WarthogTK
@warthogtk.bsky.social
Pentester | Ex MD (Intensivist & Healthcare Simulation) | (Black) Arch Enthusiast |
Infosec - AD - Windows Internals/Maldev enthusiast |
Geopolitics, Defense, Disinformation, Hybrid warfare | DCS, Gaming, Metal
(OU=FR,DC=WORLD,DC=UNIVERSE)
Infosec - AD - Windows Internals/Maldev enthusiast |
Geopolitics, Defense, Disinformation, Hybrid warfare | DCS, Gaming, Metal
(OU=FR,DC=WORLD,DC=UNIVERSE)
RCE in React Server Components github.com/vercel/next....
RCE in React Server Components
A vulnerability affects certain React packages<sup>1</sup> for versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 and frameworks that use the affected packages, including Next.js 15.x and 16.x using the A...
github.com
December 3, 2025 at 6:27 PM
RCE in React Server Components github.com/vercel/next....
ClickFix Gets Creative: Malware Buried in Images
www.huntress.com/blog/clickfi...
www.huntress.com/blog/clickfi...
ClickFix Gets Creative: Malware Buried in Images | Huntress
Huntress uncovered an attack utilizing a ClickFix lure to initiate a multi-stage malware execution chain. This analysis reveals how threat actors use steganography to conceal infostealers like…
www.huntress.com
December 3, 2025 at 7:29 AM
ClickFix Gets Creative: Malware Buried in Images
www.huntress.com/blog/clickfi...
www.huntress.com/blog/clickfi...
Mythic for Developers - Tips and tricks for creating or customizing agents and anything else related to Mythic C2.
youtube.com/playlist?lis...
youtube.com/playlist?lis...
GitHub - Scoubi/BloodSOCer
Contribute to Scoubi/BloodSOCer development by creating an account on GitHub.
www.youtube.com
December 3, 2025 at 7:28 AM
Mythic for Developers - Tips and tricks for creating or customizing agents and anything else related to Mythic C2.
youtube.com/playlist?lis...
youtube.com/playlist?lis...
GitHub - Scoubi/BloodSOCer github.com/Scoubi/Blood...
GitHub - Scoubi/BloodSOCer
Contribute to Scoubi/BloodSOCer development by creating an account on GitHub.
github.com
December 2, 2025 at 10:03 PM
GitHub - Scoubi/BloodSOCer github.com/Scoubi/Blood...
Cache Poisoning: $100K+ Case Studies Part 1 | Herish Blog herish.me/blog/cache-p...
Cache Poisoning: $100K+ Case Studies Part 1 | Herish Blog
Dive into $100K+ cache poisoning vulnerabilities. Part 1 covers real-world attacks on HackerOne, GitHub, and Shopify. Read the analysis!
herish.me
December 2, 2025 at 9:46 PM
Cache Poisoning: $100K+ Case Studies Part 1 | Herish Blog herish.me/blog/cache-p...
OpenAI Codex CLI Vulnerability: Command Injection research.checkpoint.com/2025/openai-...
OpenAI Codex CLI Vulnerability: Command Injection
Codex CLI automatically loads and execute MCP entries withoug
research.checkpoint.com
December 2, 2025 at 9:46 PM
OpenAI Codex CLI Vulnerability: Command Injection research.checkpoint.com/2025/openai-...
K7 Antivirus: Named pipe abuse, registry manipulation and privilege escalation
blog.quarkslab.com/k7-antivirus...
blog.quarkslab.com/k7-antivirus...
K7 Antivirus: Named pipe abuse, registry manipulation and privilege escalation - Quarkslab's blog
Exploitation of the K7 antivirus, from the vulnerability discovery to the retro-analysis of its key components.
blog.quarkslab.com
December 2, 2025 at 7:30 PM
K7 Antivirus: Named pipe abuse, registry manipulation and privilege escalation
blog.quarkslab.com/k7-antivirus...
blog.quarkslab.com/k7-antivirus...
From Zero to SYSTEM: Building PrintSpoofer from Scratch
From Zero to SYSTEM: Building PrintSpoofer from Scratch
A complete journey from understanding Named Pipes to building an undetectable PrintSpoofer learning Windows internals, token impersonation, RPC, and evasion techniques along the way.
bl4ckarch.github.io
December 2, 2025 at 6:32 PM
From Zero to SYSTEM: Building PrintSpoofer from Scratch
Le Collimateur
Appréhender la menace russe, de l'Ukraine au retour du service militaire [Le Casque et la plume #16]
youtu.be/dJFaCQhgnrY?...
Appréhender la menace russe, de l'Ukraine au retour du service militaire [Le Casque et la plume #16]
youtu.be/dJFaCQhgnrY?...
Appréhender la menace russe, de l'Ukraine au retour du service militaire [Le Casque et la plume #16]
YouTube video by Le Collimateur
youtu.be
December 2, 2025 at 12:29 PM
Le Collimateur
Appréhender la menace russe, de l'Ukraine au retour du service militaire [Le Casque et la plume #16]
youtu.be/dJFaCQhgnrY?...
Appréhender la menace russe, de l'Ukraine au retour du service militaire [Le Casque et la plume #16]
youtu.be/dJFaCQhgnrY?...
An Evening with Claude (Code) - XPN InfoSec Blog blog.xpnsec.com/An-Evening-w...
An Evening with Claude (Code)
A deep dive into discovering CVE-2025-64755, a vulnerability in Claude Code v2.0.25. This post walks through the process of reversing the obfuscated Claude Code JavaScript, and exploiting weak regex…
blog.xpnsec.com
November 29, 2025 at 9:12 PM
An Evening with Claude (Code) - XPN InfoSec Blog blog.xpnsec.com/An-Evening-w...
3 Recent OAuth TTPs + How to Detect Them with Entra ID Logs | Wiz Blog www.wiz.io/blog/recent-...
3 Recent OAuth TTPs + How to Detect Them with Entra ID Logs | Wiz Blog
Attackers abuse OAuth flows like device code phishing and ROPC to bypass MFA and gain persistence in Azure. Here's how to detect them with Entra ID logs.
www.wiz.io
November 29, 2025 at 8:43 PM
3 Recent OAuth TTPs + How to Detect Them with Entra ID Logs | Wiz Blog www.wiz.io/blog/recent-...
The Trojan Horse You Didn’t Check: PHP Session Unserialization as an Attack Vector
d3caff.gitbook.io/me/blog-post...
d3caff.gitbook.io/me/blog-post...
The Trojan Horse You Didn’t Check: PHP Session Unserialization as an Attack Vector | d3caff
File uploads are often considered a risky surface in web applications. To reduce this risk, developers apply restrictions to allow only specific file types, most often images and documents. The goal…
www.cisa.gov
November 29, 2025 at 8:29 PM
The Trojan Horse You Didn’t Check: PHP Session Unserialization as an Attack Vector
d3caff.gitbook.io/me/blog-post...
d3caff.gitbook.io/me/blog-post...
Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications
www.cisa.gov/news-events/...
www.cisa.gov/news-events/...
How to Research & Reverse Web Vulnerabilities 101 — ProjectDiscovery Blog
Introduction This blog serves as a detailed methodology guide for analyzing, reversing, and researching web vulnerabilities, particularly those with CVEs assigned. The content outlines repeatable…
www.cisa.gov
November 29, 2025 at 8:22 AM
Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications
www.cisa.gov/news-events/...
www.cisa.gov/news-events/...
How to Research & Reverse Web Vulnerabilities 101 — ProjectDiscovery Blog projectdiscovery.io/blog/how-to-...
How to Research & Reverse Web Vulnerabilities 101 — ProjectDiscovery Blog
Introduction This blog serves as a detailed methodology guide for analyzing, reversing, and researching web vulnerabilities, particularly those with CVEs assigned. The content outlines repeatable…
projectdiscovery.io
November 28, 2025 at 8:04 PM
How to Research & Reverse Web Vulnerabilities 101 — ProjectDiscovery Blog projectdiscovery.io/blog/how-to-...
Write Path Traversal to a RCE Art Department
lab.ctbb.show/research/wri...
lab.ctbb.show/research/wri...
Write Path Traversal to a RCE Art Department
Abusing Write Path Traversal for Living Off the Land Remote Code Execution
lab.ctbb.show
November 28, 2025 at 7:58 PM
Write Path Traversal to a RCE Art Department
lab.ctbb.show/research/wri...
lab.ctbb.show/research/wri...
An updated, curated collection of Hashcat rules for cracking complex passwords.
github.com/ibnaleem/rules
github.com/ibnaleem/rules
GitHub - ibnaleem/rules: Lastest Hashcat rules for password cracking
Lastest Hashcat rules for password cracking. Contribute to ibnaleem/rules development by creating an account on GitHub.
github.com
November 28, 2025 at 7:31 PM
An updated, curated collection of Hashcat rules for cracking complex passwords.
github.com/ibnaleem/rules
github.com/ibnaleem/rules
Reposted by WarthogTK
Cession à LVMH du groupe de presse Croque Futur : face aux craintes sociales, éthiques et éditoriales, les syndicats de journalistes apportent leur SOUTIEN aux rédactions de La Recherche, de Science et Avenir, et du magazine économique Challenges
COMMUNIQUÉ INTERSYNDICAL ⬇️
snj.fr/soutien-aux-...
COMMUNIQUÉ INTERSYNDICAL ⬇️
snj.fr/soutien-aux-...
![Le propriétaire historique du groupe, Claude Perdriel, s'apprête en effet à céder ses parts au groupe LVMH, détenu par le milliardaire Bernard Arnault, via sa holding consacrée au secteur des médias, Ufipar. La prise de contrôle pourrait être effective dans les prochaines semaines.
Quelles seront les conséquences éditoriales et sociales pour ces trois titres et leurs 135 salariés ?
Depuis l'annonce de cette vente, au mois d'octobre, les représentants du personnel des Editions Croque Futur n'ont de cesse de demander des garanties au futur propriétaire.
Ce dernier ne s'est toujours pas engagé sur des sujets majeurs, alimentant l'anxiété des salariés.
Parmi les points cruciaux : le respect de la charte interne de Challenges, texte essentiel pour la rédaction, qui définit la ligne éditoriale de l'hebdomadaire et en garantit l'indépendance. Pour l'équipe de Challenges, cette charte “constitue un actif immatériel et intangible de l'entreprise”. L'émissaire de Bernard Arnault (rôle étrangement confié à Nicolas Beytout, par ailleurs patron du quotidien L'Opinion) a rejeté à plusieurs reprises l'idée que cette charte pourrait continuer à s'appliquer après la vente.
[...)
A Sciences et Avenir et La Recherche, les discussions en vue de l'adoption d’une charte similaire n’ont pas encore abouti, et le risque est grand qu’elles soient abandonnées en cas de prise de contrôle par LVMH. Face au risque d'amplification de la désinformation scientifique, les garde-fous déontologiques sont pourtant plus nécessaires que jamais.
Sur le plan social, les intentions du potentiel repreneur sont plutôt floues et les élus du Comité Social et Economique (CSE) ont le plus grand mal à obtenir les informations nécessaires. Quelles garanties sur le maintien des emplois? Quel est le projet organisationnel ? Même l'application du dispositif légal de clause de cession semble poser problème, le potentiel repreneur souhaitant imposer des restrictions.
[...]
Paris, jeudi 27 novembre 2025](https://cdn.bsky.app/img/feed_thumbnail/plain/did:plc:d33kyvdcznjzyrdu3v7x22pt/bafkreigw4hefdatzcm3bmgjd4huyojwhchemjq2s4dm3dkzoavvg2fqssm@jpeg)
November 27, 2025 at 3:34 PM
Cession à LVMH du groupe de presse Croque Futur : face aux craintes sociales, éthiques et éditoriales, les syndicats de journalistes apportent leur SOUTIEN aux rédactions de La Recherche, de Science et Avenir, et du magazine économique Challenges
COMMUNIQUÉ INTERSYNDICAL ⬇️
snj.fr/soutien-aux-...
COMMUNIQUÉ INTERSYNDICAL ⬇️
snj.fr/soutien-aux-...
Promotion de Zemmour, temps de parole contourné… «Complément d’enquête» démonte les méthodes de CNews
www.liberation.fr/economie/med...
www.france.tv/france-2/com...
www.liberation.fr/economie/med...
www.france.tv/france-2/com...
Promotion de Zemmour, temps de parole contourné… «Complément d’enquête» démonte les méthodes de CNews
«Libération» a visionné, avant sa diffusion, le documentaire programmé par France 2 jeudi 27 novembre, en pleine bataille entre les médias du service public et ceux de Vincent Bolloré.
www.liberation.fr
November 28, 2025 at 9:06 AM
Promotion de Zemmour, temps de parole contourné… «Complément d’enquête» démonte les méthodes de CNews
www.liberation.fr/economie/med...
www.france.tv/france-2/com...
www.liberation.fr/economie/med...
www.france.tv/france-2/com...
RCE via a malicious SVG in mPDF
Bypassing a PHP stream wrapper blacklist
medium.com
November 26, 2025 at 7:50 PM
Less Praying More Relaying - Enumerating EPA Enforcement for MSSQL and HTTPS
specterops.io/blog/2025/11...
specterops.io/blog/2025/11...
Less Praying More Relaying - Enumerating EPA Enforcement for MSSQL and HTTPS - SpecterOps
It's important to know if your NTLM relay will be prevented by integrity protections such as EPA, before setting up for and attempting the attack. In this post, we share how to solve this problem for…
specterops.io
November 25, 2025 at 7:08 PM
Less Praying More Relaying - Enumerating EPA Enforcement for MSSQL and HTTPS
specterops.io/blog/2025/11...
specterops.io/blog/2025/11...
Remotely crashing the Spooler service
www.incendium.rocks/posts/Remote...
www.incendium.rocks/posts/Remote...
Remotely crashing the Spooler service
Showcasing a vulnerability in Windows that causes the Spooler service to crash remotely.
www.incendium.rocks
November 23, 2025 at 8:53 AM
Remotely crashing the Spooler service
www.incendium.rocks/posts/Remote...
www.incendium.rocks/posts/Remote...
Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757)
slcyber.io/research-cen...
slcyber.io/research-cen...
Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757) › Searchlight Cyber
Intro Earlier this year, in January, Oracle Cloud's login service (login.us2.oraclecloud.com) was breached—this led to the compromise of 6M records and over 140k Oracle Cloud tenants. Analysis showed…
slcyber.io
November 22, 2025 at 9:58 PM
Breaking Oracle’s Identity Manager: Pre-Auth RCE (CVE-2025-61757)
slcyber.io/research-cen...
slcyber.io/research-cen...
SCCM’s AdminService uses Entra tokens without confirming the UPN exists in AD. A crafted synced UPN can let an attacker impersonate the site server. Microsoft now requires on-prem SID matching (CVE-2025-59501).
specterops.io/blog/2025/11...
github.com/garrettfoste...
specterops.io/blog/2025/11...
github.com/garrettfoste...
GitHub - garrettfoster13/CVE-2025-59501: CVE-2025-59501 POC code
CVE-2025-59501 POC code. Contribute to garrettfoster13/CVE-2025-59501 development by creating an account on GitHub.
github.com
November 22, 2025 at 7:54 PM
SCCM’s AdminService uses Entra tokens without confirming the UPN exists in AD. A crafted synced UPN can let an attacker impersonate the site server. Microsoft now requires on-prem SID matching (CVE-2025-59501).
specterops.io/blog/2025/11...
github.com/garrettfoste...
specterops.io/blog/2025/11...
github.com/garrettfoste...
Active Directory Security: Trusts Stuck on Windows 2000 Attributes www.tenable.com/blog/active-...
Active Directory Security: Trusts Stuck on Windows 2000 Attributes | Tenable®
Upgrading Active Directory from Windows 2000 doesn't fix old intra-forest trusts. This security anomaly can lead to misidentification as potentially insecure external trusts. See Tenable's solution.
www.tenable.com
November 21, 2025 at 9:26 PM
Active Directory Security: Trusts Stuck on Windows 2000 Attributes www.tenable.com/blog/active-...