Misconfigured AWS Private API Gateways can be exploited by attackers from external AWS accounts due to overly permissive resource-based policies. This vulnerability allows them to access internal resources and potentially launch further attacks, emphasizing the need for strict policy configurations and monitoring. Proper security measures, such as limiting access to specific VPCs and implementing API authentication, are crucial to protect against these threats.

A security engagement revealed an HTML to PDF converter API that allowed for local file access and remote code execution due to vulnerabilities in a .NET renderer using an outdated Chromium version. The authors successfully exploited a known vulnerability in Chromium 62, demonstrating the importance of manual penetration testing in uncovering overlooked security issues.

Researchers exploited a vulnerability in CodeRabbit, an AI code review tool, allowing them to achieve remote code execution (RCE) and gain read/write access to 1 million repositories. The exploitation involved creating a malicious pull request that leveraged a flaw in the integration of external static analysis tools, leading to the leakage of sensitive API tokens and secrets. CodeRabbit quickly remediated the vulnerabilities after disclosure, enhancing their security measures in response.

A vulnerability on the American Archive of Public Broadcasting's website allowed unauthorized access to protected media for years before being patched this month. The flaw, which had been exploited since at least 2021, involved a simple script that bypassed access controls, leading to concerns about the sharing of private content within data hoarding communities on Discord. AAPB has since confirmed the fix and reinforced its commitment to protecting archival materials.

PowerDodder is a stealthy post-exploitation utility that embeds execution commands into frequently accessed but rarely modified script files, minimizing detection by traditional security measures. It scans for potential script files, allows users to append payload commands, and preserves the original file's modification timestamps to evade scrutiny. The tool's name reflects its method of attaching to host scripts for persistent execution.

Certipy is a comprehensive toolkit designed for evaluating and exploiting vulnerabilities in Active Directory Certificate Services (AD CS). It aids security professionals in discovering misconfigurations and supports various attack paths while emphasizing the importance of authorized usage. Detailed guides and documentation are available for users to effectively leverage the toolkit.

A fake "My Vodafone" app was distributed to targets via SMS, claiming to restore mobile data connectivity after an attacker disabled their connection. The app, signed with an enterprise certificate, contains multiple privilege escalation exploits, including an unusual sixth exploit related to the iPhone's Display Co-Processor (DCP), which raises concerns about the security implications of compromising such co-processors in modern devices.

A critical vulnerability in the Windows NTFS file system, identified as CVE-2025-49689, allows for exploitation through specially crafted virtual disks (VHD). This vulnerability leads to multiple memory corruptions due to insufficient checks on integer overflow, facilitating potential escalation of privileges for attackers using malicious virtual disks in phishing attempts.

The article discusses techniques for escaping the limitations of NTLM relay attacks over port 445, focusing on the exploitation of misconfigured services and the use of various tools to enhance the attack's effectiveness. It provides insights into the mechanisms behind these attacks and offers recommendations for improving security against them.

CVSS is often misused as the sole metric for prioritizing vulnerabilities, leading to ineffective vulnerability management. To address its limitations, organizations should adopt risk-based vulnerability management (RBVM), which incorporates business context and prioritizes vulnerabilities based on real-world exploitation potential and impact. This approach allows security teams to focus on the most critical threats, improving overall efficiency and resource allocation.

The article discusses vulnerabilities in the open game panel, specifically focusing on remote code execution (RCE) risks. It highlights the potential for exploitation and provides insights into mitigating these security threats in gaming environments.

The article explores the concept of developing C2-less malware using large language models (LLMs) for autonomous decision-making and exploitation. It discusses the implications of such technology, particularly through a malware example called "PromptLock," which utilizes LLMs to generate and execute code without human intervention. The author proposes a proof of concept for self-contained malware capable of exploiting misconfigured services on a target system.

The article discusses the security vulnerabilities associated with misconfigured Redis instances, highlighting how attackers can exploit these weaknesses to gain unauthorized access to sensitive data. It emphasizes the importance of proper configuration and security measures to protect Redis installations from potential threats.

The article discusses a niche technique for exploiting self-XSS vulnerabilities by leveraging a parent/child window relationship to access a victim's data after logging them into an attacker's account. It outlines the steps to redirect the victim to an XSS payload while maintaining access to their data through disk caching and the importance of proper cache control headers to prevent such attacks.