Moonbeom(Daniel)

CVE-2026-25769 - Remote Code Execution via Insecure Deserialization in Wazuh Cluster github.com/hakaioffsec/CV…

⚠️ Ubuntu Desktop Systems Vulnerability Enables Attackers to Gain Full Root Access Source: cybersecuritynews.com/ubuntu-desktop… A Local Privilege Escalation (LPE) vulnerability in default installations of Ubuntu Desktop 24.04 and later allows an unprivileged local attacker to gain full root access. Tracked as CVE-2026-3888, the flaw exploits an unintended interaction between two standard system components, snap-confine and systemd-tmpfiles, making it particularly dangerous given how deeply both are embedded in default Ubuntu deployments. Snapd is Ubuntu's background service that manages snap packages, self-contained application bundles with their own dependencies. #cybersecuritynews #Ubuntu

AI-Powered Reverse Engineering Plugin for IDA Pro 9+. One-click explanations understand weird control flow instantly, Smart auto-renames suggestions, vulnerability hints, semantic graphs, RAG search, and docs. Game-changer for RE & malware analysis, CTF people

Researcher releases PoC exploit code for EventLogin, a TOCTOU flaw in Windows MS-EVEN RPC allowing remote file writes. Patch now. securityonline.info/poc-disclosed-…

Syscall Tracer🔥🔥 Sometimes it’s useful to observe the system calls happening inside a given target process. Especially if the target includes some kind of Frida detection, root detection, or any other kind of Runtime Application Self-Protection (RASP). frida.re/news/2026/03/0…

PumpGuard_Pumpfun_AI_Attack_Defence_Requirements.pdf.lnk 7db1dfb77da7f4790df11e6c753e0a3d71749bec57faeaa68043705a584cc5ec #APT #DPRK

🚨 A Little Guide to SMB Enumeration 🔥 Telegram: t.me/hackinarticles ✴ Twitter: x.com/hackinarticles SMB (Server Message Block) is widely used for file and resource sharing in Windows environments. During penetration testing, SMB enumeration helps identify shares, users, hostnames, and potential vulnerabilities that could lead to system compromise. () ⚡ Key Tools for SMB Enumeration 🔎 Nmap (nbstat / smb-os-discovery / smb-enum-shares) 🧠 Enum4linux 📂 SMBMap 💻 smbclient 🌐 nbtscan 🖥️ nmblookup 🧾 rpcclient ⚔️ CrackMapExec 💣 Metasploit: smb_enumshares 🧬 Metasploit: smb_lookupsid 🐍 Impacket: lookupsid These tools help security professionals enumerate SMB shares, users, SIDs, hostnames, and vulnerabilities during reconnaissance and penetration testing. () 📖 Article: hackingarticles.in/a-little-guide… #CyberSecurity #Pentesting #EthicalHacking #SMB #RedTeam #ActiveDirectory #InfoSec

Reverse Engineering For Beginners – XOR encryption – Windows x64 networkintelligence.ai/blogs/reverse-…

Windows Registry Forensics: Analysis Techniques belkasoft.com/windows-regist…

(대외보안)0223_주미한국대사관_비공개_정책간담회_계획안.pdf.lnk a4f72ce8b5736fe3ca2083cfe21bd51697f12e900e307c357cb8523b8f86e3ec #APT #Kimsuky

A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets blog.calif.io/p/a-race-withi…

File Upload Bypass via Double Extension + MIME Sniffing 1️⃣ Upload: shell.php.jpg 2️⃣ Server checks extension, accepts file 3️⃣ Browser or server sniffs content → executes as PHP 4️⃣ Leads to RCE on misconfigured servers 🎯 Extension ≠ MIME type #bugbounty #cybersecurity

Releasing PrivHound — Bloodhound collector to model Windows local Privilege Escalation as a graph. Still early — bugs and PRs welcome. github.com/dazzyddos/Priv…

#APT 3ba252288bde5cd59db0903b26edecd2 d45696ee33baef59ae97d7a54af221d7 > Create bot id: BCryptGenRandom{8} > Authorization: Bearer [A/U-botID] > response data RC4 Key: #RsfsetraW#@EsfesgsgAJOPj4eml; > response data export func name "hello" > load.erasecloud.n-e[.]kr/fwrite.php

🚨 Active Directory Pentesting with NetExec 🔥 Telegram: t.me/hackinarticles NetExec (NXC) is a powerful tool for Active Directory enumeration and exploitation, helping pentesters discover users, validate credentials, perform Kerberos attacks, and identify privilege escalation paths in AD environments. ⚡ Key Techniques 👤 User & Account Enumeration – Discover domain users and active accounts 🔑 Credential Testing – Validate passwords or NTLM hashes 🎟 Kerberoasting / ASREPRoasting – Extract Kerberos hashes for offline cracking 🧠 BloodHound Collection – Map attack paths in Active Directory 🛡 Privilege Enumeration – Identify admin accounts, group memberships, and misconfigurations 📖 Article: hackingarticles.in/active-directo… #CyberSecurity #ActiveDirectory #Pentesting #NetExec #RedTeam #EthicalHacking

Your EDR just coerced itself. 🫠 Drop a crafted LNK → MsSense.exe makes a CreateFile call → machine account hands over its Net-NTLMv2 hash over WebDAV → relay to LDAP → Shadow Credentials or RBCD. No user interaction. No exotic exploit. Just vibes and a shortcut file. If you're running Microsoft Defender for Endpoint, this one is literally about you. 👀 Full attack + detection breakdown 👇 youtu.be/30Qiq_Gt_bA #purpleteam #MDE #NTLMcoercion #detectionengineering

I am excited to release the seventh article in the Exploiting Reversing Series (ERS). Titled “Exploitation Techniques | CVE-2024-30085 (part 01)” this 119-page technical guide offers a comprehensive roadmap for vulnerability exploitation: exploitreversing.com/2026/03/04/exp… Key features of this edition: [+] Dual Exploit Strategies: Two distinct exploit versions using Token Stealing and I/O Ring techniques. [+] Exploit ALPC + PreviousMode Flip + Token Stealing: elevation of privilege of a regular user to SYSTEM. [+] Exploit ALPC + Pipes + I/O Ring: elevation of privilege of a regular user to SYSTEM. [+] Solid Reliability: Two complete working and stable exploits, including an improved cleanup stage. [+] Optimized Exploit Logic: Significant refinements to the codebase and technical execution for better stability and predictability. The article guides you through the two distinct techniques for exploiting the CVE-2024-30085 Heap Buffer Overflow vulnerability. I would like to thank Ilfak Guilfanov (@ilfak on X) and Hex-Rays SA (@HexRaysSA on X) for their constant and uninterrupted support, which has helped me write these articles over time. I hope this serves as a definitive resource for your research. If you find it helpful, please feel free to share it or reach out with your feedback! Enjoy your reading and have an excellent day.

Tomcat Penetration Testing hackingarticles.in/tomcat-penetra… 🔥 Telegram: t.me/hackinarticles #CyberSecurity #InfoSec #PenetrationTesting #EthicalHacking #BugBounty #ThreatIntelligence #RedTeam #BlueTeam #CloudSecurity #DataSecurity #CyberSecurityAwareness #AI

Red Teamer、エクスプロイト開発者、Windowsツール活用者向けの技術ポスターです！ WinDbgの主要コマンド、VM間のリモートデバッグ設定、シンボル管理、ユーザーモードでのブレークポイント設定などを網羅。高度なWindows内部解析に携わる方はぜひチェックしてください 👇 sans.org/posters/compre…

북한 APT 37 에서 만든 악성코드-EMD 영수증.lnk wezard4u.tistory.com/429723 #apt #apt37 #악성코드