A critical security vulnerability in OneLogin’s Active Directory (AD) Connector service has exposed enterprise authentication systems to significant risk The flaw, now reportedly fixed, uncovered…
Attackers are using the TeamFiltration pentesting framework to brute-force their way into Microsoft Entra ID (formerly Azure AD) accounts, Proofpoint researchers have discovered. “Proofpoint’s research…
Cybercriminals have discovered a sophisticated new attack vector that exploits a critical flaw in Discord’s invitation system, allowing them to hijack expired invite links and…
The theme of this year’s RSAC is “Many Voices. One Community.” While our field can rightly claim “many voices”, portraying it as a “community” is…
Microsoft has addressed multiple critical issues affecting Windows Server 2025 domain controllers through its June 2025 Patch Tuesday updates, resolving authentication failures and network connectivity…
Huge list of tools presented at various Black Hat conferences, how attackers evade modern EDR, OpenAI’s report on threat actor campaigns they’ve disrupted I hope…
Government agencies are operating with massive amounts of “security debt” — meaning unresolved vulnerabilities — putting them and the public at increased risk of falling…
Hackers have been using the TeamFiltration pentesting framework to target more than 80,000 Microsoft Entra ID accounts at hundreds of organizations worldwide. The campaign started last…
Cybercriminals have begun exploiting the surge in popularity of DeepSeek-R1, one of the most sought-after large language models currently available, to distribute a sophisticated new…
SoftBank has previously experienced significant data breaches. In 2004, the company confirmed that personal information on 4,517,039 customers had been leaked through two separate cases…
Cybersecurity researchers have discovered a novel attack technique called TokenBreak that can be used to bypass a large language model’s (LLM) safety and content moderation…
A series of critical security vulnerabilities across GitLab Community Edition (CE) and Enterprise Edition (EE) platforms that could enable attackers to achieve complete account takeover…
![[tl;dr sec] #283 - Awesome Black Hat Tools, Evading EDR, Disrupting Malicious Uses of AI](https://image.cybernoz.com/wp-content/uploads/2025/06/tldr-sec-283-Awesome-Black-Hat-Tools-Evading-EDR.png)
