[TRYHACKME] – Void Execution Challenge
A friendly walkthrough of a slick binary-exploitation challenge: custom shellcode without syscall, ASLR bypass via GOT, and why stack alignment...
[TRYHACKME] – LondonBridge Full Walkthrough.
Introduction In this room we compromise a small Flask app behind Gunicorn, pivot from a clever SSRF to local file...
CVE Alert: CVE-2025-54111 – Microsoft – Windows 10 Version 1809
CVE-2025-54111 HIGHNo exploitation known Use after free in Windows UI XAML Phone DatePickerFlyout allows an authorized attacker to elevate privileges...
CVE Alert: CVE-2025-54106 – Microsoft – Windows Server 2019
CVE-2025-54106 HIGHNo exploitation known Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker...
CVE Alert: CVE-2025-54110 – Microsoft – Windows 10 Version 1809
CVE-2025-54110 HIGHNo exploitation known Integer overflow or wraparound in Windows Kernel allows an authorized attacker to elevate privileges locally. CVSS...
CVE Alert: CVE-2025-54112 – Microsoft – Windows 10 Version 1809
CVE-2025-54112 HIGHNo exploitation known Use after free in Microsoft Virtual Hard Drive allows an authorized attacker to elevate privileges locally....
CVE Alert: CVE-2025-54108 – Microsoft – Windows Server 2025 (Server Core installation)
CVE-2025-54108 HIGHNo exploitation known Concurrent execution using shared resource with improper synchronization ('race condition') in Capability Access Management Service (camsvc)...
CVE Alert: CVE-2025-54103 – Microsoft – Windows 10 Version 21H2
CVE-2025-54103 HIGHNo exploitation known Use after free in Windows Management Services allows an unauthorized attacker to elevate privileges locally. CVSS...
CVE Alert: CVE-2025-54105 – Microsoft – Windows Server 2025 (Server Core installation)
CVE-2025-54105 HIGHNo exploitation known Concurrent execution using shared resource with improper synchronization ('race condition') in Microsoft Brokering File System allows...
CVE Alert: CVE-2025-54102 – Microsoft – Windows 10 Version 1809
CVE-2025-54102 HIGHNo exploitation known Use after free in Windows Connected Devices Platform Service allows an authorized attacker to elevate privileges...
CVE Alert: CVE-2025-54093 – Microsoft – Windows 10 Version 1809
CVE-2025-54093 HIGHNo exploitation known Time-of-check time-of-use (toctou) race condition in Windows TCP/IP allows an authorized attacker to elevate privileges locally....
CVE Alert: CVE-2025-54098 – Microsoft – Windows 10 Version 1809
CVE-2025-54098 HIGHNo exploitation known Improper access control in Windows Hyper-V allows an authorized attacker to elevate privileges locally. CVSS v3.1...
CVE Alert: CVE-2025-54092 – Microsoft – Windows 10 Version 1809
CVE-2025-54092 HIGHNo exploitation known Concurrent execution using shared resource with improper synchronization ('race condition') in Windows Hyper-V allows an authorized...
CVE Alert: CVE-2025-54091 – Microsoft – Windows 10 Version 1809
CVE-2025-54091 HIGHNo exploitation known Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally. CVSS...
CVE Alert: CVE-2025-54099 – Microsoft – Windows 10 Version 1809
CVE-2025-54099 HIGHNo exploitation known Stack-based buffer overflow in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate...
Ubuntu Users Left Waiting After Canonical’s Servers Take Weekend Off
When is an outage not an outage? According to Canonical's forum, it's when a 36-minute server disruption creates a multi-day...
Playing Ball Games In The Datacenter Was Obviously Stupid, But We Had To Win Theleague
Who, Me? Monday mornings see the resumption of endless coopetition between IT folks and those they strive to serve but...
All It Work To Involve Ai By 2030, Says Gartner, But Jobs Are Safe
All work in IT departments will be done with the help of AI by 2030, according to analyst firm Gartner,...
Anthropic To Pay At Least $1.5 Billion To Authors Whose Work It Knowinglypirated
AI upstart Anthropic has agreed to create a $1.5 billion fund it will use to compensate authors whose works it...
Red Hat Back Office Team To Be Big And Blue Whether They Like It Or Not
IBM-owned subsidiary Red Hat is docking a bunch of its back-office staff, along with the techies that support them, into...
Pre Owned Software Trial Kicks Off In Uk As Microsoft Pushes Resale Ban
Microsoft's tussle with UK-based reseller ValueLicensing over the sale of secondhand licenses returns to the UK's Competition Appeal Tribunal this...
Linus Has Had Enough Of Links That Point To ‘stupid Useless Garbage’
The latest release candidate for Linux is out, but before its release, Linus Torvalds had something he wanted to get...
Cisa Sounds Alarm Over Tp Link Wireless Routers Under Attack
Infosec in brief The US Cybersecurity and Infrastructure Security Agency (CISA) has said two flaws in routers made by Chinese...
Dev Snared In Crypto Phishing Net, 18 Npm Packages Compromised
Crims have added backdoors to at least 18 npm packages after developer Josh Junon inadvertently authorized a reset of the...
