July 9, 2026 at 04:25PM

■■■□□ no-gdid: Read, understand, and silence the Windows Global Device Identifier (GDID) — the hidden per-account device ID that helped the FBI locate a suspect who was using a VPN. 👮 the best option is to switch Microsoft products out of environment completely. At ckure, we use Fedora. https://github.com/Korben00/no-gdid

July 9, 2026 at 12:58AM

■■■■■ 💻 Windows kernel exploitation series. https://mdanilor.github.io/posts/hevd-0/ https://mdanilor.github.io/posts/hevd-1/ https://mdanilor.github.io/posts/hevd-2/ https://mdanilor.github.io/posts/hevd-3/ https://mdanilor.github.io/posts/hevd-4/

July 8, 2026 at 08:28PM

■■■■■ EvilTokens phishing can look clean during URL checks. The real page stays encrypted until it opens in the victim’s browser, then uses Microsoft device-code phishing to push toward Microsoft 365 account takeover. The blind spot is browser visibility, not just email scanning. https://thehackernews.com/2026/07/new-ghost-phishing-wave-is-breaking.html

July 6, 2026 at 04:39PM

■■■□□ 🇮🇷 Cavern Manticore: Exposing Iran-Linked Modular C2 Framework CP reveals: 🎯 Israeli Gov & IT sector targeted 🧩 Novel modular “Cavern” C2 framework, 3 .NET formats 🕵️ Iran-nexus; MOIS ties to MuddyWater & Lyceum 👻 Most samples: zero VT hits https://research.checkpoint.com/2026/cavern-manticore-exposing-iran-linked-modular-c2-framework/

July 6, 2026 at 07:51AM

■■■■□ ⚪️⚪️⚪️🔺🔺⚪️ ⚪️⚪️🔺⚪️🔺⚪️🔺 Exploit for Exynos devices to gain ACE in BootROM context. A length parameter left unchecked in the USB Control Request code allows iRAM to be dumped, modified and resent to the device, allowing for code execution. https://github.com/halal-beef/houston-pub