Security Review #313

June 26, 2026

I hope the field of computer science never loses its sense of fun.

— Alan J Perlis

Starred Articles

Autonomous fuzzing process under LLM supervision

We detail a proof-of-concept system that automates the entire fuzzing workflow - from code analysis and test-harness generation to crash classification and report writing - using machine learning models to rank risky functions and an LLM acting as both an operator (generating harnesses, triaging crashes) and a supervisor that detects anomalies and self-heals the pipeline within tightly defined boundaries.

Squidbleed (CVE-2026-47729)

We detail Squidbleed, a heartbleed-style vulnerability that leaks internal memory from every version of Squid Proxy, in its default configuration.

Surviving the surge of new Linux LPE : Defense in Depth not dead

In this article we explain how most of the exploitation chains that are published can be mitigated by tried-and-true Linux security hardening, giving wary defenders time to patch while N-day attackers try their shiny new ./exploit.sh.

The QNAP Pattern

QNAP's NAS platform repeatedly produces the same class of flaws - pre‑auth command and SQL injections, world‑writable bind‑mounts, and container‑escape paths - because each plugin must implement its own authentication, database access and inter‑process communication instead of using a single, secure framework, leaving unsafe defaults as the norm and making privilege escalation trivial.

Exploiting Web Cache Poisoning: Advanced Exploitation Guide

In this article, we'll cover what web cache poisoning vulnerabilities are, how they arise, a few effective ways to enumerate such vulnerabilities, and eventually move on to the practical exploitation part.

New Articles

Vulnerability Disclosure: Stealing Emails via Firefox's AI Features

We found a vulnerability in Firefox summarization feature of its integrated AI chatbot. On a malicious page, attackers could perform prompt injection attacks via the page title.

CVE-2026-25860

This article provides technical details about CVE-2026-25860, a vulnerability in OpenClinic GA. We will be covering a reflected XSS flaw in DICOM image uploads and its real-world security impact.

Kerberos - Part 3: User Impersonation

In this third part, we will explore the techniques for leveraging collected credentials for lateral movement, privilege escalation, and persistence methods within the Active Directory environment.

Cisco Unified Communications Manager Arbitrary File Write to RCE

A vulnerability in Cisco Unified Communications Manager (CUCM) allows unauthenticated attackers to arbitrarily write files in the server which in turn can be used to run arbitrary commands/code on the server.

Global ARM API Abuse in Azure: Cross-Tenant Attack to Key Vault

In this blog, we will discuss the concept of Global Azure Resource Manager (ARM) API endpoints and how they can be abused in certain Azure attack scenarios. We will explore Global ARM API abuse in Azure, guest tenant attack paths, Managed Identity abuse, GitHub token exposure, App Service compromise, and Azure Key Vault secret extraction techniques.

Kerberos - Part 2: Credential Access

In this second part, we will see how it is possible to enumerate domain user accounts and validate credentials through the error messages returned by the KDC to the client. In addition, user hashes can be obtained through encrypted parts included in AS-REQ/AS-REP and TGS-REQ/TGS-REP messages, and in case a user uses PKINIT as a pre-authentication method, it is possible to extract his NT/LM hashes using the UnPAC the hash technique.

Kerberos - Part 4: Delegations

In this fourth post, and last of the series, we will explore Kerberos delegations. While we primarily focus on the functionality of Kerberos delegations and abuse cases, we have also included brief notes and best practices for detecting potential abuses and misconfigurations, which will in turn help to enhance security postures against these risks.

Exploring PDF generators: 0-days across 90 million targets a month

Behind an "Export PDF" button there's almost always an open-source lib assembling HTML with user data, throwing it at a parser and returning the file. This article covers nine real 0-days found in these libs, from RCE to arbitrary file read. After the cases, I condense everything into a short methodology you can apply to any target.

Kerberos - Part 1: Overview

In this first part of the series, we review the key principles of Kerberos: concepts, encryption, authentication flow, and how to decrypt Kerberos traffic using wireshark.

OXLOADER: new loader evading detection to drop infostealer

We uncover OXLOADER: a new Windows loader evading detection by using .reloc section abuse and anti-VM checks to drop infostealer malware via Google Ads.

DCOM Explained: How Attackers Turn a Windows Feature into a Lateral Movement Tool

In this article, we explains how Windows DCOM lets applications run code on remote machines and how attackers exploit this to move laterally - by authenticating via stolen credentials, contacting the RPC endpoint on TCP 135, invoking trusted COM objects that launch payloads such as PowerShell - and provides a practical detection recipe along with simple mitigations.

Exploiting CVE-2024-1065 via the Page Cache

This post discusses a page cache exploitation strategy applicable to physical page use-after-free (UAF) vulnerabilities that land in the MIGRATE_MOVABLE pool. To demonstrate the technique, this post exploits CVE-2024-1065, a physical page UAF in the ARM Mali GPU kernel driver.

Microsoft Edge Heap Memory Exposure (MemEdge)

In this post, we examine a heap memory exposure issue in Microsoft Edge, explain how it can be abused in realistic attack chains, and outline practical detection and mitigation strategies for defenders who refuse to treat the browser as a harmless user interface shell.

TURN! - What could possibly go wrong?

In this blog post, we describe common pitfalls and attack vectors in TURN services. For practical testing and exploitation, we also introduce a new easy-to-use open-source tool called TURNado.

CargoWise WebTracker - The Keys Were in the Cargo

Two hardcoded symmetric keys protect the CargoWise application, one of the most widely deployed logistics software platforms in the world. In this article, we show the impacts of such erroneous design: authentication bypass, persistence, enumeration, etc.

Azure AD Graph Activity Logs: detecting directory enumeration

Azure AD Graph Activity Logs land in Elastic with full ECS parsing. This post walks the loop end-to-end. Why visibility matters, how to ingest the logs into Elastic, how to generate realistic recon manually and with ROADrecon, and how to hunt the result in ESQL.

Reverse Once, Run Forever: Defending Code You Can't Hide

Client‑side bot‑detection code is always visible to attackers. Therefore it should be built as a constantly‑changing, branch‑less system that never ships its secrets and requires live server verification, making reverse‑engineering costly and ineffective. This strategy keeps defenses economical, invisible to offline attacks, and functional without user friction.

Fuzzing GPSD, Part 3: The Bugs

In this third part pf the series, we review the bugs from public GPSD work item #397, including Skytraq, NMEA, AIS, u-blox, AllyStar, passthrough, and client parser issues.

AutoJack: How a single page can RCE the host running your AI agent

AutoJack is a novel exploit chain showing how a single malicious webpage can turn an AI browsing agent into a remote code execution vector on the host machine. By abusing trust in localhost, missing authentication, and unsafe parameter handling, attackers can trigger arbitrary process execution through AutoGen Studio's MCP WebSocket.

Bitwarden C2

I found a vulnerability allowing to create a full command-and-control channel through icons.bitwarden.net - commands in via PNG metadator polygots, results out via DNS - all traffic to a trusted domain on Azure.

Building Mythic Agents with LLMs

In this post I will walk through each major milestone that has been taken in my quest to explore this objective by building LLM-generated Mythic agents from prompt to deployment. Starting at the beginning, I’ll show what worked, what didn’t, and where this space is likely going next.

Chaining Security Bugs in Discuz! X5.0: from Race Condition to Pre-Auth RCE

In this blog post, we will explore a complete exploit chain targeting Discuz! of one of the most popular Internet forum platforms in the world. We will see how what started as a curious look into its session management and input validation eventually evolved into a pre-authentication Remote Code Execution (RCE) attack.

Exploiting Auth0 Defaults in XSS Attacks

We identified two noteworthy default configurations within Auth0 that may be exploited to pivot across applications within an Auth0 tenant from a single XSS vulnerability. This article demonstrates how the insecure implicit grant flow can be chained with other Auth0 misconfigurations to laterally move to other systems.

Bypassing Conditional Access policies that have a resource exclusion

There is a documented enforcement gap in Conditional Access policies that apply to "all resources" but have an exclusion for at least one resource. What is not documented, is that this gap is much larger than what one would expect, and that the documented mitigation doesn't actually work.

AiTM MFA Bypass: Defending Microsoft Entra ID

Adversary-in-the-Middle (AiTM) attacks silently bypass traditional MFA in Microsoft Entra ID. In this article, we will break down how AiTM attacks work in the context of Microsoft Entra ID, and walk through the defensive layers that can meaningfully reduce your attack surface – from Phishing-resistant MFA and Conditional Access policies to Continuous Access Evaluation (CAE).

2-Click Remote Code Execution in Meccha Chameleon

In this article, we detail an RCE vulnerability in Meccha Chameleon. It can achieved on any player system in a game lobby through a malicious Steam Workshop map.

Reversing NVIDIA's CVE-2026-24190: How a Kernel Flaw Put Enterprise AI Clusters and Workstations at Risk

We deep-dive into a critical input‑validation flaw in NVIDIA's Windows kernel display driver (nvlddmkm.sys) – CVE‑2026‑24190 – that lets low‑privilege users manipulate driver‑owned structures to achieve kernel‑mode code execution (and related bugs that cause DoS) on AI clusters, workstations, and virtualized environments.

Still Recent

Fuzzing GPSD, Part 2: Lessons Learned

In this second part, we will see what changed after running gpsd_fuzzer for real, from target selection to mutation scheduling and crash triage.

CVE-2026-41096: Heap Overflow in the Windows DNS Client

We analyze CVE-2026-41096, a heap overflow in the Windows DNS client, triggered by a single UDP response. We walk through the binary diff, the root cause from Ghidra decompilation, and a working crash PoC.

Kira Found a CVSS 10.0 Full Compromise in Hoppscotch

One unauthenticated HTTP POST request to a fresh Hoppscotch instance let you collect the JWT signing key, leading to a JWT secret injection that grants full server compromise. A deep dive into CVE-2026-50160, four chained weaknesses, and what it means for your NestJS stack.

Exposed RDP: The Misconfiguration Attackers Keep Exploiting

We review Exposed RDP, one of the most overlooked vulnerable exposures. Security teams are stretched thin, alerts are buried in noise, and known misconfigurations quietly slip through the cracks before anyone gets to them.

Magecart skimmer turns Stripe into a malware command server

We analyze a Magecart family that runs its skimmer straight out of Stripe. The attacker stores the card stealer in a Stripe customer's metadata and runs it on checkout pages, then writes stolen cards back into the same account as fake customers. Stripe is both the command server and the exfiltration sink, all behind a domain almost no store would block.

Fuzzing GPSD, Part 1: The Lexer Harness

In this first part of the series, we will be building gpsd_fuzzer, a LibAFL structure-aware fuzzer for GPSD packet_parse and gps_lexer_t.

RCE in Google Cloud Production

A chance Discord message, two missing pieces, and one hour before the window closed: From info leak to RCE on Google Cloud. What started as a debugging endpoint info leak escalated into full remote code execution on Google Cloud's production environment.

Oldies but Goodies

Creative approaches to coding FUD Stagers

We review 2 variants to build porwershell-based fully undetected code (FUD) stagers, aiming at evading machine-learning and/or AI-powered detection engines in EDR.

Unearthed Arcana

Rusty Rootkit

We dive into Rusty Rootkit internals. Rust Rootkit is a proof‑of‑concept Windows kernel rootkit written in Rust that demonstrates core kernel‑mode techniques - DKOM‑based process/driver hiding, process protection tweaking, token‑privilege escalation, driver‑signature‑enforcement bypass, and kernel‑callback manipulation.