This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

# Site Unseen: Enumerating and Attacking Active Directory Sites Active Directory Sites are a feature allowing to optimize network performance and bandwidth usage in AD internal environments. They are commonly implemented by large, geographically dispersed organizations spanning accross multiple countries or continents. Sites did not receive much attention by the […]

This website is using a security service to protect itself from online attacks. The action you just performed triggered the security solution. There are several actions that could trigger this block including submitting a certain word or phrase, a SQL command or malformed data. You can email the site owner […]

By Andrey Charikov and Oded Vanunu **Key Findings:** Launched in March 2017, Microsoft Teams has become one of the most widely used communication and collaboration platforms in the world. As part of the Microsoft 365 family, Teams provides workplaces with chat, video conferencing, file storage, and application integration to more […]

_Posted by Seth Jenkins, Project Zero_ # Introduction I’ve recently been researching Pixel kernel exploitation and as part of this research I found myself with an excellent arbitrary write primitive…but without a KASLR leak. As necessity is the mother of all invention, on a hunch, I started researching the Linux […]

**Research by: Alexey Bukhteyev** XLoader is a widely observed malicious loader with information-stealing capabilities. It first surfaced in 2020 as a rebrand of the FormBook code base, a well-known and capable information stealer, and has since undergone substantial hardening and feature growth. In addition to the Windows variant, its developers […]

## The Target: Brother MFC-J1010DW – Affected Models: `Brother Printer MFC-J1010DW` – Vulnerable Firmware: `Version <= 1.18` ## TL;DR: The Vulnerability Chain We discovered three vulnerabilities that when chained together, allow for complete remote compromise: – **Authentication Bypass via SNMP**- Retrieve the printer’s serial number without authentication, allowing attackers to […]

Check Point Research (CPR) identified three security vulnerabilities in the _Graphics Device Interface (_ `GDI`) in Windows. We promptly reported these issues to Microsoft, and they were addressed in the _Patch Tuesday_ updates in May, July, and August 2025. These are the vulnerabilities: Vulnerability disclosures such as these highlight the need for proactive […]

# Creating a “Two-Face” Rust binary on Linux In this article we will describe a technique to easily create a “Two-Face” Rust binary on Linux: an executable file that runs a harmless program most of the time, but will run a different, hidden code if deployed on a specific target […]