exploit

Explains how the Mark-of-the-Web (MoTW) mechanism in Windows can be used to make installer applications behave differently depending on the website they are downloaded from, exploiting NTFS alternate data streams.

This article describes a proof-of-concept tool that exploits Slack's video embed feature to achieve end-to-end encrypted messaging within Slack, using browser crypto and openpgpjs.

Malware developers are adding text about nuclear and biological weapons to their spyware to trigger LLM safety refusals, preventing AI security scanners from analyzing the malware. This demonstrates a practical exploit of aggressive safety alignment, highlighting second-order blindspots that attackers can leverage.

A security vulnerability in objdump -g allows arbitrary code execution via a crafted FR30 object file due to a missing bounds check in the FR30 relocation handler, with a single-shot exploit that defeats ASLR and other mitigations.

Hackers exploited a bug in Meta's AI support chatbot to hijack over 20,000 Instagram accounts without two-factor authentication, prompting Meta to disable the tool and implement security measures.

Hackers are actively exploiting a critical remote code execution vulnerability (CVE-2026-3300) in the Everest Forms Pro WordPress plugin, affecting versions up to 1.9.12. The flaw allows unescaped form values to be passed to eval(), enabling full site compromise. Wordfence urges immediate plugin updates.

A security researcher discloses a critical vulnerability in VSCode's webview that allows attackers to steal full-access GitHub OAuth tokens by luring users to click a link. The bug affects the github.dev web editor.

Codex discovered a remote denial-of-service exploit dubbed 'HTTP/2 Bomb' that targets HPACK compression in major web servers (nginx, Apache, IIS, Envoy, Pingora), chaining a compression bomb with flow-control hold to exhaust server memory quickly.

Meta's AI support chatbot was exploited by hackers to hijack Instagram accounts, including high-profile ones, by tricking the bot into changing email addresses. Meta has since patched the issue.

A newly discovered Instagram exploit allows attackers to take over accounts by faking location and using Meta's support AI to reset email verification, bypassing 2FA. The vulnerability, which affected high-profile accounts, has been patched but was active for weeks.

Microsoft is facing backlash for threatening legal action against a security researcher who publicly posted zero-day exploits, with critics highlighting the company's inconsistent history with vulnerability disclosure.

A disgruntled security researcher known as Nightmare Eclipse has escalated a feud with Microsoft by threatening to dump more Windows zero-day exploits, after already releasing six. Microsoft has responded with a blog post and legal threats.

Microsoft's GitHub banned security researcher Nightmare-Eclipse after they posted zero-day Windows exploits. The researcher claims retaliation and promises further disclosure.

A detailed analysis of a use-after-free vulnerability in the Linux kernel's epoll subsystem, fixed by switching to RCU, and the author's failed attempts at exploiting it on a modern device.

The article reports on the PinTheft Linux exploit and tests its behavior on Debian with SELinux, finding that a strict SELinux configuration blocks the exploit.

A three-person team with AI assistance bypassed Apple's Memory Integrity Enforcement (MIE) in five days using two bugs and a clever idea, demonstrating a significant vulnerability in Apple's hardware-based kernel memory safety stack.

A security researcher examines the C# sandboxing in S&Box (Garry's Mod 2), which uses an API whitelist instead of a hardened runtime. By modifying the compile blacklist, they bypass the restrictions and crash the editor, demonstrating that the approach is insecure despite being similar to Space Station 14's system.

A kernel stack buffer overflow in FreeBSD 14.x's setcred(2) system call allows any unprivileged local user to escalate privileges to root, even with SMAP/SMEP enabled. The bug is not yet fixed in stable branches.

A security exploit in Chromium, thought to have been fixed four years ago, was found to actually remain unfixed, highlighting a significant oversight in the browser's security patching process.

Google published exploit code for an unfixed Chromium vulnerability that can turn browsers into a limited botnet, affecting Chrome, Edge, and other Chromium-based browsers. The vulnerability remains unpatched after 29 months.