Jacob Jackson

What if the attack paths you’re missing are outside your core identity stack? 🤔 Join @JustinKohler10 & @jaredcatkinson March 31 to see how BloodHound Enterprise now maps risk across Okta, GitHub, and Mac environments. Save your spot! ghst.ly/4bFEnir

YES! Someone reverse-engineered Apple's Neural Engine and trained a neural network on it. Apple never allowed this. ANE is inference-only. No public API, no docs. They cracked it open anyway. Why it matters: • M4 ANE = 6.6 TFLOPS/W vs 0.08 for an A100 (80× more efficient) • "38 TOPS" is a lie - real throughput is 19 TFLOPS FP16 • Your Mac mini has this chip sitting mostly idle Translation: local AI inference that's faster AND uses almost no power. Still early research but the door is now open. → github.com/maderix/ANE #AI #MachineLearning #AppleSilicon #LocalAI #OpenSource #ANE #CoreML #AppleSilicon #NPU #KCORES

Remember the team at SpecterOps open-sourced their PowerShell training, which remains a hugely relevant concept, and APTs are still actively using it. #redteam github.com/SpecterOps/at-…

Since I was bored in a plane I decided to revisit some of the Windows Hello tradecraft and finally implemented browser based FIDO2 auth using WHFB keys in roadtx. Thanks @fabian_bader and @NathanMcNulty for the inspiration!

Literally every old school hacker out there dreamed of achieving a find like this: msrc.microsoft.com/update-guide/v…

And don't forget you can find the Nintendo Power strategy guide for Super Mario Bros 3 here at the Internet Archive: archive.org/details/ninten…

A farm that mines views instead of crypto. In this video Military Police uncover YouTube 'view farm' in a residential area. The house contained dozens of mobile phones and computers connected to the network, simulating access and interaction to illegally boost view counts and engagement for music content.

I found unauthenticated bugs in MDT that can be abuse to coerce authenticaton from the host server or to leak creds stored in the deployment share's rules file. Instead of fixing the issues, Microsoft retired MDT. specterops.io/blog/2026/01/2…

A move completely antithetical to the ethos of the Alamo and to those who love the theatrical experience they provide. This is a profound and upsetting mistake @alamodrafthouse

🚨 Kerberos Relay Attack Uses DNS CNAME to Bypass Mitigations - PoC Released | Source: cybersecuritynews.com/kerberos-relay… A critical flaw in Windows Kerberos authentication that significantly expands the attack surface for credential relay attacks in Active Directory environments. By abusing how Windows clients handle DNS CNAME responses during Kerberos service ticket requests, attackers can coerce systems into requesting tickets for attacker-controlled services, bypassing traditional protections. An attacker positioned on-path to intercept DNS traffic can exploit this to force victims into requesting service tickets for attacker-chosen targets. #CybersecurityNews

SCCM attack paths are messy until you can see them. 👀 ConfigManBearPig from @_Mayyhem extends BloodHound with SCCM nodes + edges using OpenGraph, plus queries to surface hierarchy takeovers and escalation paths. Check it out! ghst.ly/4svbcWO

Hi friends! I've finally written the third part of the Impacket Programming Guide! We explored several MSRPC protocols and also created our own tool for Lateral Movement! Read on medium: @cicada-8/impacket-developer-guide-part-3-make-your-own-lateral-movement-a2f8181f657b" target="_blank" rel="nofollow noopener">medium.com/@cicada-8/impa… POC: github.com/CICADA8-Resear…

Leveraging program entry points for process injection in Windows (2023) bohops.com/2023/06/09/no-… Credits @bohops #infosec #Windows

SCOM is one of the most deployed, but least researched, System Center products. @synzack21 breaks down how it works + how to build a lab to test new tradecraft. ghst.ly/4prZMRI

A C# tool for requesting certificates from ADCS using DCOM over SMB. This tool allows you to remotely request X.509 certificates from CA server using the MS-WCCE protocol over DCOM and It bypasses the traditional endpoint mapper requirement by using SMB directly. github.com/7hePr0fess0r/A…

Attackers don’t exploit tools—they exploit identities. Learn how to defend where it matters. Join operators and defenders for one of our hands-on training courses at #SOCON2026. In-person attendees also receive a free conference pass. Save your spot ➡️ ghst.ly/socon-2026

SCCM is one of the most relied-on enterprise tools, but that legacy comes with risk. Join @unsigned_sh0rt this Friday at #BSidesPDX as he discusses how attackers can abuse #SCCM Entra integrations to gain admin access. ➡️ ghst.ly/3L4nkwG