**Research by:** Antonis Terefos ( **@Tera0017**) The **Pure malware family** is a suite of malicious tools developed and sold by the author known as **PureCoder**. This suite includes **PureHVNC RAT** (a remote administration tool and predecessor to **PureRAT**), **PureCrypter** (a malware obfuscator), **PureLogs** (a stealer/logger), and several other tools. The malicious software is advertised and distributed through underground forums, Telegram channels, […]

# Dissecting DCOM part 1 This is the first article on the “Dissecting DCOM” series. This article aims at giving an introduction to the base principles of COM and DCOM protocols as well as a detailed network analysis of DCOM. No previous knowledge is required. The following articles will dig […]

Check Point Research discovered a new ransomware group on September 5. The group calls themselves Yurei (a sort of spirit in Japanese folklore), and initially listed one victim, a Sri Lankan food manufacturing company, on their darknet blog. These blogs are used by ransomware groups to list their victims, show […]

During our security research in 2024, we discovered several vulnerabilities in Apache Foundation projects that seem to have gotten ’lost in translation’ between our bug reports and the CVE assignment process. While we’ve been patiently waiting for these findings to officially ‘count,’ they’ve apparently been stuck longer than a software […]

# You Already Have Our Personal Data, Take Our Phone Calls Too (FreePBX CVE-2025-57819) We’re back – it’s a day, in a month, in a year – and once again, something has _happened._ In this week’s episode of “the Internet is made of string and there is literally no evidence […]

**security-research** Public # FFmpeg – Heap-buffer-overflow write in jpeg2000dec ## Package ## Affected versions ## Patched versions ## Description ### Summary The vulnerability lies in the Channel Definition cdef atom of JPEG2000 which is used to define the mapping of associated components to channels. If a chroma-subsampled pixel format is […]

/ **security-research** Public # ChatGPT Agent – XSS on file://home/oai/redirect.html ## Package ChatGPT Agent (OpenAI) ## Affected versions SaaS ## Patched versions None ## Description ### Summary ChatGPT’s Agent mode can use a browser inside a remote VM (just like Operator). `file:///home/oai/redirect.html` is a file available in the remote VM […]

# Windows Internals: Secure Calls – The Bridge Between NT and SK ## Introduction As many are aware, without the presence of Hyper-V on modern Windows systems – kernel-mode is the “highest privilege boundary” in terms of the OS. Because the kernel is responsible for privileged operations (like memory-management) a […]

Researcher **Published:** 03 September 2025 at 14:46 UTC **Updated:** 03 September 2025 at 14:46 UTC Browsers added cookie prefixes to protect your sessions and stop attackers from setting harmful cookies. In this post, you’ll see how to bypass cookie defenses using discrepancies in browser and server logic. For a visual […]

# ksmbd – Fuzzing Improvements and Vulnerability Discovery (2/3) 02 Sep 2025 – Posted by Norbert Szetei ## Introduction This is a follow-up to the article originally published here. Our initial research uncovered several unauthenticated bugs, but we had only touched the attack surface lightly. Even after patching the code […]