-
EDR-Freeze is a proof-of-concept tool that forces endpoint detection and response (EDR) or antivirus processes into a temporary “coma.” Instead of installing a vulnerable driver, it leverages legitimate Windows Error Reporting components, specific…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers have uncovered a sophisticated cyberattack campaign where Chinese threat actors are exploiting web applications using an innovative log poisoning technique to deploy web shells and subsequently weaponize Nezha, a legitimate server …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Obex, a newly released proof-of-concept utility by security researcher dis0rder0x00, demonstrates a simple but effective user-mode method to stop unwanted security and monitoring modules from loading into Windows processes. The tool launches a target p…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Forensic-Timeliner is a fast, open-source command-line tool designed to help digital forensics and incident response (DFIR) teams quickly build a unified timeline of Windows artifacts. By automatically collecting, filtering, and merging CSV output from…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Security researchers at Hacker House have released SetupHijack, a proof-of-concept tool that exploits race conditions and insecure file handling in Windows installers and updaters. The utility demonstrates how attackers can hijack privileged setup proc…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Advanced persistent threat actors increasingly target Microsoft Exchange inbox rules to maintain persistence and siphon sensitive data without raising alarms. The newly released Inboxfuscation tool delivers a Unicode-based obfuscation framework capable…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A security researcher has released a new tool that can temporarily disable endpoint detection and response (EDR) systems and antivirus software without requiring vulnerable drivers, marking a significant evolution in attack techniques targeting securit…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Red AI Range (RAR) offers a turnkey platform for AI red teaming and vulnerability assessment, enabling security professionals to simulate realistic attack scenarios, uncover weaknesses, and deploy fixes all within a controlled, containerized environmen…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A novel AI-driven email attack toolkit named SpamGPT has surfaced on underground hacking forums, promising cybercriminals an all-in-one platform for launching large-scale phishing campaigns. Advertised as an “AI-powered spam-as-a-service” sol…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The BC-SECURITY team has released a major update to its flagship offensive security framework, Empire, introducing enhanced agent capabilities and comprehensive API support designed to streamline post-exploitation operations and adversary emulatio…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
