Our Compromise Assessment service report features such a hidden threat as generative AI
Users receive attackers’ remote access tool along with popular freeware
How to detect malware that runs on Linux systems without writing on disk
Some stats on threats found in backups during compromise assessment
Under what conditions can a non-domain Windows host be compromised
New attacks use .vbs droppers, .com droppers, and .com stealer written in Rust
Registration of a malicious provider can be detected in ProviderOrder and ProviderPath parameters
Detecting privilege escalation in Linux through TOCTOU vulnerability
What if your decompiler doesn’t support some RISC-V instructions
A 2020 vulnerability still allows a local user to elevate privileges to SYSTEM
Vulnerability CVE-2025-47179 allows for full control over SCCM
An interesting experience in solving a pentesting task
How to prevent exploitation of a vulnerability in a popular image editing tool
Kubernetes API can reveal many secrets without authentication
A chain of events 4023 and 4021 from the same IP address means an attack
We found out which local LLMs are better at finding vulnerabilities
Severe vulnerability allows an unprivileged user to gain root
Fake RPC server can impersonate the security context of the calling client, up to SYSTEM
We found a vulnerabilty in a popular LLM agent
An attacker can take over the domain if automatic client push installation is enabled on the server