HAIJA INTEL REPORT

Unauthenticated attackers are gaining SYSTEM on domain controllers with crafted packets. The vulnerability being exploited is CVE-2026-41089, a CVSS 9.8 hole in Windows Netlogon, and exploitation in the wild has been co…

Want to better defend Azure and Entra ID environments? Start by understanding the adversary's perspective. At #BHUSA, our Azure training uses hands-on labs to teach the attack paths, misconfigs, and techniques used against modern cloud environments. https:// ghst.ly/4uii3Ua

ShinyHunters is exploiting an Oracle PeopleSoft vulnerability (CVE-2026-35273) as part of an extortion campaign targeting higher education. Read the full analysis, and get IOCs and remediation guidance to stay ahead of …

just wrapped up @OutsiderSec ’s Offensive Entra ID training with @_dirkjan . He is in fact #thegoat it was literally the best Entra ID training going into the nitty gritty details including agent identity blueprints

AI is actively embedding itself into today's criminal tradecraft - lending itself to social engineering, fraud, impersonation, identity abuse & more. Get to know tools like WormGPT and BruteforceAI, plus, how orgs should react, all in a new blog: https:// r-7.co/4ooQFS7

ICYMI: Mandiant identified exploitation of a critical vulnerability in KnowledgeDeliver, a learning management system commonly used in Japan. The vulnerability allows for unauthenticated remote code execution via ViewState deserialization. Details: https:// goo.gle/444QSjW

Broken Token: OAuth New ebook, 2nd of the series. Master every way to break OAuth flow: PKCE downgrade DCR injection Token lifecycle abuse Grant flow weaponization + 13 original named techniques https:// brutelogic.net/ebooks/broken- token/oauth/ … The most complete offensive OAu

A little bit different than in the movies AI research at the gym

Releasing DCOMIllusionist as part of our talk on DCOM at @x33fcon with @k3vinTell . It's a remote in memory fileless lateral movement technique based on some research of @tiraniddo

Long live Active Directory! I’m giving a talk for ContinuumCon tomorrow (Friday June 12th) at 1:30pm eastern. Killing AD attack paths by using auth policies & silos.

What questions should security teams ask before adopting AI pentesting? According to our CTO and co-founder @MarkKuhr , the right framework is less about model benchmarks and more about three things: access, governance, and validation: https:// hubs.ly/Q04l5bSY0 #aipentesting

Hello, If you're a person who lives inside my computer and/or likes malware and/or goes to computer conventions, I have a message for you. tl;dr 1. idk if going to defcon, stop asking fr 2. vxug party? idfk 3. big giveaway thingy 4. defcon shirts ig idfk 5. papers non-tl;dr