This article details a step‑by‑step penetration test on a university’s web platform, covering XSS file uploads, JWT tampering for arbitrary login, massive personal data leakage, SQL injection payloads, and the exposure of several AK/SK secrets, all with concrete screenshots and commands.
In April 2026 a trio of Windows Defender zero‑day bugs—BlueHammer, RedSun and UnDefend—were publicly disclosed after Microsoft’s Security Response Center repeatedly ignored the researcher’s reports, sparking a debate over responsible disclosure, corporate trust, and the urgent need to respect security professionals.
The RedSun proof‑of‑concept demonstrates that when Windows Defender detects a malicious file marked with a cloud‑based detection tag, it may rewrite the file to its original location instead of isolating it, allowing an attacker to replace system files and obtain administrator privileges.
The article introduces VeilShell, a Godzilla‑based reflection AES encryptor combined with a Data‑Flow Break and dynamic callback technique to generate PHP webshells, presents detailed evasion test results against Changting, Alibaba and VirusTotal scanners, and provides performance metrics and a GitHub link for acquisition.
A 2021 CCC member survey and a large‑scale analysis of Exploit‑DB reveal that hackers predominantly use Shell scripts and Python, with notable overlap across both data sets, while language preferences shift over time toward Python and away from C, highlighting detection challenges and future trends.
The award‑winning ICSE2025 paper introduces CDFuzz, a lightweight custom dictionary technique that dramatically improves coverage and vulnerability discovery in grey‑box fuzzing, and a live session will dissect its design, validation, and impact on software security testing.
A security research team created a counterfeit VSCode extension in half an hour, demonstrated how easily malicious code can be injected and distributed through the VSCode Marketplace, and revealed that dozens of high‑value companies, security firms and even a national court were compromised, highlighting critical gaps in extension vetting and supply‑chain protection.
Researchers from the Leiden Institute of Advanced Computer Science analyzed over 47,000 GitHub repositories, uncovering that many fake proof‑of‑concept exploits conceal malware, with nearly 5,000 repositories deemed malicious and detailed case studies revealing hidden trojans, Cobalt Strike tools, and stealthy information stealers.
The article provides a comprehensive technical walkthrough of the Hyper‑V DirectX component, detailing its architecture, virtual GPU configuration, attack surface, and step‑by‑step exploitation of four critical CVEs (CVE‑2022‑21918, CVE‑2021‑43219, CVE‑2022‑21912, CVE‑2022‑21898) with code snippets and debugging insights.
MIT researchers have uncovered an unpatchable hardware flaw in Apple’s M1 chip’s Pointer Authentication Code, demonstrating a speculative‑execution‑based PacMan attack that can bypass the chip’s last line of defense and even compromise the kernel.
This article presents a collection of Spring Boot security vulnerabilities, detailing information leakage and remote code execution cases, with step‑by‑step exploitation guides and underlying principles, intended for security research and authorized testing only.
Researchers from 360 Netlab have uncovered RotaJakiro, a stealthy Linux backdoor malware first seen in 2018, which uses ZLIB compression, AES/XOR/ROTATE encryption, and hidden plugins to exfiltrate data and evade detection, with twelve functions yet its true purpose remains unknown.
Egyptian security researchers discovered a chain of flaws in TikTok’s Android app—including generic WebView XSS, Add Wiki Activity XSS, intent-based component launch, a Zip Slip in Tma Test Activity, and an RCE exploit—that can be combined to achieve remote code execution, and the report details TikTok’s remediation steps.
This article expands on the author's BlueHat Shanghai 2019 presentation, summarizing Office‑related 0‑day and 1‑day vulnerabilities discovered between 2010 and 2018, categorizing them by component and type, and providing extensive references, analysis notes, and exploitation guidance for security researchers.
The author details a seldom‑seen MSSQL blind injection discovered during a Google bounty, explaining why automated scanners failed, how manual testing with @@LANGID and @@TEXTSIZE revealed the flaw, and the proof‑of‑concept steps that ultimately earned a reward.
