Security Review #312

June 19, 2026

Regular expressions aren't random jumbles of punctuation - they're carefully thought-out jumbles of punctuation!

— The Perl Cookbook

Starred Articles

SearchLeak: How We Turned M365 Copilot Into a One-Click Data Exfiltration Weapon

We discovered SearchLeak, a critical vulnerability chain in Microsoft 365 Copilot Enterprise that allows an attacker to steal sensitive data - MFA codes, email messages, meeting details, and private organizational files - with a single click.

Malicious Network Provider DLL allows stealing credentials

We investigate an incident involving malicious Network Provider DLL used to steal credentials. The use of legitimate software allowed attackers to remain unnoticed for a long time.

From prompt to pwned: chaining LLM and web bugs to Admin

We managed to chain multiple LLM and web-based vulnerabilities to achieve admin account takeover from a low-privileged account. Trusting the LLM turned out to be the first falling domino of a long chain of events that lead to complete compromise. In this article we describe how it went down.

Ghost-Sender - Universal Email Spoofing against Exchange Online

Using Exchange Online (or on-premises exchange in hybrid mode) in combination with an external MX record, such as a third-party email server or spam protection solution, can allow the spoofing of emails from any sender to any recipient in the target tenant.

New Articles

Tracing Digital Intent: New MacOS Tahoe 26 Artifact Discovered

We discovered a new macOS Tahoe 26 forensic artifact that offers a step-by-step record of user actions - from compressing files to emptying the trash - providing critical context for user activity across the operating system. This blog outlines where to find this artifact, how to process it and what stories the data can tell.

Splunk Enterprise CVE-2026-20253 Pre-Auth RCE

We analyze Splunk Enterprise CVE-2026-20253, a pre‑authentication remote‑code‑execution flaw in the PostgreSQL sidecar service, allowing an attacker to create or truncate arbitrary files and ultimately gain RCE - especially exploitable on default Splunk‑on‑AWS installations.

Vulnerable PackageKit gives attacker root access

We detail Pack2TheRoot (CVE-2026-41651), a local privilege escalation in Linux systems through a TOCTOU vulnerability in the PackageKit service.

Reading the Wire - Protobuf Without a Map

Protobuf turns up constantly in DFIR work in Google's tooling ecosystem: Android apps, iOS apps, Chrome internals, sync engines, health databases, etc. This post is a deep dive into what Protobuf actually is at the wire level - byte by byte - and what you can and cannot recover from it without access to the original .proto definition.

A 27-Year-Old Authentication Bypass in OpenBSD's PPP Stack

OpenBSD's sppp_pap_input function uses attacker-controlled length fields as the bcmp comparison length for credential validation. Sending zero-length name and password fields causes bcmp to return 0 unconditionally, bypassing PAP authentication entirely.

Scales - Carving an embedded eBPF rootkit

We delve into scales, an eBPF-based infostealer and rootkit targeting Arch Linux. Statically carving the embedded eBPF object out of the deps loader (Atomic Arch AUR campaign) - no execution, no kernel - and provide relevant IOCs.

The BlueFrag Zero-Click: A System Replay

A technical deepdive into BlueFrag, a zero-click exploit, invisible to the user, that provides the attacker with full access to Android smart phones through a vulnerability in the L2CAP (Logical Link Control and Adaptation Protocol) stack, the higher layer of the Bluetooth stack.

Factoring "short-sleeve" RSA keys with polynomials

We found hundreds of weak RSA and DSA keys with biased bits that we could quickly factor using a new polynomial-based cryptanalytic technique.

From SQLi to RCE - Exploiting LangGraph's Checkpointer

We analyzed LangGraph and uncovered three vulnerabilities in its persistence layer. The first 2 chain into remote code execution: a SQL injection in the SQLite checkpointer (CVE-2025-67644) and an unsafe msgpack deserialization (CVE-2026-28277). The last one (CVE-2026-27022) introduces the same injection class into the Redis checkpointer.

Check Point Remote Access VPN IKEv1 Authentication Bypass CVE-2026-50751

Check Point’s "deprecated" IKE‑v1 VPN code has a critical authentication‑bypass (CVE‑2026‑50751, CVSS 9.3) that lets an attacker set a flag via a crafted Vendor‑ID payload, causing the gateway to skip certificate and signature checks and gain access with only a valid username.

ReadableStream TOCTOU: V8 Sandbox Bypass via Wasm Streaming

A renderer-controlled SharedArrayBuffer(SAB) mutated by a worker thread causes WebAssembly’s bytecode validator and its JIT to disagree about which bytes are being compiled. Since the Wasm JIT compilation pipeline resides outside the V8 heap sandbox, this single bug results in RCE in the renderer without a V8 sandbox bypass.

Cracking CREDHIST: Offline Hash Extraction from DPAPI Password History

We explain how DPAPI's CREDHIST file can be used to extract offline-crackable hashes and recover historical password material. We go through new Hashcat modules, updated DPAPISnoop tooling and provide defensive detection guidance.

Jupyter Enterprise Gateway

We detail three critical vulnerabilities in Jupyter Enterprise Gateway allow a notebook user to escalate privileges and fully compromise the underlying Kubernetes cluster.

152 Chrome Live Wallpaper Extensions Hid Ad Tracking and Faked Google Search Traffic

We identified a network of 152 Chrome live wallpaper extensions hid ad tracking and made extension-driven traffic look like Google search clicks. In this article, we review the technical components and main obfuscation techniques, analyze the underlying infrastructure and monetization mechanisms.

Using ASN Data to Detect and Cluster Malicious Activity

When leveraged properly, ASN data serves as a high-confidence detection mechanism for both clustering threat activity and implementing effective mitigations. This article covers how to analyze and incorporate ASN data into existing security workflows to track and block threats, as well as expand detection coverage.

Investigating suspicious AI workflows in Microsoft Entra Agent ID - Part 3: Assistive agents

We study how an assistive (on‑behalf‑of) AI agent can be coerced to send a malicious email by using the access_agent consent flow, and walk through correlating Entra Agent ID, Graph API, and sign‑in logs to prove malicious agent activities. Finally we provide a quick guide for distinguishing autonomous‑agent, impersonating‑agent, and assistive‑agent sign‑in events in Azure AD logs.

Ivanti Sentry Pre-Auth OS Command Injection CVE-2026-10520

We provide technical analysis of two critical flaws in Ivanti's Sentry gateway: CVE‑2026‑10520, a pre‑authenticated OS command‑injection that lets an unauthenticated attacker execute arbitrary system commands with root privileges, and CVE‑2026‑10523, an authentication bypass that permits creation of admin accounts.

Blinding the Watchmen: Abusing Cloud Logging Services for Defense Evasion and Visibility

We examine attack scenarios targeting cloud logging services such as AWS and Google Cloud. We review techniques used to evade detection through log system disruption, and the mechanisms used by attackers to get long-term, passive visibility into the victim's cloud infrastructure.

Detecting Misuse with the Claude Compliance API: The Threat Is in the Content

In this post I explore what detections you can already use in your SIEM by ingesting Claude Compliance API logs. Then we go even further, introducing a prefilter and LLM judge pipeline which lets you write detections for real AI threats that live inside message content.

AWS Forensics : What you need to know

The purpose of this article is to provide a clear and practical starting point for anyone new to AWS who needs to handle an incident on the platform. We will go through IAM; permissions, services and resources, key artifacts, threats techniques, related events and logs; and tools that facilitate analysis and strengthen overall security.

Windows 11 Input Telemetry

This article deep dives into Windows 11 telemetry and explains why typed passwords appear in LSASS and ctfmon.exe, why Credential Guard does not protect these passwords, why this is expected behavior, and why clipboard data ends up in LSASS and CTFMON.

Still Recent

Exploiting SQL Injections: Advanced Exploitation Guide

In this article, we'll explore the fundamentals of SQL injection, the various techniques used to identify these vulnerabilities, and how you can effectively exploit them to demonstrate impact on modern targets.

Inside .NET Loader Analysis: From Malspam to In-Memory Loader

Technical analysis of a malspam campaign abusing Google's DoubleClick to deliver a loader through a five-stage chain that evades detection and blinds Windows telemetry before persisting.

CVE-2026-40369: Twelve Bytes to Escape the Browser Sandbox

CVE‑2026‑40369 is a Windows kernel flaw where an unchecked 12‑byte write can be triggered from any user‑mode context, allowing an attacker to overwrite arbitrary kernel memory. By repeatedly using this primitive we can forge a SYSTEM token, achieving a full local‑privilege escalation from a medium‑IL process to NT AUTHORITY\SYSTEM.

Weaponizing SMB Shares to Steal Domain Credentials

A walkthrough of a classic-but-still-effective Active Directory attack: how write access to an SMB share - plus a single .lnk file - lets an attacker capture Net-NTLMv2 hashes from every user who simply browses the folder, with no clicks, no payload execution, and almost no EDR signal.

Discovering Vulnerabilities in Enterprise Audiovisual Hardware

We investigate some vulnerabilities found in common enterprise AV devices (the Aver PTC320UV2 camera and Crestron TSW‑1060 tablet ): trivial remote‑code‑execution and credential‑leak vulnerabilities due to insecure defaults, hard‑coded secrets, and a lack of monitoring/patching.

Getting the pid from random numbers

In php7.0 the initial seed for the default random number generator, and all functions which use it, is derived from the current time and the pid. If we can time the call of the initialization function, we can brute-force all possible seeds within that time frame. By trying these possible seeds we can eventually find the one which was used to generate our random data and determine its pid.

Oldies but Goodies

Reverse Engineering an ANJIA PTZ IP Camera

A technical reverse-engineering analysis of a low-cost PTZ IP camera, including UART access, firmware extraction, and undocumented backdoors (CVE-2026-31077)