Author

Black & White Path

We are the beacon of the cyber world, a stepping stone on the road to security.

386

Articles

Likes

657

Views

Comments

Latest from Black & White Path

100 recent articles max

Black & White Path

May 29, 2026 · Information Security

GhostType: Open‑Source Forensic Scanner for Leaked Credentials in AI Chat Histories

GhostType is an open‑source forensic scanner that parses local conversation files from popular AI coding assistants, uses TruffleHog’s 800+ detectors plus custom regex rules to locate exposed API keys or passwords, verifies their validity in real time, and outputs detailed JSON or CSV reports for red‑team or DLP use.

AI assistantsDLPGhostType

0 likes · 3 min read

GhostType: Open‑Source Forensic Scanner for Leaked Credentials in AI Chat Histories

Black & White Path

May 29, 2026 · Industry Insights

How Ignoring API Limits Led to a $500 Million AI Bill

A lack of usage caps on Claude's API caused a single employee to generate a $500 million charge in one month, exposing systemic governance gaps and prompting a broader discussion on AI cost control, token‑based billing, and practical safeguards for enterprises.

AI cost governanceAPI budgetingClaude API

0 likes · 7 min read

How Ignoring API Limits Led to a $500 Million AI Bill

Black & White Path

May 28, 2026 · Information Security

SwordfishSuite: A Beginner‑Friendly Burp Alternative with Extensible Plugins

SwordfishSuite is a lightweight, open‑source web security testing platform inspired by Burp, offering an intuitive GUI, smart HTTPS proxy, a Python‑based plugin ecosystem, experimental app traffic analysis, and easy installation via GitHub releases, making it ideal for newcomers and seasoned testers alike.

App traffic analysisBurp alternativeHTTPS interception

0 likes · 6 min read

SwordfishSuite: A Beginner‑Friendly Burp Alternative with Extensible Plugins

Black & White Path

May 28, 2026 · Information Security

12‑Byte Syscall in Browser Sandbox Grants SYSTEM on Windows (CVE‑2026‑40369 PoC)

The article details CVE‑2026‑40369, a Windows kernel flaw in ExpGetProcessInformation where a zero‑length buffer bypasses ProbeForWrite, allowing a browser sandbox process to write arbitrary kernel memory with a 12‑byte syscall, leading to a deterministic, fully‑reliable privilege‑escalation chain that grants SYSTEM without race conditions, and discusses detection and mitigation.

CVE-2026-40369NtQuerySystemInformationWindows kernel

0 likes · 11 min read

12‑Byte Syscall in Browser Sandbox Grants SYSTEM on Windows (CVE‑2026‑40369 PoC)

Black & White Path

May 28, 2026 · Information Security

What We Found in 428 AI Relay Services: 9 Tampered Commands, 17 Key Leaks, 1 Crypto Theft

A UCSB study tested 428 AI relay stations and discovered that over 6% were malicious—9 altered execution commands, 17 exfiltrated fake AWS keys, and one stole an Ethereum private key—highlighting severe supply‑chain risks for AI deployments.

AI securityLLM supply chainYOLO mode

0 likes · 10 min read

What We Found in 428 AI Relay Services: 9 Tampered Commands, 17 Key Leaks, 1 Crypto Theft

Black & White Path

May 28, 2026 · Information Security

Inside the Arrest of the 23‑Year‑Old Operator Behind the World’s Largest DDoS Botnet

The article details the capture of 23‑year‑old Jacob Butler, known as “Dort,” who ran the KimWolf IoT botnet that infected nearly two million devices, launched over 30,000 DDoS attacks with peaks near 30 Tbps, and examines the botnet’s tactics, the legal fallout, and defensive lessons for the IoT ecosystem.

Cybercrime-as-a-ServiceDDoSIoT botnet

0 likes · 10 min read

Inside the Arrest of the 23‑Year‑Old Operator Behind the World’s Largest DDoS Botnet

Black & White Path

May 27, 2026 · Information Security

From White‑Hat to Banned Outlaw: The Rapid Fall of a Security Researcher

An anonymous researcher with a legitimate MSRC account publicly released multiple Windows 0‑day exploits after his reports were ignored, leading to swift bans on GitHub and GitLab, sparking a heated debate over platform policies, coordinated disclosure failures, and the broader breakdown of the bug‑bounty ecosystem.

Bug BountyGitHubGitLab

0 likes · 9 min read

From White‑Hat to Banned Outlaw: The Rapid Fall of a Security Researcher

Black & White Path

May 27, 2026 · Information Security

60% of Passwords Can Be Cracked Within an Hour: Kaspersky Report Shows GPU Brute‑Force Era Has Arrived

Kaspersky Lab’s analysis of 2.31 billion leaked passwords reveals that 60% can be cracked in under an hour—nearly half in under a minute—thanks to RTX 5090‑level GPU hashing speeds, AI‑driven guessing, and persistent human habits, prompting urgent security reforms.

AI attacksBrute ForceGPU cracking

0 likes · 12 min read

60% of Passwords Can Be Cracked Within an Hour: Kaspersky Report Shows GPU Brute‑Force Era Has Arrived

Black & White Path

May 27, 2026 · Information Security

Five AD Permission Misconfigurations That Let Attackers Escalate to Domain Admin Without Exploits

The article explains how misconfigured Active Directory DACL entries enable five distinct privilege‑escalation paths—ForceChangePassword, FullControl on Domain Admins, DCSync, WriteMembers, and GUID‑based ACE writes—demonstrating each step with impacket commands, showing detection events, and offering concrete defense recommendations.

Active DirectoryBloodHoundDACL

0 likes · 17 min read

Five AD Permission Misconfigurations That Let Attackers Escalate to Domain Admin Without Exploits

Black & White Path

May 27, 2026 · Information Security

How 7‑Zip 26.00’s NTFS handling triggers a heap‑overflow RCE (CVE‑2026‑48095)

In April 2026, GitHub Security Lab disclosed a critical heap‑overflow vulnerability (CVE‑2026‑48095) in 7‑Zip 26.00 that can be triggered by opening a crafted NTFS image, leading to vtable hijacking and remote code execution with a CVSS score of 8.8.

7-ZipCVE-2026-48095NTFS

0 likes · 12 min read

How 7‑Zip 26.00’s NTFS handling triggers a heap‑overflow RCE (CVE‑2026‑48095)