Luci
63 posts

Luci
@GigelV41464
https://t.co/a8Sl98VNwi | https://t.co/Gc3WAze5a1



Nighthawk 1.0 is now released to customers, blog post to follow. Here's a sneak peak of our new CET compatible, per API, custom configurable stack masking 😎... just one of many new features 🔥

A feature I snuck in the new loader introduced in the September 2025 release of Nighthawk is CET-compliant stack spoofing. Here is a video showing a CET-enabled Notepad being injected with the payload. A bp is placed on NtAllocateVirtualMemory to show that the call is spoofed:




Smukx, a malware researcher, red teamer, and offensive security engineer known for his work on low-level malware development and adversary simulation tooling, has been suspended on X. The flagged post was a thread on how keyloggers work at the OS level: keystroke architecture, how system processes handle key events, the kind of material taught in any offensive security course and published openly in defensive research. It got caught under X's "illegal and regulated behaviors" rule and the account (@5mukx) is now gone. This stuff is standard security research. You can't defend against techniques nobody is allowed to explain. If anyone here has a working contact at X Trust & Safety or knows the fastest route to get a suspension like this reviewed by a human, please reach out.




Revisiting our past work on Code extensions, we took at look at the big brother; Visual Studio mdsec.co.uk/2026/05/visual…








