Vulnerability Research Is Cooked - https://sockpuppet.org/blog/2026/03/30/vulnerability-research-is-cooked/

A Sliver dropper that asks GPT-4 for permission - https://www.derp.ca/research/ai-gated-sliver-dropper/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.04.02.md

DiceCTF 2026 Quals - https://ptr-yudai.hatenablog.com/entry/2026/03/16/174349

Declarative Binary Parsing for Security Research with Kaitai Struct - https://husseinmuhaisen.com/blog/declarative-binary-parsing-for-security-research-with-kaitai-struct/

SekaiCTF 2023 - Leakless Note - https://www.kalmarunionen.dk/writeups/2023/sekai/leakless-notes/

Creative approaches to coding FUD Stagers - https://g3tsyst3m.com/fud/Creative-approaches-to-coding-a-FUD-Stagers/

How to Use Ghidra to Analyse Shellcode and Extract Cobalt Strike Command & Control Servers - https://www.embeeresearch.io/ghidra-basics-shellcode-analysis/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.31.md

Privilege escalation with SageMaker and there's more hiding in execution roles - https://www.plerion.com/blog/privilege-escalation-with-sagemaker-and-execution-roles

The art of Self-Mutating Malware - https://f00crew.org/0x48

Abusing Modern Browser Features for Phishing - https://certitude.consulting/blog/en/abusing-modern-browser-features-for-phishing/

An Operators Guide to Beacon Object Files - https://maldev.nl/posts/operator-guide-bof/

Reversing BEDaisy.sys: Static Analysis of BattlEye's Kernel Anti-Cheat Driver - https://s4dbrd.github.io/posts/reversing-bedaisy/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.29.md

In WAF we (should not) trust - https://blog.quarkslab.com/in-waf-we-should-not-trust.html

Run XDRInternals as GitHub Action - https://cloudbrothers.info/en/run-xdrinternal-github-action/

Introducing ConfigManBearPig, a BloodHound OpenGraph Collector for SCCM - https://specterops.io/blog/2026/01/13/introducing-configmanbearpig-a-bloodhound-opengraph-collector-for-sccm/

NTLM-Relaying in 2026 - https://seccore.at/blog/ntlmrelay1/

Scam Telegram: Uncovering a network of groups spreading crypto drainers - https://timsh.org/scam-telegram-investigation/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.27.md

Securing AMR Fleets with MCP: A CAI-Powered Multi-Source Analysi - https://casestudies.aliasrobotics.com/sublight-shipping-mcp/

Can it Resolve DOOM? Game Engine in 2,000 DNS Records - https://blog.rice.is/post/doom-over-dns/

Brbbot: Full Malware Analysis & Reverse Engineering - https://7amthereaper.github.io/posts/brbbot-full-analysis/

Debugging - WinDBG & WinDBGX Fundamentals - https://www.corelan.be/index.php/2026/03/23/debugging-windbg-windbgx-fundamentals/

RCE in Google's AI code editor Antigravity - $10000 Bounty - https://www.hacktron.ai/blog/hacking-google-antigravity

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.25.md

mediatek? more like media-rekt, amirite - https://blog.coffinsec.com/0days/2025/12/15/more-like-mediarekt-amirite.html

Ghost in the PPL – LSASS Memory Dump - https://core-jmp.org/2026/03/ghost-in-the-ppl-lsass-memory-dump/

The Anatomy of a Bulletproof Hoster: A Data-Driven Reconstruction of Media Land - https://disclosing.observer/2025/11/24/bulletproof-hoster-anatomy-data-driven-reconstruction.html

Exploiting A Pre-Auth RCE in W3 Total Cache For WordPress <= 2.9.1 (CVE-2025-9501) - https://www.rcesecurity.com/2025/11/exploiting-a-pre-auth-rce-in-w3-total-cache-for-wordpress-cve-2025-9501/

Sleeping Beauty: Putting Adaptix to Bed with Crystal Palace - https://maorsabag.github.io/posts/adaptix-stealthpalace/sleeping-beauty/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.23.md

Split-Second Side Doors: How Bot-Delegated TOCTOU Breaks The CI/CD Threat Model - https://boostsecurity.io/blog/split-second-side-doors-how-bot-delegated-toctou-breaks-the-cicd-threat-model

Write Path Traversal to a RCE Art Department - https://lab.ctbb.show/research/write-path-traversal-to-RCE-art-department

Making Serialization Gadgets by Hand - Java - https://www.vulncheck.com/blog/making-java-gadgets

Driver Reverse Engineering 101 - Part I: Static Analysis - https://eversinc33.com/2025/08/15/driver-reverse-engineering-101

Running code in a PAX Credit Card Payment Machine (part1) - https://lucasteske.dev/2025/09/running-code-in-pax-machines

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.21.md

When Updates Backfire: RCE in Windows Update Health Tools - https://research.eye.security/rce-windows-update-health-tools/

Live Updates: Sha1-Hulud, The Second Coming - Hundreds of NPM Packages Compromised - https://www.koi.ai/incident/live-updates-sha1-hulud-the-second-coming-hundred-npm-packages-compromised

Stealthy WMI lateral movement - StealthyWMIExec.py - https://ghaleb0x317374.github.io/2026/03/15/Stealthy-WMI-lateral-movement-StealthyWMIExec.py.html

GlassWorm: Part 2. Infrastructure rotation and GitHub injection - https://codeberg.org/tip-o-deincognito/glassworm-writeup/src/branch/main/PART2.md

Introducing RelayKing – Relay To Royalty - https://www.depthsecurity.com/blog/introducing-relayking-relay-to-royalty/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.19.md

Bypassing Detections with Command-Line Obfuscation - https://www.wietzebeukema.nl/blog/bypassing-detections-with-command-line-obfuscation

Gotchas in Email Parsing - Lessons From Jakarta Mail - https://www.elttam.com/blog/jakarta-mail-primitives/

Ticket Tricking OpenSSL.org with Google Groups - https://spaceraccoon.dev/ticket-trick-openssl-google-groups/

Python packages to create extensive spy program - https://audits.blockhacks.io/audit/python-packages-to-create-spy-program

0x00 - Introduction to Windows Kernel Exploitation - https://wetw0rk.github.io/posts/0x00-introduction-to-windows-kernel-exploitation/

#informatyka

484 + 1 = 485

Tytuł: Nowe zimne wojny. Chiny, Rosja i wyzwanie rzucone Ameryce

Autor: David E. Sanger

Kategoria: reportaż

Format: e-book

Ocena: 8/10

Lubię jak pewne informacje, które kiedyś czytałem łączą się w pewien sposób. Ta książka jest właśnie takim łącznikiem mniej czy też bardziej istotnych wydarzeń. Opisuje tak ostatnie 20-30 lat głównie skupiając się na Europie i szeroko pojętym handlu. Więc dobrze wiedzieć co się działo podczas "oryginalnej" zimnej wojnie. Warto też wiedzieć, o co chodzi z chipami, AI i globalnymi łańcuchami dostaw. Książka jest tak do dalszej połowy 2023 roku, więc jest wojna na Ukrainie, Biden i faktyczne realia użycia przez Rosję broni jądrowej. Są też niesnaski pomiędzy USA a Ukrainą, ta pierwsza stosowała "gotowanie żaby" wraz z patrzeniem na reakcję Putina a druga chciała wszystkiego na już. W kontekście wojny kończy się na zamarciu ukraińskiej ofensywy z czerwca 2023 roku. Z plusów można jeszcze dać cyberbezpieczeństwo w postaci rosyjskich grup ransomware przeciw USA czy Kanadzie. "Zatopienie" tego w polityce jest bardzo ważne, gdyż nadaje temu kontekst. Z minusów to książka bardzo skupia się na Bidenie, pomijając wręcz pierwszą kadencję Trumpa. Szkoda, bo byłaby obiektywna. Chociaż autor wykorzystywał swoje bezpośrednie kontakty z administracją Białego Domu, a mniej z dokumentów.

Wygenerowano za pomocą https://bookmeter.xyz

#bookmeter

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.17.md

MacOS Infection Vector: Using AppleScripts to bypass Gatekeeper - https://pberba.github.io/security/2025/11/11/macos-infection-vector-applescript-bypass-gatekeeper/

[Research] LLVM based VMProtect Devirtualization: Part 1 (EN) - https://hackyboiz.github.io/2025/09/11/banda/LLVM_based_VMP/en/

Making CloudFlare Workers Work for Red Teams - https://blog.zsec.uk/capd/

N-able N-central: From N-days to 0-days - https://horizon3.ai/attack-research/attack-blogs/n-able-n-central-from-n-days-to-0-days/

Corrupting the Hive Mind: Persistence Through Forgotten Windows Internals - https://www.praetorian.com/blog/corrupting-the-hive-mind-persistence-through-forgotten-windows-internals/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.15.md

An Introduction to Bypassing User Mode EDR Hooks - https://malwaretech.com/2023/12/an-introduction-to-bypassing-user-mode-edr-hooks.html

Reverse Engineering Binaries With AI - https://landaire.net/reverse-engineering-with-ai/

A Cracker Barrel vulnerability - https://eaton-works.com/2025/11/17/cracker-barrel-hack/

Achieving remote code execution in LangSmith Playground using unsafe template formatting - https://lab.ctbb.show/research/langsmith-unsafe-formatting-to-rce

Introducing Julius: Open Source LLM Service Fingerprinting - https://www.praetorian.com/blog/introducing-julius-open-source-llm-service-fingerprinting/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.13.md

BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow - https://appomni.com/ao-labs/bodysnatcher-agentic-ai-security-vulnerability-in-servicenow/

Arbitrary App Installation on Intune Managed Android Enterprise BYOD - https://jgnr.ch/sites/android_enterprise.html

ARM64 Reversing And Exploitation Part 4 – Using mprotect() to bypass NX Protection - https://8ksec.io/arm64-reversing-and-exploitation-part-4-using-mprotect-to-bypass-nx-protection-8ksec-blogs/

No Leak, No Problem – Bypassing ASLR with a ROP Chain to Gain RCE - https://modzero.com/en/blog/no-leak-no-problem/

Developing An AI Vishing Model For £37.49 - https://http418infosec.com/developing-an-ai-vishing-model-for-37-49

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.11.md

Defeating Windows DEP Using ROP Chains Leveraging VirtualAlloc - https://screetsec.com/blog/defeating-windows-dep-using-rop-chains-leveraging-virtualalloc

When Windows takes a nap and leaves you evidence: Inside hiberfil.sys - https://www.magnetforensics.com/blog/when-windows-takes-a-nap-and-leaves-you-evidence-inside-hiberfil-sys/

CVE-2025-68668: Breaking Out of the Python Sandbox in n8n - https://www.smartkeyss.com/post/cve-2025-68668-breaking-out-of-the-python-sandbox-in-n8n

A 0-click exploit chain for the Pixel 9 Part 1: Decoding Dolby - https://projectzero.google/2026/01/pixel-0-click-part-1.html

Competing in Pwn2Own ICS 2022 Miami: Exploiting a zero click remote memory corruption in ICONICS Genesis64 - https://doar-e.github.io/blog/2023/05/05/competing-in-pwn2own-ics-2022-miami-exploiting-a-zero-click-remote-memory-corruption-in-iconics-genesis64/

#informatyka

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2026.03.09.md

Next Generation Endpoint Security Check Your Privilege: The Curious Case of ETW's SecurityTrace Flag - https://www.originhq.com/blog/securitytrace-etw-ppl

RondoDox v2: Evolution of RondoDox Botnet with 650% More Exploits - https://beelzebub.ai/blog/rondo-dox-v2/

CVE-2025-43530: Exploiting a private API for VoiceOver - https://jhftss.github.io/CVE-2025-43530/

Privilege Escalation With Jupyter From the Command Line - https://www.adversis.io/blogs/privilege-escalation-with-jupyter-from-the-command-line

LANDFALL: New Commercial-Grade Android Spyware in Exploit Chain Targeting Samsung Devices - https://unit42.paloaltonetworks.com/landfall-is-new-commercial-grade-android-spyware/

#informatyka