Purpleshift
Recent
PhantomRPC: A new method for privilege escalation
Fake RPC server can impersonate the security context of the calling client, up to SYSTEM
How to make OpenClaw execute malicious commands
We found a vulnerabilty in a popular LLM agent
Privilege escalation on SCCM with WebClient
An attacker can take over the domain if automatic client push installation is enabled on the server
Bruteforcing WPA 802.11r: a new module for HashCat
Previously, pentesting tools did not work with 802.11r hashes
Invisible attacks with bind mount
A technique much simpler than rootkit can make a malicious process invisible
Incidents 2025: MDR and IR Report
Combining MDR and IR statistics provides a better understanding of current and emerging threats
Yes, we can RCE via your AI agent OpenClaw
Overly autonomous LLM executes commands not requested by the user
How we patched PEAS and ensured Provisioning
If Exchange ActiveSync requires security policy agreement, PEAS still works
Attribution by Slang: Exposing Horabot
How our MDR team investigated a Brazilian hacker attack on Mexico