Posts

/../assets/images/featured/USBLiter8.png
USBLiter8: The Unpatchable Hardware Exploit That Breaks the Chain of Trust from Boot

A physical flaw in the USB controller of Apple's A12 and A13 chips allows unsigned code execution within SecureROM, with no possibility of a software fix.

Tags: News
obeedt, OscarRV, LuisZavMen

obeedt, OscarRV, LuisZavMen

7 min read
/../assets/images/featured/poisson.png
Access That Survives Its Own Takedown: The Operation Poisson Lesson

A novice attacker compromised a French small business and, before his Command and Control server went down, installed Tailscale and OpenSSH to secure his way back in. Access survived 18 days without the C2. Cato Networks documented the operation command by command.

Tags: News
obeedt, OscarRV, LuisZavMen

obeedt, OscarRV, LuisZavMen

11 min read
/../assets/images/featured/fable_mythos.png
The Global Shutdown of Claude Fable 5 and Mythos 5: When a Jailbreak Triggers an Export Control

Anthropic pulled its Mythos-class models, Fable 5 and Mythos 5, offline worldwide just 72 hours after launch, following a U.S. government export-control directive tied to a jailbreak.

Tags: News
obeedt, OscarRV, LuisZavMen

obeedt, OscarRV, LuisZavMen

9 min read
/../assets/images/featured/CVE-2026-23111.png
CVE-2026-23111: A Single Character in the Linux Kernel Opens the Door to Full System Compromise

A misplaced exclamation mark (`!`) inside `nft_map_catchall_activate()` inverts the validation logic in nf_tables, allowing any unprivileged local user to trigger a Use-After-Free, corrupt kernel memory, and escalate to root.

Tags: News
obeedt, OscarRV, LuisZavMen

obeedt, OscarRV, LuisZavMen

6 min read
/../assets/images/featured/RoguePlanet.png
RoguePlanet: The Zero-Day Exploit Compromising Microsoft Defender

A zero-day exploit released hours after Microsoft's largest Patch Tuesday on record allows any local user to obtain SYSTEM privileges on fully patched Windows 10 and 11 systems by abusing the Microsoft Defender engine itself.

Tags: News
obeedt, OscarRV, LuisZavMen

obeedt, OscarRV, LuisZavMen

10 min read
/../assets/images/featured/cisco_en.png
CVE-2026-20245: The Seventh Actively Exploited Zero-Day in Cisco SD-WAN Enables Root Command Execution — No Patch Available

CVE-2026-20245. A privilege escalation flaw under active exploitation in Cisco Catalyst SD-WAN Manager, with no patch available, that allows an attacker to execute arbitrary commands as root through command injection in the CLI.

Tags: News
obeedt, OscarRV, LuisZavMen

obeedt, OscarRV, LuisZavMen

9 min read