Kernel Data Protection (KDP) is a Windows 11 VBS feature that allows drivers to protect their data from being modified by other kernel drivers or malware that achieved kernel write access. It actually contains two separate features: static and dynamic KDP. Static KDP, that allows drivers to enforce read-only protection […]

# CVE-2026-33824: Remote Code Execution in Windows IKEv2 April 23, 2026 | TrendAI Research Team _In this excerpt of a TrendAI Research Services vulnerability report, Richard Chen and Lucas Miller of the TrendAI Research team detail a recently patched double free vulnerability in the Windows Internet Key Exchange (IKE) service. […]

# Say hi to Pike! In this article we will introduce Pike, an experimental LLM agent that generates and analyzes Linux program execution traces. We will show that with its simple architecture paired with a good LLM, Pike can quickly help debug a crash, identify malware, or give valuable high […]

# Responsible disclosure report: 180 vulnerabilities in Samsung preinstalled apps Over three years of security research into Samsung’s preinstalled system applications, Oversecured identified 180 vulnerabilities — the largest single mobile security disclosure in history. All issues were responsibly disclosed and patched by Samsung. ## The problem ### The unmapped attack […]

CVE-2026-34632 A privilege escalation vulnerability exists during the installation of Adobe Photoshop via the Microsoft Store. The vulnerable version of the installer is Photoshop_Set-Up.exe 2.11.0.30. A low-privilege user can replace files during the installation process, which may result in unintended elevation of privileges. The versions below were either tested or […]

# Hooking Windows Named Pipes During security assessments, we often see desktop applications composed of several processes. Some of them run as SYSTEM, and others run in the user session context, meaning they are unprivileged. These processes need to communicate in some way, and often use Windows Named Pipes as […]

The **Gentlemen** ransomware‑as‑a‑service (RaaS) operation is a relatively new group that emerged around mid‑2025. The operators advertise their services across multiple underground forums, promoting their ransomware platform and inviting penetration testers (and other technically skilled actors) to join as affiliates. The RaaS provides affiliates with multi‑OS lockers for Windows, Linux, […]

# Some notes on the security properties of the pipe_buffer kernel object Many exploits of Linux kernel vulnerabilities use the `pipe_buffer` kernel object to build strong exploit primitives. When I was experimenting with my personal project kernel-hack-drill, I discovered some interesting properties of `pipe_buffer`, which may not be described in […]

Redirecting to https://geekcon.top/whitepaper/Embodied-AI-Security-Humanoid-Robots-2604.pdf. Securing Embodied AI: A Technical White Paper on Humanoid RobotsRedirecting to https://geekcon.top/whitepaper/Embodied-AI-Security-Humanoid-Robots-2604.pdf.

# CFITSIO Fuzzing: Memory Corruptions and a Codex-Assisted Pipeline 20 Apr 2026 – Posted by Adrian Denkiewicz Have you ever wondered how those amazing space photos are taken? Are they exclusive to the big telescopes floating in space or can you take one from your backyard? What does it take […]