All posts in Uncategorized

■■■■■ Researchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege Escalation. You Snooze You Lose: RPC-Racer Winning RPC Endpoints Against Services https://thehackernews.com/2025/08/researchers-detail-windows-epm.html

■■■■■ BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data. 🚫Boot.sdi Parsing Vulnerability (CVE-2025-48800) 🚫ReAgent.xml Exploitation (CVE-2025-48003) 🚫Trusted App Manipulation (CVE-2025-48804) 🚫BCD Configuration Attack (CVE-2025-48818) Mitigation: Enable TPM+PIN authentication for pre-boot verification. BitUnlocker – Multiple 0-days to Bypass BitLocker and Extract All Protected Data

■□□□□ Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ for Enterprise Researchers demonstrate how multi-turn “storytelling” attacks bypass prompt-level filters, exposing systemic weaknesses in GPT-5’s defenses. https://www.securityweek.com/red-teams-breach-gpt-5-with-ease-warn-its-nearly-unusable-for-enterprise/

🎃HOW APT37 EMPLOYED ROKRAT SHELLCODE AND STEGANOGRAPHIC TECHNIQUE ℹ️ Researchers have identified a new variant of RoKRAT, the malware associated with North Korea’s APT37 group. This version employs two-stage encrypted shellcode execution and steganography to conceal malicious code inside image files, enabling evasion from traditional detection methods. 📍 INFECTION VECTOR ■ The intrusion begins with…

■■■□□ Big Brother is watching: Wi-Fi signals can track you in your home It could open the door to mass surveillance. https://theweek.com/tech/wifi-signals-now-tracking-users-at-home

■■■■■ 📱 New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox Via Rare Linux Socket Feature. New Linux Kernel Vulnerability Directly Exploited from Chrome Renderer Sandbox Via Rare Linux Socket Feature

■■■■■ WinRAR zero-day exploited to plant malware on archive extraction. www.bleepingcomputer.com/news/security/winrar-zero-day-flaw-exploited-by-romcom-hackers-in-phishing-attacks/

■■■■□ A non native arrested for driving smishing SMS blasters around Vietnam 🇻🇳 Risk, Fraud & Security The fake base stations sent messages claiming recipients had to pay a traffic fine. Foreign National Arrested for Driving Smishing SMS Blasters around Vietnam

PHRACK – 72 72nd Edition of Phrack has been released in limited capacity. Full release in a few days. https://phrack.org/

■■□□□ ‘The best solution is to murder him in his sleep’: AI models can send subliminal messages that teach other AIs to be ‘evil,’ study claims. https://www.livescience.com/technology/artificial-intelligence/the-best-solution-is-to-murder-him-in-his-sleep-ai-models-can-send-subliminal-messages-that-teach-other-ais-to-be-evil-study-claims